Solution stabilizes price fluctuation and reduces transaction fees
WILMINGTON, Mass., July 30, 2019 (GLOBE NEWSWIRE) — Security Innovation, an authority in software security assessment and training, announced today its security assessment findings of Metacash, a cryptocurrency platform that simplifies stable coin transactions. The transparent disclosure of the finding and fixing of issues should help increase adoption and confidence in blockchain as a viable option for distributed trust payments.
Metacash enables users to achieve simple, fast payments without needing to understand any of the underlying blockchain technology. To ensure this functionality didn’t introduce user risk, the Security Innovation blockchain team conducted an attack surface analysis of all 5 Metacash contracts and used this for risk-based security auditing. The team found a potentially dangerous “phishing” vulnerability as well as other ways in which a malicious DApp (distributed application) or anonymous party could steal or lock funds in user’s wallet. The team shared the results with the project leaders who addressed each of the issues. The case study and full audit report can be downloaded from the Security Innovation Web site.
“The report from Security Innovation has really impressed us. Some issues that were raised could have been completely catastrophic if exploited,” said Nour Haridy, lead architect of the Metacash project. “We are grateful to have partnered with the engineers at Security Innovation to amplify the security of our code and protect our users’ assets.”
The Security Innovation audit was led by Mick Ayzenberg, Blockchain Center of Excellence (CoE) Lead. “This project caught my attention because it solved a real adoption problem by simplifying UX when dealing with fees,” said Mr. Ayzenberg. “Additionally, demonstrating scrutiny and commitment to fixing flaws is a process many emerging technologies go through to build confidence, and Blockchain is no different. The openness of the Metacash team and their willingness to publish results shows their commitment to deliver security as part of their platform.”
Security Innovation has performed numerous blockchain assessments for companies such as DigitalX, Stably, and others. Our Blockchain CoE is one of 6 dedicated CoEs at Security Innovation, each dedicated to mastering security of the industry’s most critical software technologies and platforms. Findings from each CoE fuel product and services innovation and makes the company’s expertise available to its customers.
ABOUT SECURITY INNOVATION
Security Innovation is a pioneer in software security and trusted advisor to its clients. Since 2002, organizations have relied on our assessment and training solutions to make the use of software systems safer in the most challenging environments – whether in Web applications, IoT devices, or the cloud. The company’s flagship product, CMD+CTRL Cyber Range, is the industry’s only simulated Web site environment designed to build the skills teams need to protect the enterprise where it is most vulnerable – at the application layer. Security Innovation is privately held and headquartered in Wilmington, MA USA. For more information, visit www.securityinnovation.com or connect with us on LinkedIn or Twitter.