Key Takeaways
When the entire world is moving towards Web 3.0, bad actors are also leveraging the lack of information to their advantage
QuillAudits is a smart contract auditing service that enables Web 3.0 projects to secure their smart contracts by removing any defects or loopholes in the code
The open-source nature of smart contracts also enables hackers to inspect the code, find the vulnerability, plan the attack, and execute it in a well-orchestrated way
Preetam from QuillAduits particularly went on to appreciate the efforts of CoinGabbar to safeguard the crypto space by integrating the Proof-of-Reserves for leading crypto exchanges
for the crypto industry as it had to face extreme FUD in the community.
Liquidity is being drained out of the ecosystem which is significantly affecting the growth of new blockchain startups. Amidst this, it becomes extremely important for investors and crypto entrepreneurs to understand the significance of security protocols in the blockchain space.
When the entire world is moving towards Web 3.0, bad actors are also leveraging the lack of information to their advantage. Today what we need the most is the right information about the things that matter. And to ensure that CoinGabbar has come up with an exciting twitter session with QuillAudits, themed on “How to Secure a Crypto Project”.
We hosted Preetan Rao, CEO & Co-Founder, QuillAudits to enlighten the audience with his expertise. He covered almost all the aspects of blockchain security and the things that every Web 3 dev should keep in mind. The session was moderated by CMA Sudeep Saxena, Co-Founder, CoinGabbar.
QuillAudits is a smart contract auditing service that enables Web 3.0 projects to secure their smart contracts by removing any defects or loopholes in the code. QuillAudits ensures that the project code is thoroughly audited before it is deployed on the blockchain so none of the negligence could be exploited by the bad actors in the space.
Preetam Rao, CEO & Co-founder of QuillAudits shared his journey of starting QuillHash and eventually QuillAudits. Preetam told CoinGabbar that he was an active developer in the space, but due to some work-related query, he had to read the Bitcoin whitepaper that changed the entire course of his life. Preetam was mesmerized by the idea of decentralization, distribution of authority, and taking back control of our own finances through cryptocurrencies. This is what made him realize that he can fill the gaps that are still prevailing in the industry. He resigned from his job and started QuillHash to secure the Web 3.0 space.
Preetam particularly went on to appreciate the efforts of CoinGabbar to safeguard the crypto space by integrating the Proof-of-Reserves for leading crypto exchanges and getting them live on their website.
Preetam insisted that there is nothing that is insecure about the inherent blockchain technology, in fact, it is one of the most secure and transparent mechanisms for the information to be stored and managed. However, when blockchain projects are built, development takes place on multiple layers and a single loophole in any of those layers can be fatal to the security of the project.
QuillAudits enables the projects to mitigate that risk significantly by getting their code thoroughly checked by blockchain security experts. QuillAudit ensures that its code is not only secure but also effective to the maximum possibility. It is not possible for the devs to do everything perfectly during the phase of production and testing and that is where the QuillAudits come into the picture.
We have to keep in mind that there could be multiple kinds of attack factors that can be very specific to the exploited vulnerability. As per the data, exploits in cross-chain bridges account for more than 70% of the total funds hacked during the last few years.
We have seen the Ronin Bridge hack that has led to a loss of over $600 million in funds, the BNB chain hack that sank over $550 million, and then there was the PolyNetwork hack, costing $600+ million of funds. All of these hacks were because of some basic security vulnerabilities that were exploited by the hackers.
Secondly, phishing is also one of those key threats that are becoming more common with time. Apart from that, Rug pulls are also there that target ill-informed crypto users. The right information is one of the most critical parts of the blockchain ecosystem and projects like CoinGabbar are ensuring that their users get the most accurate, authentic, and informative content every day. These events will eventually increase the trust in the crypto community.
This is one of the most prominent questions that QuillAudits have to face very frequently, Preetam informed CoinGabbar. Preetam added that Web 2.0 hacks are intrinsically different from Web 3.0 exploits as Web 2.0 hacks lead to the leak of information. This information is critical for organizations and thus they used to pay a ransom to the hacker or the hacker sells the information to make some quick money.
Web 3.0 hacks are completely different as they are more rewarding and more difficult to be traced back. In Web 3.0 exploits, hackers can have direct access to funds and they can move these assets without leaving any traces being using crypto mixers and other such tools.
The open-source nature of smart contracts also enables hackers to inspect the code, find the vulnerability, plan the attack, and execute it in a well-orchestrated way. That is why QuillAudits is critical for fintech products where the code directly interacts with the underlying assets. We ensure that your code is secure against any such threats.
Preetam shared some of the key points that both the retail investors as well as the crypto entrepreneurs should keep in mind to mitigate the risk involved. Here is a bullet list of the things that you just cannot avoid while dealing with crypto assets.
If you are an investor, identify the founder of the blockchain project that you are planning to invest in.
You should be checking their smart contract auditing reports and take them seriously to make an informed decision
There are tools available that checks the security of that particular project, make sure to use QuillCheck before investing in any project
It is always advised to use non-custodial wallets for your crypto assets and ensure that you are always in control
Make sure to set alerts on your wallet to know what is happening on your blockchain wallet
Preetam shared the USP of QuillAudits with CoinGabbar by saying that we are not only a smart contract auditing company that just goes through your code and sends you the report. We do that as well but apart from that, we are working towards the overall security of the space. QuillAudits is constantly producing and publishing content, writing GitHub Repos for devs, and constantly engaging with their community to educate the masses about crypto security.
QuillAudits also believes that the crypto industry is big enough to incorporate many players offering the same services, but what sets QuillAudits apart is the fact that we directly engage with the team to safeguard their projects. We even their smart contracts from our end to ensure that everything is secure as per our standards. We empower the projects to stick to the promises they made in their white papers and work towards deploying their smart contracts at par with their technical declarations. QuillAudits is proud to cater to over 700 clients in the last 3-4 years and willing to continue the good work.
Cryptocurrency and blockchain are all about transparency and decentralization but that also makes them open to different threats. In the next few years, DeFi is going to be more mainstream and we are going to interact with a lot more smart contracts, then we would have to incorporate smart contract auditing as an integral part of the development process.
Preetam said that India is full of blockchain OGs and with new blockchain projects entering the market every day. Our aim is to make the space much safer with our upcoming automated tools such as QuillCheck, Relay, and QuillPlay which track users’ on-chain behaviors. QuillAudits is also willing to work with crypto exchanges to reduce the risk involved for the users as well as the projects. Presently, they are working on QuillAudits API that will show a rating on the side of the project indicating the security levels of a particular project.
This CoinGabbar session ended with an emphasis on the fact that in the crypto industry, we should be the ones taking care of the security from our end rather than being dependent on someone to take care of that, this is a differentiator for Web 3.0 and we should be taking the blockchain security more seriously.