Client Spotlight: Binance BGBP

CertiK | Aug 8, 2019

Article's Poster

CertiK is proud to have successfully completed the official audit of Binance’s first self-issued stablecoin, BGBP, earlier this month. Using a variety of intensive auditing techniques, including our industry-leading Formal Verification process, we’re proud to highlight Binance GBP Stable Coin (BGBP) as a more secure, safe, and protected asset.

Binance’s BGBP, a British pound-backed stablecoin, offers an expansion of fiat-backed cryptocurrencies into more countries, operating as one of the first collateralized stablecoins of the British pound. As a dual issue token, BGBP is created on both Ethereum as an ERC20 token and on Binance Chain as a BEP2 token. BGBP is now listed on Binance.com and Binance Jersey, which provides secure and reliable trading of the euro and British pound with cryptocurrencies, making it an industry-ready solution.

Binance is a global blockchain ecosystem and cryptocurrency exchange that provides a platform for trading more than 150 cryptocurrencies. As one of the world’s largest cryptocurrency exchanges, security is paramount. Binance enlisted multiple firms to audit the source code of BGBP, with CertiK being the only firm to perform Formal Verification.

What We Did

CertiK gave the final audit review for Binance’s BGBP project, identifying and solving the most difficult-to-detect errors before launch.

By utilizing our unique Formal Verification technology, CertiK was able to identify undetected vulnerabilities in BGBP, providing a more thorough security sweep and offering robust suggestions. As the world’s most advanced formal verification technology for smart contracts and blockchain ecosystems, CertiK is the only cybersecurity firm to offer a Formal Verification audit process.

“CertiK’s Formal Verification bypasses the limits of manual detection, offering one of the most thorough audits in the industry,”

said Binance’s CEO, Changpeng Zhao.

“That’s why we’ve partnered with CertiK to conduct the audit for BGBP, which marks an important milestone in Binance’s history as the company’s first self-issued stablecoin.”

The Results

Unlike other security companies, CertiK utilizes Formal Verification to conduct a multi-pronged approach that results in a full, holistic, and comprehensive security audit.

The BGBP audit was conducted to ensure the source code of BGBP’s Smart Contracts were free of issues and vulnerabilities. By utilizing CertiK’s Formal Verification Platform, Static Analysis, and Manual Review, the CertiK team applied a comprehensive examination. The auditing process paid special attention to the following:

  • Testing the smart contracts against both common and uncommon attack vectors.
  • Assessment of the codebase for best practice and industry standards.
  • Ensuring contract logic meets the specifications and intentions of the client.
  • Cross referencing contract structure and implementation against similar smart contracts produced by industry leaders.
  • Thorough line-by-line manual review of the entire codebase by cybersecurity experts.

Results and solutions presented by the CertiK team and implemented by the Binance BGBP team included fixes related to zero-address checks and pausing capabilities. Further recommendations from CertiK included adding ‘indexed’ keywords and error messages to BGBP checks.

Overall, the team found the BGBP code to follow best practices. With the delivery of the audit report, CertiK concluded that the contract is not vulnerable to any classically known anti-patterns or security issues. BGBP received an exceptional 100% on its audit report.

CertiK would like to congratulate the team for passing the rigorous verification process and wishes them luck on their project at large.

About CertiK

CertiK is a blockchain and smart contract verification platform founded by top Formal Verification experts from Yale and Columbia University. Incubated by Binance Labs, Certik has strategic partnerships with the world’s leading crypto exchanges such as Binance, OKEx, and Huobi, as well as protocols such as NEO, ICON, and QuarkChain.

CertiK’s formal verification method works differently than traditional testing approaches: rather than working manually, CertiK mathematically proves blockchain ecosystem and smart contracts are hacker-resistant and bug-free at scale. CertiK has secured over $4B in asset value, auditing several projects across all major protocols, including BNB, Terra, Crypto.com, and TUSD.

To request the audit/verification of your smart contracts, please email audit@certik.org or visit certik.org to submit the request.

Twitter: https://twitter.com/certikorg

Reddit: https://www.reddit.com/r/CertiKOrg/

Telegram: https://t.me/certikorg

LinkedIn: https://www.linkedin.com/company/certik