June 01, 2022

BEOSIN | Public Blockchain Security Audit Solution Fully Upgraded

Background

In 2009, the emergence of Bitcoin marked the birth of the first generation of public blockchain. Subsequently, Ethereum enabled the combination of blockchain and smart contracts. After 2017, several public blockchains emerged with concepts such as “cross-chain”, “high throughput”, and “cracking the impossible triangle”.


With the explosion of new technologies and new businesses such as digital currencies, NFTs, and metaverse, more and more people are getting involved in the discussion of decentralization, virtual identity, and cryptocurrency, which also raises the public’s expectation of Web 3.0.


As the underlying architecture of Web 3.0, public blockchains are experiencing booming development, and their security issues should also be taken seriously.




What are the classic vulnerabilities that have occurred on public blockchain?

A public blockchain is a blockchain where anyone in the world can read and send transactions, and where transactions’ validity can be confirmed to participate in the consensus process.


public blockchains have suffered many vulnerabilities throughout their history. For example:


(1) Ethereum EIP-1559 vulnerability


An Ethereum developer from Sweden has discovered a major vulnerability in EIP-1559 that could overwhelm the network by not limiting the maximum amount that users use to accelerate transactions. An attacker could pass a huge number into it to overload the network. Developers have added four checks to EIP-1559 and fixed the vulnerability.


(2) BSV suffered a 51% attack


BSV suffered a “massive” 51% attack on August 3, 2021, resulting in three versions of the chain being mined simultaneously. It was later confirmed that its FARUM risk management platform had identified the 51% attack. “The attackers were able to take over the chain,” said a product manager, “All exchanges that received deposits from BSV during this time were probably double-spent.”


(3) Filecoin testnet unlimited mint vulnerability


On May 28, 2020, a technical team discovered an unlimited mint vulnerability in the Filecoin testnet. Afterwards, the technical team achieved the additional issuance of 4.8 billion FILs through the vulnerability, thus verifying the effectiveness of the vulnerability. After revealing the principle of the vulnerability, 9.3 billion FILs have been minted on the testnet by users. The FileCoin team fixed the vulnerability as soon as it was discovered.


(4) ETC suffered a 51% attack


In August 2020, ETC was subjected to 51% attacks three times. on August 1, ETC was subjected to the first attack, which led to the restructuring of more than 3,000 blocks, and the attackers made more than $5.6 million in profit; on August 6, ETC was subjected to the second attack, which led to the restructuring of more than 4,000 blocks, and the attackers made more than $1.7 million in profit; on August 30, ETC was subjected to the third attack, which led to the restructuring of more than 7,000 blocks, the profit from this attack is still unclear.



How does BEOSIN audit public blockchains?

The public blockchain security audit service created by Beosin provides multi-dimensional security audit for blockchain platforms, and effectively guarantee the overall security of blockchain platform in aspects of node communication, storage, consensus and authority management through different auditing methods, such as black box, gray box and white box testing.


Here are some audit types and sub-items of our public blockchain service.






BEOSIN has accumulated rich experience and advanced vulnerability mining technology after years of practical and security research, and we hope to work together to build a more secure blockchain ecosystem.


Our audit service is conducted using a combination of formal verification tools and manual audits. The audit report summarizes the results from the formal verification tool and manual review including detailed information about the identified vulnerabilities with severity (critical, high, medium, low and informational) and fix recommendations. With Charts and graphs, the report presents you with a visual insight into your project.




Recommendation

As a global blockchain security industry leader, BEOSIN attaches great importance to the security of public blockchain and its ecosystem. BEOSIN has established an all-in-one blockchain security solution from development, operation, and compliance to strongly promote the development of blockchain ecosystem through our security products and services.


It is recommended that public blockchain project parties improve the stability and effectiveness of the code in the blockchain system through security audits, also improve the security with products and services from third-party security companies.




More

1.What is the impact on Web3 after LUNA’s crash and DeFi “fled” ?


2. How to Ensure the Security of NFT Under the Web 3.0 Boom?


3. Beosin cryptocurrency tracing service is officially launched to smoothly solve stolen money into Tornado Cash


4. Investigation of Common Phishing Attacks in Web 3.0: Discord, Google Ads, Fake Domains and Others


5. 「RECAP」AMA About How to Keep Your Smart Contract Secure During Development With Beosin VaaS




Contact

If you have need any blockchain security services, please contact us:


Website Email Official Twitter Alert Telegram LinkedIn

Related Project

Related Project Secure Score

Guess you like
Learn More
  • Creating a $9 billion valuation in 5 years: what is Optimism?

    June 07, 2022

  • Investigation of Common Phishing Attacks in Web 3.0: Discord, Google Ads, Fake Domains and Others

    May 25, 2022

  • Analysis of Attack on Feminist Metaverse

    May 19, 2022

  • Beosin Has Completed Security Audit Service of Clip Protocol

    July 25, 2022

Join the community to discuss.