Web3-Focused Infrastructure Audits

Most web3 projects require substantial infrastructure to deliver a high level of performance to their users. Whether that infrastructure is cloud-based, on-premise, or a hybrid model, there is always a risk of external hacks and configuration errors that could lead to serious consequences. These consequences include slashing for proof-of-stake node operators, downtime and external hacks for L2s and oracles, off-chain components for DApps and protocols, and more. Many mature projects opt to get an ISO 27001 or SOC v2 audit; however, vulnerabilities often remain overlooked because these certifications do not check any web3-specific configurations or protections.

Quantstamp has partnered with industry leaders such as CoGuard to take infrastructure scans to the next level. Our team of security researchers has developed a proprietary set of web3-specific checks and best practices exclusive to Quantstamp.

We are excited to add web3 infrastructure audits to our suite of services, a reflection of our commitment to securing the often-overlooked web2 aspects of web3 projects. These audits are often referred to as white-box penetration tests (pentests) of the network infrastructure, as they aim to prevent external hackers from gaining access to the internal network of your project’s core systems.

With a mission to secure the future of web3, we’re proud to launch a service that will benefit the entire web3 ecosystem by protecting projects against external attacks and node operators against slashings.