(+84) 247 109 9656
CyStack and Cookies
Our website uses cookies to improve your experience.
By clicking “Accept”, you agree CyStack can store cookies on your device and disclose information in accordance with our Cookie Policy.
From 22/09/2021 to 01/10/2021, CyStack independently evaluated the security posture of the smart contract ONUS Token from the ONUS. Our findings and recommendations are detailed here in this initial report. ONUS (Open Nation for Universal Success), formerly known as VNDC Wallet, was first launched on March 23, 2020, on both Android & iOS. After 18 months of deployment and improvement, ONUS is now one of the most used cryptocurrency investment applications in Vietnam, with more than 1.5 million installs and a complete ecosystem of investment products.
Audit Projects > ONUS
Audit Report - ONUS
Type of audit
Smart Contract Audit
Language
N/A
Testing method
whitebox
Request date
2021-09-21T17:00:00.000Z
Revision date
2021-09-30T17:00:00.000Z
Status
completed
Target distribution
About ONUS Technologies
ONUS team believes in a future of equality in financial opportunity, where everyone has access to the investment tools to build their own prosperity. Onus will not be just an investment platform, but strive to be an Open Nation for Universal Success
Type
crypto_token
Platform
N/A
Owner
ONUS Technologies
Industry
blockchain
Audit Report - ONUS
Type of audit
Smart Contract Audit
Language
N/A
Testing method
whitebox
Request date
2021-09-21T17:00:00.000Z
Revision date
2021-09-30T17:00:00.000Z
Status
completed
Target distribution
Assessment Checklist
Application Deployment and Configuration
Ensure server configuration, network infrastructure, web applications, files are handled correctly and securely.
User Identity Management
The application manages user identities well and does not cause problems in all use cases.
Authentication mechanism
Make sure the application's authentication mechanism has a reasonable logic, preventing the possibility of authentication bypass.
Decentralization mechanism
Check for privilege escalation, decentralization, or path traversal vulnerabilities.
Session management mechanism
Check for errors related to cookies and sessions.
Input data validation mechanism
Check for Reflected XSS, Stored XSS, SQL injection and other injection errors.
Error control ability
Ensure errors are handled properly and do not expose sensitive information through error notifications.
Encode
Test the application's encryption algorithms.
Business logic of the application
Check application integrity, conflict, and responsiveness.
Client-side issues
Check for security flaws that can be exploited from the client side.
About projects.smart-contract-audit Service
projects.about_smart-contract-audit
Get a Quote
Choose a product or service
Back