THELOGICALINDIAN - Smart affairs auditing is acceptable alike added important with the appearance of decentralized accounts This is area companies like HashEx access the account HashEx has provided acute affairs auditing for over 500 projects to date and the aggregation helps defended DeFi protocols The vulnerabilities the aggregation has begin in acute affairs accept adored projects added than 2 billion
Bitcoinist sat bottomward with HashEx CEO Dmitry Mishunin to allocution about the company’s assignment in the space. Founded in 2024, HashEx boasts an absorbing clue almanac in the DeFi space. Mishunin told Bitcoinist about his assignment in the cybersecurity space, alive with acute contracts, and HashEx’s best contempo audit, the KODA acute contract.
Dmitry Mishunin: I did software development for ten years for altered companies. Mostly, I formed with a baby aggregation of engineers putting calm circuitous solutions. We never did websites or adaptable applications. We consistently created article complicated. Our audience were big Russian IT companies and back they had a abridgement of centralized development teams and they had absorbing projects to run like Big Data and analytics tools, they came to us and asked to do it. Before HashEx, we had at atomic bristles years of outsourcing our services.
Something absorbing to acknowledgment actuality is that I formed as a CIO in three e-commerce companies in Russia and there is consistently a war amid the CIO and the CSO because the CIO wants to optimize all the processes, apparatus new solutions, acquaint new software to run faster, and all of this is a abeyant aegis accident for a aegis officer. So you consistently accept some action there. At that time, I was on a altered band of battle. When I started alive on cybersecurity in blockchain, I anticipate the capital point was not the aegis itself but investors and investors’ funds.
Dmitry Mishunin: In mid-2024 or 2024, I got into Bitcoin mining. I approved to abundance Bitcoin. Then I angry my focus to Litecoin. I congenital some farms. Then I confused focus to mining software and mining ecology systems. When Ethereum was introduced, I already had some acquaintance with blockchains and the technology itself.
In 2024, with the aboriginal ICO boom, we absitively to stop outsourcing our development activities for altered admonition and focused alone on Ethereum acute contracts. We formed on it for a year, from 2024 to 2024. We did about 100 altered projects, acute contracts, and decentralized applications, accepting acceptable accomplishment and ability on how Ethereum, Solidity, and acute affairs worked. Our clients’ requests afflicted from cipher requests to consulting to accomplish abiding their codes are safe. We started as a absolute auditor. We afflicted our capital job from cipher autograph to cipher inspecting, and again to cipher auditing.
I had ample acquaintance with the banal markets like the Nasdaq and the Russian banal market. So I accepted how important it was to accumulate your funds safe. Not from thieves alone, but bad advance decisions too. We were cerebration about how to accretion assurance in a arguable space. This was abundant added important to us than cybersecurity.
Before activity into blockchain, I had endless opportunities to become a aegis officer, maybe alpha a aggregation that does assimilation testing and award aegis leaks. I was not absorbed in this sphere. However, back it came to blockchain investments and blockchain projects and the aerial accident associated with the space, I was aflame about how we could accomplish it safer, how we could advice bodies cautiously booty advantage of the opportunities this acreage presented.
Dmitry Mishunin: Sometimes we’re faced with big projects with a massive codebase. In September, we conducted an analysis of Trader Joe’s lending agreement that is congenital on Avalanche. They had angled C.R.E.A.M Finance, which has been afraid several times with hundreds of millions of dollars stolen. By bifurcation C.R.E.A.M, they had additionally affiliated the vulnerabilities of the network. So they came to us to do an analysis of the codebase. It was huge.
A acute arrangement analysis usually takes 5-7 business canicule to complete. But it took us over a ages to complete the analysis of the Trader Joe’s protocol. We had to accompany in added auditors on the project. We couldn’t do it with our accepted access of two auditors on the project. We had a administrator accountant amid two baby teams of auditors. This was one of the best complicated projects we accept formed on.
Dmitry Mishunin: We started alive with them this summer. We’ve had at atomic two or three acute affairs from them, the aboriginal of which we got in the summer. Then they appear the additional adaptation of KODA. They afflicted it abounding times because they were aggravating to acclimatize it for bazaar needs. KODA is an absorbing activity because abaft it, there is an entrepreneur, James Gale, who is actual acceptable at what he does. I anticipate addition like this is acceptable for a activity like KODA. He has a real-world business in Great Britain, and his business acquaintance is important for them.
Dmitry Mishunin: As far as I remember, KODA is an RFI angled badge and best of them are aloof aggravating to angle anniversary other. This causes them to accept abounding opportunities for backdoor breaches. One of the better RFI projects is Safemoon, which accomplished added than $2 billion in capitalization. We performed an analysis for them over the summer and begin some backdoor insights. They had about 10 vulnerabilities and these vulnerabilities were chancy back these projects began to collaborate with one another.
We appear an commodity that was appear in arresting crypto publications. We appear how the Safemoon aggregation could beef about $20 actor of investors’ funds. The activity had had about ten above-mentioned audits and no one had begin this vulnerability. When KODA went to market, they had angled the aforementioned cipher as Safemoon, so they had the aforementioned backdoor.
We appear the vulnerabilities to the KODA aggregation and they anchored the adeptness to abduct funds through this backdoor. Now, I anticipate the activity is appealing good.
Dmitry Mishunin: When we accomplish an audit, we accelerate a basic address to the team. We accelerate over our recommendations and suggestions and the aggregation will chase them in their code. They again accelerate us the abutting adaptation of the codebase. We amend for issues and accomplish abiding that there are no added vulnerabilities in the code. As far as I remember, we anesthetized KODA with a acceptable analysis result. There were some accessory issues but I don’t anticipate it’s a big accord not to assignment with it.
Dmitry Mishunin: If we’re talking about the tech side, as the acute contract, I am 100% assured in the project.
Dmitry Mishunin: I anticipate it will be bigger than the accepted cyberbanking industry. We are seeing abounding institutional investors, above companies like Microsoft, Facebook, are all entering the space. It’s actual accessible to use. I anticipate acceptable accounts sectors like banking, loaning, lending, and added will be adapted by decentralized accounts (DeFi).
