May 05, 2022

Beosin Has Completed Security Audit Service of Alpha Quark: No Critical





Project Overview

Audit work duration: April 14, 2022 — April 18, 2022


Audit methods: Formal Verification, Static Analysis, Typical Case Testing and Manual Review.


Audit team: Beosin Technology Co. Ltd.





About Alpha Quark

Alpha Quark deals with intellectual property based NFT and metaverse. Alpha Quark provides NFT marketplace and metaverse experience for users so that Alpha Quark token can be used as utility token in the ecosystem.


The NFTAQ721 of Alpha Quark is a lending platform where users can pledge their NFTs to borrow BEP20 tokens. The signatures of both lender and borrower are required at the beginning of the loan, and the NFT pledged in the loan and the BEP20 of the loan need to be whitelisted by the NFTaq contract. After the verification is passed, the borrower’s NFT is pledged to the NFTaq contract, and the lender’s BEP20 is transferred to the borrower. The NFTaq contract will mint the NFTAQ721 for the lender, and then the lender can transfer NFTAQ721 to other users to realize the creditor’s rights transfer. When the loan is not liquidated, the borrower needs to redeem the pledged NFT with the principal and interest of the corresponding BEP20 token. If the loan is not repaid beyond the loan period, everyone can liquidate the loan, transfer the NFT pledged in the contract to the owner of the NFTAQ721, and burn the NFTAQ721.




Audit Results

After auditing, 4 Low-risk and 2 Info items were identified in the NFTAQ721 project. No Critical, High or Medium risk issues were found during the auditing process. The final audit results are available in the audit report.


Enter 202204181629 to view the report at https://beosin.com/#/index/service/contracts





Audit Workflow

Beosin has focused on the core security issues such as contract permission control, execution of business logic, and signature data replay during the audit process. The auditing workflow is mainly as follows:




  1. Conduct preliminary source code review;


2.Use Beosin’s self-developed automatic smart contract formal verification platform — VaaS to conduct an in-depth detection of the contract codes in all aspects;


3.Practical deployment and validation via sandbox simulation;


4.Manual line-by-line code review by security experts;


5.Complete the final audit report.




More

1. VaaS — Automatic Detection Tool , Make Your Smart Contract Secure In Web3.0


2. How to Ensure the Security of NFT Under the Web 3.0 Boom?


3. DEUS Finance Suffered its Second Flashloan Attack This Year: Beosin’s Detailed Analysis


4. Beosin Has Completed Security Audit Service of Crypto LEGO ALG


5. Beosin Has Completed Security Audit Service of MasterChefV2 and cake-pool Contracts in PancakeSwap


6. 「RECAP」AMA About How to Keep Your Smart Contract Secure During Development With Beosin VaaS




Contact

If you have need any blockchain security services, please contact us:


Website Email Official Twitter Alert Telegram LinkedIn

Related Project

Related Project Secure Score

Guess you like
Learn More
  • Beosin’s Detailed Analysis of Fortress’s Oracle Manipulation Attack

    May 09, 2022

  • Loss Exceeds $80M Due to Reentrancy Vulnerability in Contract

    April 30, 2022

  • Monthly Recap: More than 21 Typical Security Incidents Occurred in April 2022

    April 29, 2022

  • 「RECAP」AMA About How to Keep Your Smart Contract Secure During Development With Beosin VaaS

    April 29, 2022

Join the community to discuss.