Smart Contracts security service for EVM

ORE System has partnered with ConsenSys Software Inc™ to offer their premier security analysis service for Ethereum smart contracts. Our mission is to ensure development teams avoid costly errors and make Ethereum a more secure and trustworthy platform.

Detailed analysis reports

Report

Complete summary of all the issues, including the source lines where they can be found.

Code

See the vulnerabilities directly in your source code, together with the steps to reproduce them.

Powerful

Industry-leading analysis techniques that accurately detect various security issues.

Scalable

Scalable and performant security-as-a-service that runs multiple analysis processes in parallel.

See our current coverage

The SWC Registry is a community catalog of known smart contract vulnerabilities with detailed descriptions, code samples, and remediations. MythX uses the SWC Registry as its database when scanning smart contracts for security issues.

SWC-101 - Integer Overflow and Underflow

An overflow/underflow happens when an arithmetic operation reaches the maximum or minimum size of a type. For instance if a number is stored in the uint8 type, it means that the number is stored in a 8 bits unsigned number ranging from 0 to 2^8-1. In computer programming, an integer overflow occurs when an arithmetic operation attempts to create a numeric value that is outside of the range that can be represented with a given number of bits – either larger than the maximum or lower than the minimum representable value.

SWC-105 - Unprotected Ether Withdrawal

Due to missing or insufficient access controls, malicious parties can withdraw some or all Ether from the contract account.

This bug is sometimes caused by unintentionally exposing initialization functions. By wrongly naming a function intended to be a constructor, the constructor code ends up in the runtime byte code and can be called by anyone to re-initialize the contract.

SWC-106 - Unprotected SELFDESTRUCT Instruction

Due to missing or insufficient access controls, malicious parties can self-destruct the contract.

SWC-110 - Assert Violation

The Solidity assert() function is meant to assert invariants. Properly functioning code should never reach a failing assert statement. A reachable assertion can mean one of two things:

  1. A bug exists in the contract that allows it to enter an invalid state;
  2. The assert statement is used incorrectly, e.g. to validate inputs.
SWC-127 - Arbitrary Jump with Function Type Variable

Solidity supports function types. That is, a variable of function type can be assigned with a reference to a function with a matching signature. The function saved to such variable can be called just like a regular function.

The problem arises when a user has the ability to arbitrarily change the function type variable and thus execute random code instructions. As Solidity doesn’t support pointer arithmetics, it’s impossible to change such variable to an arbitrary value. However, if the developer uses assembly instructions, such as mstore or assign operator, in the worst case scenario an attacker is able to point a function type variable to any code instruction, violating required validations and required state changes.

Reduce Cost. Increase Speed. Boost ROI.

Automated Smart Contract Security Audits provide a simple, repeatable, and cost-effective solution for managing risk. Creating an efficient, reoccurring security assessment program for your business and smart contract project.

Security is not a single effort. Attackers and risks change by the minute and ongoing security assessments are the only way to proactively ensure your business and users are not at risk.

Crypto Tokens Stolen

23:14 PM

Vulnerability Discovered

03:12 AM

Choose the right solution that fits your business.

ERC20/BEP20 Standard Token Smart Contract

Standard Tradeable Cryptocurrency Smart Contract for Cryptocurrency Token

Starting At

$299

ERC20/BEP20 DeFi Token Smart Contract

Deflationary Tradeable Cryptocurrency Smart Contract  for Cryptocurrency Token

Starting At 

$399

ERC20/BEP20 Dividened Rewards Token

Deflationary Tradeable Cryptocurrency Smart Contract  for Cryptocurrency Token with Dividend Reward

Starting At 

$499

* dividend tokens must exist on the swap platform and be tradable, with a liquidity pool in order to make a dividend.

ERC721/BEP721 NFT Smart Contract

ERC721/BEP721 Compliant NFT Smart Contract

Starting At 

$299

* OpenSea support requires Ethereum or Polygon

ERC1155/BEP1155 NFT Smart Contract

ERC1155/BEP115 Compliant NFT Smart Contract

Starting At 

$399

* OpenSea support requires Ethereum or Polygon

Ready to get started?

Don’t let Fear keep you awake at night.

Contact ORE Now To Make Security Manageable.