With the recent partnership between Binance Smart Chain (BSC) and CertiK, we are extremely excited to share how you can get your BSC smart contracts secured. This article specifically focuses on the integration of CertiK Security Oracle and QuickScan, which provides scoring as a guideline for security. Stay tuned for the Integration Guides of our other security offerings, including CertiKShield, which is a decentralized system for reimbursing your lost or stolen crypto.
The best way to identify and fix security vulnerabilities is to take the time to conduct thorough, third-party audits. However, as the leading global security auditor in blockchain, we know that blockchain projects are often in a hurry, and they want security analysis immediately without delay.
The CertiK QuickScan uses automated scanning technologies to analyze a wide range of known security vulnerabilities at scale. This lightweight, yet powerful scanning system is backed by a combination of static and dynamic technologies, which produce security primitives to produce security scores:
As QuickScan evolves, more Security Primitives are being developed to continue to enhance the coverage for smart contracts.
Depending on the smart contract’s complexity, it may take around 5–15 minutes for each smart contract to complete a QuickScan. For reference, here’s a list of a few BSC smart contracts and their processing details.
Upon completion, each smart contract obtains a score, which is public and broadcasted through the Security Oracle network via CertiK-maintained oracle operators. A QuickScan score intends to serve as a rough risk indicator for a smart contract, with lower scores suggesting higher potential for hacks and malfunctions.
CertiK QuickScans are helpful tools for the space to quickly receive security information for smart contracts, but they should not be used to replace full security audits, which utilize additional technologies and manual expertise to analyze complex and critical vulnerabilities. For a full, customized audit from CertiK security experts, either visit the CertiK website or submit your request here. All projects with QuickScan scores will receive discounts on their full audit.
To request a QuickScan, BSC projects must first fill out this form and our integration team will get back to you shortly to make sure we have all the required documentation.
At this current stage, endpoints are not yet publicly available, so a cached version of those endpoints are deployed on CertiK Chain as smart contracts, which are invocable to check for the most updated security scores.
CertiK Security Oracle is an invokable, real-time relayer of security insights, providing security scores ranging between 0 and 255. Security scores are generated and aggregated by a network of decentralized oracle operators using various security checking technologies. Check out this article to learn more about the Security Oracle.
For BSC smart contract developers, it is extremely easy to interact with our Security Oracle contract deployed on mainnet. Interfaces like `getSecurityScore(address contractAddress)` are all publicly viewable functions, free of charge.
Take a tour at our Security Oracle GitHub repository, where source code and sample integration code are all listed for you to reference. In most cases, you could simply write the one-line `require()` statement to enjoy the benefits of real-time and on-chain security insights!
There may be some scenarios where BSC smart contract scores are unavailable because a QuickScan has not yet been requested or completed — our list of QuickScan’ed projects are growing every day, so keep checking! As blockchain is a decentralized effort, we’re also allowing people unrelated to the targeted smart contract to submit this form to give us a list of highly demanded projects.
As for interested developers in the community, we’re also providing grants of $BNB to grow our Security Oracle task ambassadors. Contact us for more information!
The CertiKShield system is an insurance-like protocol that enables users to purchase protection against the loss or theft of their digital assets. Any blockchain project may create a CertiKShield Pool, providing their users with the option to protect themselves against any unexpected losses or malfunctions. Additionally, blockchain projects will also be eligible to receive reimbursements if their own assets are irretrievably lost or stolen.
The funds of the CertiKShield Pool are filled by liquidity providers who stake their funds as collateral, in exchange for higher rewards.
In order to be eligible for the CertiKShield system, the project’s smart contracts must have Security Oracle scores publicly available. Contracts with higher scores will receive lower rates for protection, whereas riskier contracts, or those with lower scores, will be charged higher rates for protection.
Once you have a publicly viewable Security Score on our Explorer, our team will contact you to set the parameters of the CertiKShield, including your reimbursement limit and the ideal CertiKShield Pool size.
If you already have a Security Oracle score, request the creation of your CertiKShield Pool directly here!
We encourage all BSC projects to integrate with CertiK for an enhanced security environment. All interested BSC projects should follow the steps below, and our integration team will be in touch shortly:
3. Once the code is ready, we will conduct a QuickScan on all your contracts for security scores;
4. Now you’ve made the necessary efforts to confidently launch!
5. Once deployed to BSC mainnet, we will gather the contract addresses and showcase your project’ status on Featured Projects;
6. Our CertiKShield insurance experts will then follow up with your team to discuss the coverage details based on indicators like current user traffic and amount of locked assets.
As one of the leading security firms in industry, we often get inquiries from the community asking about whether certain contracts have been audited. The goal of the Security Oracle is to make this information more accessible, and to further that goal, we’ve revamped our Explorer to show a detailed view of the security information, including:
At CertiK, our mission is to provide streamlined solutions and tackle security pain points with our proprietary technologies. Additionally, our caring team of security experts is always on standby.
Leverage the best of CertiK and Binance Smart Chain’s technologies and let’s #BUIDL!
If you’re interested in receiving a QuickScan or CertiKShield Pool for your BSC smart contract, submit a request here. You can reach the Binance Smart Chain team on the Binance Chain Developer Telegram Group and the CertiK team on www.certik.io or via firstname.lastname@example.org for your free 30-minute consultation.