We develop SmartDec Scanner – both web-based and on-premise vulnerabilities scanner.
It supports 31 programming languages, including ABAP and languages for implementing smart contracts: Solidity and Vyper.
SmartDec Scanner works with source codes, executables, and binaries. A link to the app on Google Play or App Store will be sufficient for scanning.
SmartDec Scanner can be easily integrated into SDLC processes: CI/CD servers, task tracking systems, etc. It provides a number of available plugins and a full API to build a custom setup.
We analyze code with accordance to customer’s requirements and accomplish information security audits.
Analysis of the source and executable code: static, dynamic and hybrid analysis, information security analysis
Recovery of source code from low-level representation: from executable files, binary code, object files and others
Analysis of mobile applications: automated and manual black-box testing and security analysis of mobile applications by a link to Google Play or App Store
We analyze the security of smart contracts, DApps and related applications. We also analyze integration between smart contracts and side apps.
We have performed audits for more than 200 blockchain projects, ranging from simplest ERC20 token audits to audits of complex systems, crypto wallets, and even whole blockchains. The number of funds secured by our audits already exceeds $1.0B.
We develop own security and compliance tools, which we use in our audits: SmartDec Scanner, SmartCheck and SmartSuite.
Since the end of 2018, we’ve been consulting enterprise customers on whether they should integrate various blockchain solutions into their business processes and what could be the advantages and disadvantages of such innovations.
We have expertise in both Second Layer (like Plasma, State Channels, Side Chain services) and Privacy Solutions (ZK Snarks, ZK Starks), and participate in the development of products that utilize such solutions.
SmartCheck is one of the first security tools for Smart Contracts in Solidity and Vyper languages. It automatically checks Smart Contracts for vulnerabilities and bad practices – highlighting them in the code and giving a detailed explanation of the problem. We already use it in our security audits.
SmartSuite is a DApp that checks compliance of a deployed token with ERC20 standard. The test results along with their evidence are available both on-chain and in the web-interface.
That's not all that our team can do.
If you have another problem, feel free to contact us.
System engineer. Has experience in commerce as a leader and organizer of medium and large business, including retail business, from beginning of 1990-s.
Developer and economist. Application security specialist, highly skilled at working with the largest static analysis tools and binary analysis. Lecturer at Lomonosov Moscow State University and Higher School of Economics.
Developer, chief architect of IT products. Developer of SmartDec decompiler and SmartDec training and learning system. Lecturer at Lomonosov Moscow State University and Higher School of Economics.
Expert in DevOps, system administration and hardware for agile development. Developer on Java, C++ and Python.
Specialist in Smart Contracts and Solidity language. Technical leader of web server system and static analysis system development.
Leading specialist in building and maintaining contacts with current and prospective customers and partners.
Lead analyst of application security projects, expert on vulnerabilities in mobile and web applications, specialist in blockchain technology and smart contracts.