#girlgonecrypto #certik #auditreport #education #defi #crypto #blockchain
CertiK has teamed up with Girl Gone Crypto to help you understand audits 🧠
An audit is a good first step for every project, but as a user or investor, what do the results mean?
See where to go, what to look for, and more on your #crypto journey at:
Okay so let’s say you’re checking out a project and are doing your research and you see that it’s been audited. Great, phew, sigh of relief… but hold up… just because a smart contract was audited doesn’t necessarily mean the audit was good.
When doing your own research, it’s important to go one step further and actually check out the audit report. Now reading audit reports might sound a little complicated and technical, but it’s actually a lot easier than you think. So in this video, we are going to dive into how to read and evaluate a CertiK audit report.
So first of all - what kind of information do these reports actually look at? A security audit is a line-by-line inspection of a smart contract's code.
Smart contracts are self-executing agreements between a buyer and seller that are stored on a blockchain. Security audits can reveal vulnerabilities in a smart contract by identifying coding errors and potential risks.
CertiK essentially examines these smart contracts and blockchain ecosystems. CertiK’s security experts manually review these contracts, using AI solutions and mathematical approaches to analyze their quality.
So now let’s dive into the HOW. Where do you go to find this information and what should you be looking for?
When you visit CertiK.com, you’ll notice a search bar on their Security Leaderboard. Type in the name of the particular project you’re interested in. This will take you to the project’s full audit report.
Under the Findings section, check to see that the vulnerability issues have been identified and fixed. If a project has unresolved issues, it’s important to research why.
CertiK only audits contracts sent to them, so make sure to check which contracts were audited and always review the report in detail.
To learn more about smart contracts and security audits, and how you can better do your own research - visit CertiK.com/resources
#certik #flashloan #defi #blockchain #cryptocurrency
A new CertiK series giving users bite-size tips and info to stay informed and safe in the #crypto space. Episode 9: What is a Flash Loan?
Learn how a #flashloan works and more in under 2 mins!
A flash loan is an uncollateralized short-term loan. They are a new invention in the Defi space, introduced by the lending protocol, AAVE. A smart contract is used to borrow and repay flash loans in the same transaction. If a flash loan isn’t repaid in the same transaction, the transaction fails, making it as though the loan never happened.
Flash loans present an opportunity for high-frequency and arbitrage traders with the ability to instantaneously access capital, allowing a trader to sell on one exchange and purchase on another. Arbitrage was more common when liquidity was low and exchanges didn’t share price feeds.
Flash loans have been used to attack exchanges and protocols. This occurs when a malicious user takes out a flash loan from a lending protocol and uses the borrowed funds to manipulate prices on another protocol. Flash loan attacks are very lucrative because the attacker does not have to deploy a lot of capital to carry out the attack.
Smart contract audits are a necessary first step in mitigating a flash loan attack. CertiK’s Skynet on-chain monitoring helps recognize these attacks in real-time and broadcasts community alerts on the Security Leaderboard.
From smart contract audits to on-chain monitoring, there are tools in place to help projects build safer protocols from the ground up.
To learn more about flash loans, visit CertiK.com/resources.
New Security in 60 Seconds episode Give us 1 minute, and we'll give you the findings. Check out the review of Hoge's audit report on CertiK's Security Leaderboard. https://www.certik.com/projects/hogefinance
Auditing is a complicated and essential step in the security process. At CertiK, we review the top DeFi projects to help you better understand the findings from our experts.
HOGE is an ERC20 token on the Ethereum blockchain. It has a 2% tax on every transaction. One-half of that tax is transferred back to wallet holders. The other half is burned forever.
This audit covers Hoge on the Ethereum platform.
The summary describes the audit and the types of analyses used.
Overview shows the programming language, the blockchain used, and a link to the project's codebase. The Vulnerability Summary lists issues that need resolution. Audit Scope displays which contracts were audited.
Findings highlight all issues and ranks them in terms of severity from critical to discussion.
In this audit, we found 0 Critical, 0 Major, 0 Medium, 2 Minor, and 3 Informational issues. The Hoge team has acknowledged all of the issues.
Visit CertiK.com for the full report.