Blaize
Contact us
  • Home
  • Services
    • Back
    • Blockchain ecosystems
    • Decentralized application
    • Smart contracts
    • Developer tools
    • Enterprise solutions
    • Blockchain integration
    • NFT Development Services
    • NFT Marketplace Development
    • GameFi Development
    • Token Development Services
  • Blaize.Security
  • Solutions
    • Back
    • Blockchain Consulting Services
    • For enterprises
  • Team
  • Cases
  • Blog
  • Careers
  • fb
  • LinkedIn
  • Twitter
info@blaize.tech +38 095 53 72 031

Kyiv, Ukraine

26 Metalistiv St

Dnipro, Ukraine 20

Sichovykh Striltsiv St

PeakDeFi: Case Study For Smart Contract Security Audit

2 weeks

Share:

Share on FacebookShare on TwitterShare on TelegramShare on WhatsApp

PeakDeFi is a decentralized asset management protocol. The main technology is concentrated on smart contracts that manage and redistribute users’ profit automatically and trustlessly.

About the project 

Blaize was contacted to perform a smart contract security analysis of the two PeakDeFi contracts. The first contract enables the deposit and withdrawal functions. This is one of the core contracts of the protocol so our main goal was to ensure the highest level of security. The second contract is managing the factory for new funds and also needs to be secured in the best way. 

Main requirements 

Blaize’s main task was to find and describe security issues in the smart contracts of the protocol. 

Every contract is subject to manual and automated code review. Nevertheless, the type of vulnerabilities and scope may vary depending on such characteristics as programing language, project scope, contract consistency, and overall contract utility within the protocol. 

Thus, in the case of security analysis of the PeakDeFi contracts we have chosen the following set of vulnerabilities that need to be considered: 

● Unsafe type inference; 

● Timestamp Dependence; 

● Reentrancy; 

● Implicit visibility level; 

● Gas Limit and Loops; 

● Transaction-Ordering Dependence; 

● Unchecked external call – Unchecked math; 

● DoS with Block Gas Limit; 

● DoS with (unexpected) Throw; 

● Byte array vulnerabilities; 

● Malicious libraries; 

● Style guide violation; 

● ERC20 API violation; 

● Uninitialized state/storage/local variables; 

● Compile version not fixed. 

SMART CONTRACT SECURITY AUDIT PROCEDURE 

Blaize.Security has an established security audit procedure. It includes the following steps: 

  1. Check for code consistency whether the contract corresponds to the documentation;
  2. Checks against the standard list of vulnerabilities we have mentioned above;
  3. Static analysis by automated tools;
  4. Manual code analysis and code quality review;
  5. Gas usage analysis;
  6. Unit tests coverage check;
  7. Security analysis report delivery
  8. Post-audit fixes review

You can find more info about Smart Contract Security Audit procedure or take a look at the thoroughly described Jibrel Smart Contract Audit here. 

AUDIT RESULT

According to the code review for PeakDeFi no critical issues were found. Yet, the contracts had a few issues regarding code consistency and did not follow the best coding practices in some aspects. The report was delivered to the team for further reconstruction and code improvements. 

See the full list of found weak points and recommendations about their improvements in this document:

PeakDeFi_Smart_Contract_Audit_1

After receiving the review and comments, the dev team of PeakDeFi has implemented all the needed improvements and fixed the majority of issues regarding code consistency. 

In the end, the overall security of the PeakDeFi contracts can be evaluated as 98% out of 100%, so can be perceived as reliable and safe for usage. 

Blaize’s team of auditors is continuing to cooperate and guard the security of PeakDeFi protocol. See PeakDeFi Launchpad smart contract audit transcript below:

PeakDeFi_Launchpad_smart_contract_audit

Service

  • Security audit

Blockchain

  • Ethereum

Project stage

Security audit

Other cases

SMART CONTRACT SECURITY AUDIT FOR CRYPTOBEAR WATCH CLUB

Service

  • Security audit

Blockchain

  • Ethereum
1 week
SMART CONTRACT SECURITY AUDIT FOR BINARYX

Service

  • Security audit

Blockchain

  • Polygon
3 weeks
NFT GAME DEVELOPMENT – FANTASY FOOTBALL LEAGUE

Service

  • Blockchain based platforms
  • Crypto games
  • NFT development
  • Smart contracts

Blockchain

  • Polygon
5 months
SOULBOUND TOKEN MVP DEVELOPMENT FOR PROJECT – SOUL SEARCH

Service

  • NFT development
  • Smart contracts
  • Token development

Blockchain

  • Polygon
3 weeks
SMART CONTRACT SECURITY AUDIT FOR CUPCAKE – NFT APP

Service

  • Security audit

Blockchain

  • Ethereum
3 weeks
SMART CONTRACT SECURITY AUDIT FOR TITLE DEEDS CEX BY VIEWPOINT LABS

Service

  • Security audit

Blockchain

  • BNB Chain
  • Ethereum
1 week
DEFI ASSET MANAGEMENT PLATFORM DEVELOPMENT FOR DEHIVE

Service

  • Blockchain based platforms
  • DeFi applications
  • Token emission and distribution

Blockchain

  • BNB Chain
  • Ethereum
  • Gnosis chain
  • Polygon
8 months
SMART CONTRACT SECURITY AUDIT FOR TOKENDEAL – Protocol For NFT Sales

Service

  • Security audit

Blockchain

  • Ethereum
1 day
Blaize

Address

Kyiv, Ukraine26 Metalistiv St
Dnipro, Ukraine20 Sichovykh Striltsiv St

Contact us

  • Tel.: +34 624 45 15 40
  • E-mail: info@blaize.tech

Menu

  • Home
  • Cases
  • Blog
  • Careers

Socials

  • Facebook
  • Twitter
  • LinkedIn
  • twitter
  • facebook
  • linkedin

Services

  • Blockchain ecosystems
  • Decentralized application
  • Smart contracts
  • Developer tools
  • Enterprise solutions
  • Blockchain integration
  • Smart contract audit
  • NFT development services
  • NFT marketplace
  • GameFi development
  • Token development
  • Blaize.Security

Solutions

  • For Startaps
  • For Enterprises

Subscribe news







    Popular Topics

    • 6 platforms for dApp development in 2023
    • How to do a smart contract audit
    • Tokenomics for crypto games
    • Smart contracts vulnerabilities
    • Launch an ICO, STO, and IEO in 2023
    • Create a stablecoin on Ethereum
    • Top 7 DeFi exploits&hacks in 2022
    top blockchain developers
    techreviewer
    GoodFirms Badge

    Copyright © Blaize - blockchain development company 2018-2023

    B2B inbound marketing with