NEW YORK, 12/02/2021 - We’re happy to announce that the implementation of Ideaology’s crowdfunding smart-contractwas successfully audited by CertiK Professional Services Division. In this spotlight, we elaborate on the scope of the audit, as well as present some of the issues found during the auditing process.
Ideaology is a community-led crowdfunding platform, that also acts as a launchpad for blockchain start-ups, effectively propelling projects by offering a productive environment to grow and exchange ideas, find and/or exchange the right human resources, and allow investors to monitor the progress of a venture, as well as its background before investing directly into it through the native platform.
Code Review & Auditing Process
The initial review was conducted between February 6th, and February 9th, 2021, by CertiK security engineers Alex Papageorgiou, and Angelos Apostolidis.
This report outlines the findings of CertiK Professional Services engineers during their engagement with Ideaology’s implementation of their native crowdfunding smart contract.
Although our findings mainly refer to optimizations and Solidity coding standards, the Ideaology development team is asked to remediate the high severity exhibits (one major, two medium, and one minor issue) on the next version of their codebase.
The in-depth investigation of the smart contract in question included Static Analysis and Manual Review techniques. The auditing process focused on the following considerations:
- Testing smart contract against both common and uncommon attack vectors.
- Assessing the codebase to ensure compliance with current best practices and industry standards.
- Ensuring contract logic meets the specifications and intentions of the client.
- Cross-referencing contract structure and implementation against similar smart contracts produced by industry leaders.
- Through a line-by-line manual review of the entire codebase.
A total of sixteen (16) findings were identified and presented in the vulnerability summary, of which the majority was of informational nature (12). Additionally, one (1) minor, two (2) medium, and one (1) major issues were found during the auditing process, and the Ideaology team swifted to alleviate all findings highlighted by the CertiK Professional Services team, pointing towards a well-written codebase by the team’s engineers.
You can review the full audi there.
“Blockchain-powered crowdfunding operations such as the one offered by Ideaology, naturally have to deal with a plethora of Web3 users and their respective funds. Therefore, the health and security of the contracts responsible for the safety of these funds should be of high-quality and in accordance with modern industry standards. We’re happy to be the security partner of choice for Ideaology and we’re excited to see their commitment in securing their userbase.”-Yvan Nasr, Global Head of Professional Services, CertiK
Ideaology is a Dubai-based blockchain-oriented company building a digital ecosystem – Active IDEA – which will harbor a community of professionals and enterprises collaborating, investing, and growing together. The Active IDEA platform connects all the likely associates of a successful business endeavor, including innovators, freelance professionals, advisors, and investors. The ecosystem is built on blockchain technology enabling it to conduct an efficient and decentralized economy based on the Ideaology (IDEA) token.
CertiK is an edge-standards cybersecurity firm founded by Computer Science professors hailing from Yale and Columbia University respectively, aiming to improve the security and correctness of smart contracts and blockchain protocols on a global scale.
Leveraging a seasoned team of multi-skilled engineers and security auditors, CertiK’s mission is to apply a plethora of high-level industry practices, covering the entire spectrum of static, manual, and dynamic analyses, in order to ensure each project subject to a formal audit is up-to-date with modern security standards while offering their services to the broader DLT community.
Over the past few years, CertiK has serviced more than 100 top-shelf blockchains, DeFi protocols, among other complex and/or custom smart contracts, including but not limited to Binance, Tera, Bancor, Shapeshift, and Blockstack.
Consult with one of our experts email@example.com