Protect Your Project Today
Strengthen your project with the largest web3 security provider.
A CertiK security expert will review your request and follow up shortly.

CertiK Has Completed Swipe’s SXP and Time-Lock Smart Contract Audits

Blogs ·Case Study ·
CertiK Has Completed Swipe’s SXP and Time-Lock Smart Contract Audits

As new innovators populate the ecosystem, blockchain adoption continues to grow. There have always been a variety of cryptocurrencies that drive different purposes but unite with one purpose — building a bridge from traditional financial systems to a digital financial landscapes.

In order to facilitate that broader blockchain adoption, Swipe works to create a global solution that allows millions of users to use cryptocurrency. Swipe strongly believes that blockchain technology and a cashless society is important for financial sectors to take the next step to broader adoption.

The Swipe Wallet enables users to have a multi-blockchain digital application with access to all of its features including:

  1. Access to over 20+ cryptocurrencies and fiat currencies all from one application
  2. Buying, selling, and paying with any supported cryptocurrency with your wallet
  3. The Swipe Oracle allows use of patent-pending processing systems to instantly access your cryptocurrencies
  4. The safety and security of all digital assets through a vetted custodian and 24/7 support

To support this system, Swipe has developed Swipe Tokens (SXP) as the utility tokens designed to be the gas and fuel to the Swipe Wallet, providing the system with a transparent and familiar structure.

“The Swipe Token is the centerpiece of the Swipe Wallet system, offering network fuel and access to receiving the services provided by Swipe, including financial services. That’s why it is so important to ensure that the underlying token that powers the system and bridges us is secure and safely operated on the Ethereum decentralized blockchain.” — Swipe Team

Similarly with the overall mission of growth and adoption in mind, Swipe built the SwipeTimeLock smart contract to push their vision forward. In this lock, the platform moved 60 million of the Founder and Advisor SXP tokens to a 6 year locked contract. This 6 year period is intended to further deploy the project, and ensure maximum success.

Due to the connectivity and reach of the Swipe Token, Swipe needed the assurance of CertiK, as the leader in the blockchain security space, to assure the security of their product.

CertiK’s Audit Process

CertiK was chosen by Swipe to audit the design and implementation of their SXP Smart Contract and Time-Lock Contract. The purpose of these audits were to make sure the smart contracts are robust enough to avoid potential unexpected loopholes and immune to classical security issues.

Utilizing CertiK’s Formal Verification Platform, Static Analysis, and Manual Review, a comprehensive examination has been performed. The auditing process pays special attention to the following considerations:

  • Testing the smart contracts against both common and uncommon attack vectors.
  • Assessment of the codebase for best practice and industry standards.
  • Ensuring contract logic meets the specifications and intentions of the client.
  • Cross referencing contract structure and implementation against similar smart contracts produced by industry leaders.
  • Thorough line by line manual review of the entire codebase by industry experts.

Overall we found both smart contracts, the SXP Token Contract and the Swipe Timelock Contract, to follow good practices. With the final update of source code and delivery of the audit reports, we conclude that the contracts are structurally sound and not vulnerable to any classically known anti-patterns or security issues.

About CertiK

CertiK is a blockchain and smart contract verification platform founded by top Formal Verification experts from Yale and Columbia University. Incubated by Binance Labs, Certik has strategic partnerships with the world’s leading crypto exchanges such as Binance, OKEx, and Huobi, as well as protocols such as NEO, ICON, and QuarkChain.

CertiK’s formal verification method works differently than traditional testing approaches: rather than working manually, CertiK mathematically proves blockchain ecosystem and smart contracts are hacker-resistant and bug-free at scale. CertiK has secured over $4B in asset value, auditing several projects across all major protocols, including BNB, Terra, Crypto.com, and TUSD.

To request the audit/verification of your smart contracts, please email [email protected] or visit certik.io to submit the request.

Twitter: https://twitter.com/CertiKCommunity

Reddit: https://www.reddit.com/r/CertiKOrg/

Telegram: https://t.me/certikorg

LinkedIn: https://www.linkedin.com/company/certik

Related Blogs

CertiK Completes Proof of Reserves Verification for Gate Dubai
New · News ·Announcements

CertiK Completes Proof of Reserves Verification for Gate Dubai

CertiK has completed an independent Proof of Reserves (PoR) audit for Gate Technology FZE, the Dubai-based entity of the Gate Group. Gate Dubai exchange is licensed by the Virtual Assets Regulatory Authority (VARA). The audit verified that the platform's on-chain reserves fully back its user liabilities across all in-scope assets as of December 31, 2025.

Technical Deep Dive | CertiK Helped Fix a DoS Vulnerability in Solana’s Big-Integer Modular Exponentiation
Technical Blogs ·Educational

Technical Deep Dive | CertiK Helped Fix a DoS Vulnerability in Solana’s Big-Integer Modular Exponentiation

This article takes an in-depth look at the importance of blockchain transaction fee models and their critical role in ensuring network security and efficient operation. By comparing the transaction fee models of Ethereum and Solana, it highlights how unsafe transaction pricing can introduce network security risks. The article especially focuses on a compute-unit (CU) accounting error in Solana’s big-integer modular exponentiation syscall discovered and reported by the CertiK team, which could lead to a potential remote DoS attack. It further analyzes Solana’s smart-contract pricing model, PoH-related timing mechanics, and parallel transaction processing, and reproduces the remote DoS process and cost via experiments on a private Solana cluster.

Post-Quantum Signatures, Part 1: Understanding One-Time Signature
Technical Blogs ·Educational

Post-Quantum Signatures, Part 1: Understanding One-Time Signature

Digital signatures are a cornerstone of modern information security, providing authenticity, integrity, and non-repudiation for digital communications. The security of prevalent schemes such as RSA, DSA, and ECDSA is predicated on the computational hardness of number-theoretic problems—specifically, integer factorization and the discrete logarithm problem. However, the advent of large-scale quantum computers threatens to render these foundations obsolete. Shor's algorithm, a quantum algorithm, can solve both problems in polynomial time, effectively breaking the cryptographic security of a significant portion of our current digital infrastructure.