#girlgonecrypto #certik #auditreport #education #defi #crypto #blockchain
CertiK has teamed up with Girl Gone Crypto to help you understand audits 🧠
An audit is a good first step for every project, but as a user or investor, what do the results mean?
See where to go, what to look for, and more on your #crypto journey at:
Okay so let’s say you’re checking out a project and are doing your research and you see that it’s been audited. Great, phew, sigh of relief… but hold up… just because a smart contract was audited doesn’t necessarily mean the audit was good.
When doing your own research, it’s important to go one step further and actually check out the audit report. Now reading audit reports might sound a little complicated and technical, but it’s actually a lot easier than you think. So in this video, we are going to dive into how to read and evaluate a CertiK audit report.
So first of all - what kind of information do these reports actually look at? A security audit is a line-by-line inspection of a smart contract's code.
Smart contracts are self-executing agreements between a buyer and seller that are stored on a blockchain. Security audits can reveal vulnerabilities in a smart contract by identifying coding errors and potential risks.
CertiK essentially examines these smart contracts and blockchain ecosystems. CertiK’s security experts manually review these contracts, using AI solutions and mathematical approaches to analyze their quality.
So now let’s dive into the HOW. Where do you go to find this information and what should you be looking for?
When you visit CertiK.com, you’ll notice a search bar on their Security Leaderboard. Type in the name of the particular project you’re interested in. This will take you to the project’s full audit report.
Under the Findings section, check to see that the vulnerability issues have been identified and fixed. If a project has unresolved issues, it’s important to research why.
CertiK only audits contracts sent to them, so make sure to check which contracts were audited and always review the report in detail.
To learn more about smart contracts and security audits, and how you can better do your own research - visit CertiK.com/resources
CertiK is excited to announce the launch of our new Badges and Honors for project teams!
Badges and Honors are designed to increase the visibility of the projects we secure and to celebrate the most exceptional security practices across our client base.
CertiK’s mission is to Secure the Web3 World.
CertiK’s badge system is designed to increase visibility, identify, and celebrate the projects we audit with the most exceptional security practices.
The Verified Contract Badge certifies proof that CertiK has audited a given contract in the exact state in which it has been deployed.
The Skynet Badge certifies that a project uses CertiK's live, on-chain security monitoring and data insights to flag security events across their platform.
The KYC Badge indicates successful completion of CertiK's KYC program, the most rigorous KYC program available for Web3 projects.
The Top 10% Security Score honors projects with the leading security marks in our industry. This score covers our audits and general best practices.
The Top 10% Watched honor, acknowledges projects on our site with the most followers. Sign up to add your favorite projects to your watchlist.
CertiK is the only major security provider that offers a public symbol of trust.
To learn more about the badges and honors on CertK’s leaderboard, visit CertiK.com/resources.
A new CertiK series giving users bite-size tips and info to stay informed and safe in the #crypto space. Episode 8 What is Centralization Risk? Learn what #centralizationrisk is, how it works, how you can minimize your risk with CertiK's auditing, and more all under 2 mins!
Centralization risks are vulnerabilities that can be exploited both by malicious developers of a project as well as outside attackers. They can be taken advantage of in rug pulls, infinite minting exploits, and other types of attacks.
In token minting contract exploits, if someone gains access to the private key of the contract, they can mint as many new tokens and send them anywhere they’d like.
With rug pulls, project founders can sell all of the tokens they hold - draining the liquidity from a decentralized exchange. Other rug pulls involve founders stealing tokens from a presale lockup contract. Rug pulls thrive on decentralized exchanges because they allow free listings of new tokens with no requirement of a smart contract audit.
Smart contract audits are a necessary first step in identifying centralization risk. CertiK smart contract audits highlight all centralization risks by identifying 5 types of issues: Critical, Major, Medium, Minor, and Informational.
Users can be confident in the security of a project that follows CertiK’s recommendations, such as implementing timelocks and multi signature custody solutions.
To learn more about centralization risks, visit CertiK.com/resources.