Blogs - 2023

Tesserent and Hashlock Security Audit Results Announced

Written by Redbelly | Apr 9, 2024 9:26:04 AM

Redbelly recently engaged Blockchain experts Hashlock and Tesserent to perform expert validation and testing of our Blockchain.

 

Hashlock Results

The first report is the independent audit by blockchain and smart contract security auditing experts Hashlock, focusing on a penetration test of our network and a smart contract code level audit. Results were summarised as follows:

"After our audit and analysis, we found the code follows simple logic, with correct and detailed ordering.

Smart Contracts: Hashlock found: 20 High severity vulnerabilities, 16 Medium severity vulnerabilities, 28 Low severity vulnerabilities

Layer 1 Network: Hashlock found: 5 High severity vulnerabilities, 12 Medium severity vulnerabilities, 45 Low severity vulnerabilities

All issues identified have since been resolved, actioned, or acknowledged and then re-reviewed. All issues uncovered during automated and manual analysis were meticulously reviewed and fixed."

The full report is now available here

 

Tesserent Results

The second is the infrastructure assessment by blockchain security experts Tesserentassessing our network against globally recognised CIS Benchmarks for Internet Security, reviewing our current architecture and extant security posture in detail. Results were summarised as:

"Tesserent conducted a thorough security review of the cloud nodes with evidence 
collected through a variety of mechanisms. Both GCP and AWS environment were 
assessed.

Findings: 1 High Risk, 3 Medium Risks, 7 Low  

After the presentation of the assessment report, Redbelly initiated remedial activities, addressing the identified high-risk issues, and providing evidence of resolution back to Tesserent.

Medium and Low risks unrelated to the configuration of the golden images will be remediated in accordance with Redbelly's risk management practices."

The full report is now available here