We at QuillAudits, understand how critical security is in the Web3 ecosystem. Our experienced auditors deeply scrutinise every audit we perform on the Polygon blockchain. After audit completion, we share comprehensive and actionable reports to improve the security of your Web3 project.
Complete Vulnerability Check
Smart contracts are widely exposed to threats such as front-running, reentrancy attacks, Arithmetic logic flaws, etc., time and again. Our in-house security experts manually review and authenticate every bit of code to identify and mitigate all possible risks and vulnerabilities.
Detailed reports on the severity issues detected in the code with the security recommendations can be obtained from the Polygon smart contract audit by our experts. Get the code audited as you develop to eliminate all potential vulnerabilities that may otherwise go unnoticed before it's too late.
Scheduled Auto Scans
A code requires to be updated, re-audited and reformed to reassure your users of the safety and protection offered to their assets by your project. Thus, auditing once isn't the end, as regular scans help maintain integrity and security throughout future development cycles.
Our experts assess the risk and provide security recommendations after rigorous testing and fathoming the code from multiple perspectives. QuillAudits reports summarize the project and describe each vulnerability with specific reference to relevant portions of the smart contract.
When testing a project, we focus primarily on its smart contract audit and business logic validation. Since QuillAudits has been in the auditing business for years, the majority of the vulnerabilities and bugs are known to us, and very rarely, we come across bugs that are new to us.
Our in-house team comprises experts with different competencies, and we thoroughly audit your project. We conduct testing for your project on different grounds such as validating the crypto algorithms, pen testing and simulating various possible attack vectors on your application.
We consider the business logic and the gas usage as per the requirement of the project, which further helps us to strengthen and optimize the mechanism of your smart contract.
|SWC-100||Function Default Visibility||CWE-710: Improper Adherence to Coding Standards|
|SWC-101||Integer Overflow and Underflow||CWE-682: Incorrect Calculation|
|SWC-102||Outdated Compiler Version||CWE-937: Using Components with Known Vulnerabilities|
|SWC-103||Floating Pragma||CWE-664: Improper Control of a Resource Through its Lifetime|
|SWC-104||Unchecked Call Return Value||CWE-252: Unchecked Return Value|
|SWC-105||Unprotected Token Withdrawal||CWE-284: Improper Access Control|
|SWC-106||Unprotected SELFDESTRUCT Instruction||CWE-284: Improper Access Control|
|SWC-107||Reentrancy||CWE-841: Improper Enforcement of Behavioral Workflow|
|SWC-108||State Variable Default Visibility||CWE-710: Improper Adherence to Coding Standards|
|SWC-109||Uninitialized Storage Pointer||CWE-824: Access of Uninitialized Pointer|
Each year, millions drain down the crypto hacks. Here are a few examples how hackers took advantage of the loopholes in the code to escape with millions:
In March 2022, $615M were stolen from Ronin Network, a platform powering the popular mobile game Axie Infinity.
In August 2021, the criminals transferred $611M-worth of Poly Network tokens to three wallets they controlled.
In September 2020, $275m worth of cryptocurrency was stolen from the Singapore-headquartered exchange KuCoin.
Caption: Values calculated according to cryptocurrency prices at the time of the theft
Source: Statista/Bloomberg, Business Insider, TechCrunch, CNBC, Ronin Network, Vice.
Very professional and timed delivery. Also very prompt in responses and queries.
The team is very supportive and they were able to work as per our requirements
QuillAudits did a great job with our audit, was very professional and provided quick service
QuillAudits provided security enhancements for Polygon projects, earning positive feedback for their prompt and high-quality service as an auditing partner.
Visit our help centre to clear out any doubts you may have regarding our partnership program.
DeFi & NFT Hacks, CTFs, and Blockchain Security Insights Straight to your Inbox. Explore our weekly newsletter: HashingBits. Stay updated on everything we’re publishing. Stand a step ahead.