May 05, 2022
Beosin Has Completed Security Audit Service of Alpha Quark: No Critical
Project Overview
Audit work duration: April 14, 2022 — April 18, 2022
Audit methods: Formal Verification, Static Analysis, Typical Case Testing and Manual Review.
Audit team: Beosin Technology Co. Ltd.
About Alpha Quark
Alpha Quark deals with intellectual property based NFT and metaverse. Alpha Quark provides NFT marketplace and metaverse experience for users so that Alpha Quark token can be used as utility token in the ecosystem.
The NFTAQ721 of Alpha Quark is a lending platform where users can pledge their NFTs to borrow BEP20 tokens. The signatures of both lender and borrower are required at the beginning of the loan, and the NFT pledged in the loan and the BEP20 of the loan need to be whitelisted by the NFTaq contract. After the verification is passed, the borrower’s NFT is pledged to the NFTaq contract, and the lender’s BEP20 is transferred to the borrower. The NFTaq contract will mint the NFTAQ721 for the lender, and then the lender can transfer NFTAQ721 to other users to realize the creditor’s rights transfer. When the loan is not liquidated, the borrower needs to redeem the pledged NFT with the principal and interest of the corresponding BEP20 token. If the loan is not repaid beyond the loan period, everyone can liquidate the loan, transfer the NFT pledged in the contract to the owner of the NFTAQ721, and burn the NFTAQ721.
Audit Results
After auditing, 4 Low-risk and 2 Info items were identified in the NFTAQ721 project. No Critical, High or Medium risk issues were found during the auditing process. The final audit results are available in the audit report.
Enter 202204181629 to view the report at https://beosin.com/#/index/service/contracts
Audit Workflow
Beosin has focused on the core security issues such as contract permission control, execution of business logic, and signature data replay during the audit process. The auditing workflow is mainly as follows:
- Conduct preliminary source code review;
2.Use Beosin’s self-developed automatic smart contract formal verification platform — VaaS to conduct an in-depth detection of the contract codes in all aspects;
3.Practical deployment and validation via sandbox simulation;
4.Manual line-by-line code review by security experts;
5.Complete the final audit report.
More
1. VaaS — Automatic Detection Tool , Make Your Smart Contract Secure In Web3.0
2. How to Ensure the Security of NFT Under the Web 3.0 Boom?
3. DEUS Finance Suffered its Second Flashloan Attack This Year: Beosin’s Detailed Analysis
4. Beosin Has Completed Security Audit Service of Crypto LEGO ALG
6. 「RECAP」AMA About How to Keep Your Smart Contract Secure During Development With Beosin VaaS
Contact
If you have need any blockchain security services, please contact us:
Related Project
Related Project Secure Score
Guess you like
Beosin’s Detailed Analysis of Fortress’s Oracle Manipulation Attack
May 09, 2022
Loss Exceeds $80M Due to Reentrancy Vulnerability in Contract
April 30, 2022
Monthly Recap: More than 21 Typical Security Incidents Occurred in April 2022
April 29, 2022
「RECAP」AMA About How to Keep Your Smart Contract Secure During Development With Beosin VaaS
April 29, 2022