FLETA Smart Contract Security Verified by CertiK
FLETA aims to provide the most developer-friendly blockchain infrastructure. It will deal with the existing problems of blockchains such as scalability, speed or decentralization and give developers a platform to create scalable and high-performing Dapps. As you can imagine, for a platform of this scale, we must do everything possible to make it work efficiently and securely. Decentralized platforms and applications usually deal with a lot of money and attackers can exploit the smallest of vulnerabilities in the backend. As history has taught us, this can lead to devastating consequences.
The DAO Attack
Back in 2016, the DAO was supposed touted as the Dapp that was going to make smart contract platforms mainstream. The idea was good and expectations were sky high. Unfortunately, there was a loophole in the DAO’s smart contract which a hacker exploited to siphon away $50 million worth of Ether. The after effects of this was devastating. The value of Ether plunged and the Ethereum community was split into Ethereum and Ethereum Classic. It is a testament to Ethereum’s developer community that they were able to bounce back from this setback.
The Bane of Faulty Smart Contracts
Unfortunately, there are many faults in smart contracts out there which are causing a host of issues:
- Firstly, as we have said, these contracts often deal with millions of dollars. Repeated hacking depletes the blockchain space of its finances.
- Secondly, developers work for days, weeks, and even months to put up a good quality product. A small loophole or bug can negate all the hard work they may have put in.
- Finally and most importantly, these repeated attacks decrease the credibility of the blockchain space and make mainstream adoption more difficult.
At FLETA, we realized that we had the responsibility to our community and the crypto space in general, to provide a faultless, high-quality product. This is why we obtained CertiK’s services.
What is CertiK?
CertiK is one of the premier blockchain and smart contract verification platforms in the world. It was founded by former senior software engineers from Google and Facebook and formal verification experts from Yale and Columbia University. Instead of doing simple auditing CertiK does formal verification. Formal verification is a process which mathematically shows what a program does and how it acts out. For mission-critical programs like smart contracts, formal verification is an absolute necessity.
CertiK has gained a lot of respect in the security industry. Binance Labs, DHVC, FBG Capital, Bitmain, and Lightspeed are just some of the companies that have invested in CertiK. On top of that, CertiK has also reached partnership agreements with exchanges like Binance, OKEx, and Huobi, as well as blockchain projects like NEO, ICON, and QuarkChain.
CertiK’s FLETA Report
CertiK classifies the vulnerabilities they discover among the following categories:
- Critical: The code implementation doesn’t match the specification and vulnerabilities are severe enough to cause loss of funds for the contract owner or users.
- Medium: The code implementation does not match the speciﬁcation at a specific condition, or it could aﬀect the security standard by lost of access control.
- Low: The code implementation is not a best practice, or use a suboptimal design pattern, which may lead to a security vulnerability, but no concern found yet
So, what were CertiK’s conclusions after formally verifying FLETA’s source code? Based on their research, we are glad to announce that FLETA has no Critical, Medium, or Low-level vulnerabilities!
As CertiK puts it in their FLETA report,
“The goal of this security audit is to guarantee that the audited smart contracts are robust enough to avoid any potential security loopholes.” We are proud of putting up a platform that has been deemed safe by a company like CertiK. This should give our users more reassurance about the credibility and security of the FLETA platform.
CertiK is a blockchain and smart contract verification platform founded by top Formal Verification experts from Yale and Columbia University. Incubated by Binance Labs, Certik has strategic partnerships with the world’s leading crypto exchanges such as Binance, OKEx, and Huobi, as well as protocols such as NEO, ICON, and QuarkChain.
CertiK’s formal verification method works differently than traditional testing approaches: rather than working manually, CertiK mathematically proves blockchain ecosystem and smart contracts are hacker-resistant and bug-free at scale. CertiK has secured over $4B in asset value, auditing several projects across all major protocols, including BNB, Terra, Crypto.com, and TUSD.
To request the audit/verification of your smart contracts, please email firstname.lastname@example.org or visit certik.org to submit the request.