Discover more from Inside Web3 │ By Julian Ivaldy
Inside Web3 | Crypto audits
Logbook of a Web3 builder: News, resources, fundraising, and learnings
I hope you're doing well this week 🤠
From our side 👇
Mobula: We have final meetings with VCs & Business Angels this week before deciding on our launch. We'll tell you all about it next week! The product development is going well, and the DAO is very active. We continue to contact as many tools as possible to provide our free & on-chain data solution API.
StaySAFU: Small breakdown of our scanner tool in the middle of the week, but everything was finally repaired. Here we go again!
Safetin: This is the big news of the week 🎉 We launch our blockchain security label SAFETIN => Analyze & monitor blockchain protocols and DeFi projects.
We talk about it below!
The plan of the edition:
1/ Top 5 Resources of the Week:
2/ The intervention of the week: Douglas, Blockchain & NFT strategy consultant in the music industry
3/ Focus of the week: All you need to know about audits in Web3 🔍
1/ Top 5 Resources of the Week
Still nice news in web3. Things are going on pretty well
… it seems huge brands are starting to feel concerned about all this stuff!
🎮 EPIC Games raising $2 billion to build their own metaverse…
The race for the metaverse has only started, and the gaming industry already fears missing it… EPIC Games, the video game studio famous for Fortnite, raised $2 billion from Sony and Lego to enter web3 and build a metaverse for Kids!
🪴 An eco-friendly blockchain? Polygon (MATIC) sidechain aims at total carbon neutrality before 2023.
One of the most promising blockchains could soon become a green sidechain. It is said to unlock $20 million to support initiatives and will tend to total carbon neutrality before the end of 2022.
🍟 You will soon be able to eat at McDonald’s or buy at Walmart with your Bitcoin wallet!
Things are getting serious for Bitcoin… After convincing the world, it could reach a new milestone and be used as a payment method in everyday life. This is possible through the Lightning Network, which has already convinced hundreds of stores. Moreover, over 20 Bitcoin ATMs were installed daily in the last month.
📦 Any needs for a delivery service in the metaverse? That will soon be possible thanks to UPS...
The world’s largest delivery service plans to enter the metaverse to ensure virtual retail shipping and delivery. These guys are visionary.
🦄 Uniswap launches its own Venture to support similar projects. To help like-minded web3 projects, Uniswap announced that Labs Ventures will invest at different stages of the web3 stack: “At Labs, we want to onboard millions of users into the web3 economy, to unlock universal ownership & exchange for all.”
2/ The intervention of the week: Douglas
For this edition, I’m glad to welcome Douglas! He has great experience in web3, mainly with NFTs, metaverse, and stuff. He provides blockchain consultation and NFT project strategies and owns a digital media studio around NFTs, metaverse, and web3, especially around music!
My venture into Web3 started the same way that I’m sure most people would say – through an introduction to cryptocurrency. Growing up in a country with such a wide gap amongst income classes, I've always felt drawn to industries that offer solutions.
In pursuit of these solutions, I've found my place in Web 3.0, allowing me direct access to an ever-changing landscape of innovation capable of closing the digital divide and acting as an engine of socio-economic change. Having worked in the music industry for close to 12 years, I’ve been exposed to numerous instances of unjust contractual dealings as well as the overall unfairness inherent in the royalty distribution structure of creative works.
It was through this lens that I started to delve down the Web3 rabbit hole, as a solution to certain ‘bad digital habits’ that we’ve seemed to have become accustomed to. Data privacy, lack of enforcement or accountability, equitable distribution of, centralised information etc. These issues have been important to me throughout my adult life and I feel that Web3 has the potential to at least start us on the right foot in trying to solve them.
I struggle sometimes to define my role in this space, or even the role I’m aiming to fill. I call myself a Blockchain Strategist as that is vague enough to allow me the freedom to be flexible in the most rapidly innovative industry in history. I’m the founder of three companies so far and I have no doubt that list will expand with time. I continuously feed my multiple interests in Web3 and try not to limit myself in my pursuits.
ChainMosaic – Web3 Consultancy Banshee Studios – Web3 Design & Content Studio ChainFluencer – Influencer Marketing for Web3 Projects I suppose the most valuable lessons I’ve learned in this space so far can be summarised in a few easily digestible lines;
1. Web2 is for selling, Web3 is for sharing.
2. When everyone is an expert, no one is.
3. Your job title doesn’t define your value.
4. There is room for everyone in Web3.
5. And finally… just build.
3/ Focus of the week: All you need to know about audits in web3 🔍
Despite its recent massive adoption, blockchain remains in an early development phase and is still expected to face huge changes. We estimate that only 5% of the world’s population is into DeFi and cryptos for now. Moreover, it has only been a few months since huge brands and governmental institutions started to pay attention to the ecosystem and its applications. And it’s useless to quote legislation that is almost inexisting since most governments didn’t even start to consider framing the use of cryptos…
So the world of decentralized finance is exploding: more and more transactions are made daily, and the number of new users keeps increasing. And so does the number of scams! As the blockchain sector is still young and isn’t clearly regulated by strict laws in almost all countries, it is very difficult to get your money back in case of a scam. I think you’re starting to get it. Here is the biggest issue for blockchain: security! Facing repeated scamming or rug pull affairs, many investors are still worried by the wildness of the ecosystem and seek more and more ways to secure and prevent their investments. And all this starts even before investing!
