Tag: audit

23 articles

The Open Source Technology Improvement Fund, Inc, thanks to funding provided by Sovereign Tech Fund, engaged with Quarkslab to perform a security audit of PHP-SRC, the interpreter of the PHP language.

Date Fri 28 February 2025
Author Elouan Wauquier
Category Blockchain

Allbridge mandated Quarkslab to perform an audit of their updated version of Estrela, an automated market maker for Stellar built on Soroban.

Date Tue 21 January 2025
Authors Dahmun Goudarzi, Sebastien Rolland, Ramtine Tofighi Shirazi
Category Software

The OSTIF engaged with Quarkslab to perform a security audit of the Notary project, focused on new features.

Date Wed 04 September 2024
Author Pentest Team
Category Software

Quarkslab was mandated by the Open Source Technology Improvement Fund, Inc. to proceed with the security assessment of the Operator Fabric project. The purpose of this assessment is to deliver an expert opinion of the security level reached by the application at a specific moment.

Date Tue 27 August 2024
Authors Elouan Wauquier, Madigan Lebreton
Category Blockchain

Drawing from our audit of Airswift's SCF, we discuss part of Soroban's security model and showcase common vulnerabilities. SCF, for "Supply Chain Financing", is the DeFi product developed by Airswift that "optimizes funds flow" between buyers and suppliers. It is developed on Stellar's smart contract platform: Soroban. Airswift mandated Quarkslab for an audit of their smart contracts, with support from the Stellar Development Foundation. In this blog post, we present the results of this audit, and share common pitfalls to avoid on Soroban.

Date Tue 16 July 2024
Authors Mihail Kirov, Sébastien Rolland
Category Software

We performed a security assessment of Cloud Native Buildpacks to help improve it, in collaboration with Open Source Technology Improvement Fund, Inc .

Date Tue 21 May 2024
Authors Damien Aumaitre, Laurent Laubin, Madigan Lebreton, Victor Houal
Category Software

Eclipse KUKSA's committers, with support from Eclipse Foundation, engaged with Quarkslab to perform an audit of Kuksa, an open-source framework that provides shared building blocks for Software Defined Vehicles. The goal of the audit was to assist the Eclipse Kuksa committers to increase their security posture using static and dynamic analysis (fuzzing in particular) and was organized by Open Source Technology Improvement Fund, Inc and made possible by the founding Eclipse Foundation received from the Alpha-Omega project.

Date Tue 07 May 2024
Authors Elouan Wauquier, Madigan Lebreton
Category Blockchain

Allbridge, with support from the Stellar Development Foundation, mandated Quarkslab to perform an audit of Estrela, an automated market maker for Stellar built on Soroban.

Date Tue 19 March 2024
Authors Madigan Lebreton, Elouan Wauquier
Category Blockchain

Allbridge's maintainers, with support from Stellar Development Foundation, engaged with Quarkslab to perform an audit of Allbridge Core implementation in the Stellar ecosystem. This new implementation uses Stellar's smart contracts platform: Soroban.

Date Tue 13 June 2023
Authors Dahmun Goudarzi, Damien Aumaitre, Ramtine Tofighi Shirazi
Category Software

Mithril Security engaged a collaboration with Quarkslab to perform an audit of the BlindAI-preview, now known as BlindAI Core, which is an open-source confidential computing solution for querying and deploying AI models while guaranteeing data privacy. The goal of the audit was to evaluate the BlindAI resiliency based on the definition of a threat model after a refresh on the latest state-of-the-art.