Ethereum Smart Contract Security Audit
Ethereum - introduced the concept of smart contracts. Smart contracts can have unusual architecture, which can lead to new, specific and unique bugs. The PepperSec team keeps track of all new Solidity languge features as they are released, reported and common smart contract bugs, and is more than up for the task of detecting unique vulnerabilities specific to your area of of expertise.
Have a look at our public reportsWe consider the following attacker's models:
-
External attacker from the Ethereum network - random criminals seeking targets of opportunity
-
One of your users - those familiar with systems may feel they can exploit a vulnerability
-
If present, one of your social media group moderators - sometimes used as the 'long con' penentration attack
-
One of the owners or significant stockholders - specific regulatory body and jurisdiction may demand this
We perform the following set of procedures:
-
1
Emersion in your project: absorbing documentation, analyzing your White Paper, learning from developers and system architects about and interacting with your interfaces as both regular users and system admins.
-
2
Automatic security analysis: including web, network, mobile security scanning, source code analysis, and more to find common security flaws.
-
3
Manual security analysis and testing the holistic system to find uncommon vulnerabilities, also known as 0-day attacks.
-
4
Ranking discovered security flaws, сompiling the list of fixes and creating best practices to eliminate the identified problems.
-
5
Testing applied fixes to determine they are complete and did not inadvertently introduce new bugs or vulnerabilities.
-
6
Creating a substantial, visually stimulating report to describe the completed job from a third party perspective.
Contact Us
Ready to talk? Drop us a line. We’ll be glad to answer your questions and assist you in becoming secure.
hello@peppersec.com