First security assessment released
All images linked: certik.org#
First security assessment released
Today I found out via discord that the first security report commissioned to Certik to examine the smart contracts used for the cubfinance.org platform was delivered on the 30th.
This seems to be a mandatory milestone for all platforms that want to make use of DEFI technologies, both in ETH and BSC. Moreover, examining the report with a little attention, we can see that it is an important step as it reveals some vulnerabilities that can be used, as happened in its day with the WLEO contract.
According to the issued report, the objectives of the analysis are:- To verify that smart contracts are resistant to common and uncommon attacks.
- To check if the good practices applicable to the implementation of these contracts are complied with.
- Check that the contracts follow a structure and implementation similar to contracts made by industry leaders.
- Manual line-by-line review by expert professionals.
Once the analyses have been carried out, the report points out the following findings.
As can be seen, some problems have been found, but only 1 of real concern. I understand that right now the cubfinance development team is focused precisely on solving this incorrect use of the add() function. Let's see in detail what the problem is.
Findings
The problem has already been pointed out and commented in the code and it is not a real problem unless the function is misused by the owner, although it must be corrected to avoid that a malicious user can take advantage of it in case of finding another security hole.
Conclusion
Step by step the cubfinance/leofinance team is fulfilling all the necessary milestones to have a reliable and secure platform. All of us who have been here since the beginning have a blind trust in the team of Khal, Neal, ScaryCat, etc, but we have to keep in mind that if we want many other people to join our project, we need to be like Caesar's wife, not only to be honest but also to look honest. This is an important step towards this.
We are therefore looking forward to other promised developments, such as bridge, kingdoms, project-blank, 2021 is going to be a very exciting year.
LeoFinance is a blockchain-based social media community for Crypto & Finance content creators. Our tokenized app allows users and creators to engage and share content on the blockchain while earning cryptocurrency rewards.
| Track Hive Data | New Interface! | About Us |
|---|---|---|
| Hivestats | LeoFinance Beta | Learn More |
| Trade Hive Tokens | Hive Witness | |
|---|---|---|
| LeoDex | @financeleo | Vote |
Posted Using LeoFinance Beta
