CertiK Logo
Back to all stories
Case Studies
apM Coin Passes CertiK’s Verification Process
apM Coin Passes CertiK’s Verification Process

The apM Coin project aims to build a customer reward management platform optimized for on/offline business transactions.

Often times, traditional reward systems are built and managed by private organizations. These platforms lack in areas such as interoperability, security, and scale. And while reward programs are effective tools for marketing and customer acquisition, they also serve as data platforms that collect valuable information of effective growth strategies.

After realizing issues in the market, apM Coin applied blockchain technology to build a seamless rewards platform where users can earn rewards while merchants can utilize data. The advantages of using blockchain include:

  1. Transparency: users can share real-time information allowing them to earn, redeem, and monitor their rewards instantly
  2. Security: rewards are tokenized with eigenvalue and are hard to be hacked, forged, or changed
  3. Interoperable: blockchain protocols enable reward issuers to efficiently communicate with other issuers on the platform

Moreover, by partnering with industry leaders, the project has built a competitive advantage of business development and implementation. From the beginning stage of the project, apM Coin has developed its project cooperating with apM Group -- the owner of leading wholesale fashion malls in Seoul, whose 80% of buyers are traveling from Korea’s neighboring countries.

Audit Process & Recommendations

We worked closely with the apM Coin team to secure their apmcoin.sol smart contract. Our smart label engine scanned the source code using proprietary static analysis tools and code-review methodologies along with 100% formal verification coverage.

The auditing process pays special attention to the following considerations:

  1. Testing the smart contract against both common and uncommon attack vectors
  2. Assessing the codebase to ensure compliance with the current best practices and industry standards
  3. Ensuring contract logic meets the specifications and intentions of the client
  4. Cross referencing contract structure and implementation against similar smart contracts produced by industry leaders
  5. Thorough line by line manual review of the entire codebase by industry experts

Recommendations given to the apM Coin team were not critical to the overall functionality of the smart contract. The following were the given recommendations:

  1. Ensure the account is not an address(0)
  2. Use a modifier for isBlacklist checking, and consider providing error message next to the require checker for assisting user to identify error

About CertiK

CertiK leads blockchain security by pioneering the use of cutting-edge Formal Verification technology on smart contracts and blockchains. Unlike traditional security audits, Formal Verification mathematically proves program correctness and hacker-resistance. CertiK was founded by Computer Science professors of Yale University and Columbia University, securing over $5B in assets, including many of the world’s top projects.

The research efforts of CertiK have received grants from IBM and the Ethereum Foundation, and notable investors include Binance Labs, Bitmain, Lightspeed Venture Partners, Matrix Partners, and NEO Global Capital, among others.

To request the audit/verification of your smart contracts, please email audit@certik.com or visit certik.com to submit the request.