Kava Labs Successfully Verifies Its Confidence In Harvest.io With Third CertiK Audit

CertiK | Oct 27, 2020

Article's Poster

NEW YORK, 21/10/2020- Kava Labs, a cross-chain DeFi lending platform, has audited the implementation of its Harvest module with CertiK, successfully verifying its confidence in the system.

Use-Case Profile

Kava is a multi-asset, interoperable DeFi platform built with the Cosmos SDK, to offer collateralized loans and stablecoins such as USDX.

Backed by Binance among other fintech giants, Kava is expanding its influence with its first app Harvest.io, a cross-chain money market that would leverage the Kava DeFi architecture to connect a variety of digital assets and virtual currencies hailing from a big spectrum of the broader blockchain industry.

Code Review & Auditing Process

A comprehensive examination has been performed, utilizing Dynamic Analysis, Static Analysis, and Manual review techniques. The auditing process pays special attention to the following considerations:

  • Testing smart contracts against both common and uncommon attack vectors.
  • Assessing the codebase to ensure compliance with current best practices and industry standards.
  • Ensuring contract logic meets the specifications and intentions of the client.
  • Cross-referencing contract structure and implementation against similar smart contracts produced by industry leaders.
  • Through a line-by-line manual review of the entire codebase.

Considering the fact Harvest is following a modular design based on the Cosmos SDK, CertiK engineers carefully inspected the module(s) within scope, following the official guidelines as outlined by the latter.

Furthermore, to ensure the credibility of the Harvest smart contracts, while minimizing the possibilities of unintentional state behaviors found in them, the auditing team analyzed the definition of state machines, while monitoring the behavior of state transitions when triggered by messages.

“This is the third time Kava entrusts its smart contracts’ integrity to CertiK. The latest audit showcased professional level code-quality and demonstrated Kava's commitment to modern industry standards. We’re excited to continue our ongoing relationship with Kava Labs as a trusted security provider.”-Yvan Nasr, Global Head of Professional Services, CertiK

Notable Recommendations

The full audit was completed with 4 total commits, of which all were of informational nature and no major, nor critical issues were found in the contract(s) examined.

The Kava Labs team was able to secure its confidence in its upcoming platform, showcasing professionalism and noble collaborative spirit in implementing the recommendations presented by the CertiK team.

Concluding, both parties elaborated on each case in a transparent manner, in a mutual fashion, while the full audit report can be further examined here.

“It’s great to be working with CertiK, the gold standard for audits, on Harvest’s cross-chain money market module. Harvest will be handling millions of dollars out of the gate, so it’s important we have it go through robust testing and auditing.

The safety of users’ funds come first and foremost. Passing this formal audit is the final step for us to feel confident the Harvest code not only meets our standards but surpasses the standards of the broader DeFi industry”-Brian Kerr, CEO of Kava Labs

About Kava

Kava is a cross-chain DeFi hub for financial services and applications. Built on the Cosmos-SDK, the Kava blockchain is interoperable and able to provide financial services and applications to users across a broad array of crypto networks.\ \ Harvest.io is the world’s first cross-chain money market and one of the first applications leveraging the Kava DeFi hub. Harvest enables crypto users to lend, borrow, and earn using major cryptocurrencies.

About CertiK

CertiK is a technology-led blockchain security company founded by Computer Science professors from Yale University and Columbia University built to prove the security and correctness of smart contracts and blockchain protocols.

CertiK’s mission of every audit is to apply different approaches and detection methods, ranging from manual, static, and dynamic analyses to ensure that the project is checked against known attacks and potential vulnerabilities. CertiK leverages a team of seasoned engineers and security auditors to apply testing methodologies and verifications on the project, in turn creating a more secure and robust software system.

CertiK has serviced more than 100 clients with high-quality auditing and consulting services, ranging from stablecoins such as Binance’s BGBP and Paxos Gold to decentralized oracles such as Band Protocol and Tellor.

To request your FREE consultation send us an email at bd@certik.io

Stay connected!

Website| Twitter| Linkedin| GitHub| CertiK Shield