That’s why audits were implemented… Basically, they consist of a third party checking a blockchain-based project (from the team to technical details as the code) to ensure it is safe and ready to invest in. More and more security labels like Safetin are emerging to help with this. Smart contract security audits have become essential for any legitimate decentralized finance (DeFi) protocol.
Investor or project founder: here is everything you need to know about audits 👇!
Basics on audits and smart contracts
As a reminder, most web3 projects (blockchain, DeFi, NFTs…) are based on smart contracts: automated, self-executing, traceable, immutable agreements on blockchain. Coding files. They made possible complex transactions without any intermediaries or central authority. Security audits include reviewing the code of such smart contracts or DeFi protocols to check their functioning.
DeFi is naturally risky, and the teams in charge of the project are responsible for preventing losses from theft or bugs. Even if it’s difficult to provide legally binding guarantees about the safety of a smart contract/protocol, a series of comprehensive audits by a reputable firm is maybe the best way to reduce the probability of a hack or bug in a smart contract.
Why are audits so important?
On the investors’ side, audits are a good way to ensure a project is safe and verified by a neutral third party. It ensures that the code is functional, that the team has no criminal antecedents (Know Your Customer process), and that the project is coherent enough to be invested in.
For project founders, audits are essential: in the highly competitive world of DeFi, security is a priority, and users know it. Smart contract audits to ensure that a DeFi project works, can prevent attacks before they occur, and ensure users’ funds’ safety ! Security audits from famous labels can also act as a badge of honor and even create visibility to attract new investors! Beyond security aspects, audits enable you to build a trustful community and prove your commitment and seriousness to customers and partners. For instance, each StaySAFU Audit & KYC is shared with our community of 15,000 investors on Telegram & Twitter, on our site with 500,000 unique monthly visitors, and our tools for free. Great to attract new investors, no?
How does an audit work?
A security audit is based on the comprehension, inspection, and analysis of the underlying code inside a smart contract. The goal is to highlight any flaws or vulnerabilities in the code, fix them, and make improvements. The audit aims to test the execution of countless tests and many potential scenarios to detect bugs.
At Safetin, we built a strong auditing process to ensure high-quality and trustful audits for projects’ investors :
To audit a smart contract properly, you first need to understand what it is supposed to do and how the developers have implemented the solution. Our team achieves this through discussions with the technical teams and initial code readings.
Then comes the heart of the work: the analysis of the smart contract. First, a part of our team (3-5 blockchain engineers) reads it line by line carefully and points out logical errors, possible optimizations, and even potential critical issues. Then, the same team will launch a testing process to verify the proper functioning of the smart contract and its robustness against attacks.
Finally, our team produces a comprehensive report including a description of the smart contract protocol, the methods used to analyze it, a full list of the problems encountered, and ideas and code snippets to solve them.
A few testing methods for audits: Gas Usage, Functional Analysis, Automated Analysis, Vulnerability Analysis, and Pen Testing. The final report will inform firms about how to fix their code.
How to get an audit?
If you need an audit for your project, here are a few labels you should consult…
👉 ConsenSys Diligence
ConsenSys, a leading blockchain company is, specializes in producing blockchain solutions. ConsenSys Diligence is the security branch of the firm, delivering smart contract auditing services.
CertiK is a blockchain security company that has created a pioneering smart contract auditing technology (+1800 audits). Binance's fund uses CertiK's smart contract audits before investing in any project.
👉 Safetin 👑
Safetin is a security label created to ensure more transparency concerning security in DeFi investments. A comprehensive security assessment of your smart contract and blockchain code to identify vulnerabilities and recommend ways to fix them.
The team places itself as a partner of the companies which wish to audit their token and puts forward the secure side of their token while recommending improvements if necessary. 3 main objectives: creating trust between your community and your project, improving your tech, and giving visibility to the audited projects.
The projects audited are highlighted on Safetin’s tool and, therefore, visible to over 200,000 investors per day.
OpenZeppelin is a big name in Web3 development, offering auditing services to some of the biggest names in blockchain, including the Ethereum Foundation and Coinbase. Moreover, it provides contract templates for making secure smart contracts on Ethereum.