Technical Due Diligence

Under the technical due diligence the following areas are covered:

  • audit of Company’s SaaS platform architecture,
  • audit of Company’s SaaS platform smart contracts,
  • analysis, evaluation, and recommendations of standards and guidelines for developer operations in relation to Company’s SaaS platform, and
  • evaluation of the readiness of the Company’s SaaS platform for ISO27001.
Smart Contracts Audit

The main steps of the in-depth security audit of the smart contracts is summarized below.

Step 1: Automated Testing 

Simulation of a variety of interactions with the smart contracts under testing on a test blockchain leveraging a combination of automated test tools and manual testing to determine if any security vulnerabilities exist.

Step 2: In-Depth Manual Review

Manual line-by-line code reviews to ensure the logic behind each function is sound and safe from various attack vectors. This is the most important and lengthy portion of the audit process (as automated tools often cannot find the nuances that lead to exploits such as flash loan attacks). The engineers will allocate a significant amount of time to review every line of code involved with the smart contracts and create detailed documentation to support the content of the audit report.

Step 3: Resolution of Issues

Consulting with the Company to provide recommendations to ensure the code’s security and optimise its gas efficiency, if possible. Assist Company’s project team in resolving any outstanding issues or implementing our recommendations.

Step 4: Audit Report

Analysis of the results and findings and drafting of an easy-to-read report tailored to the Company’s project. The audit report will highlight resolved issues and any risks that exist to the project or its users, along with any remaining suggested remediation measures. Diagrams will be included at the end of each report to help users understand the interactions which occur within the project.

Platform Cybersecurity Audit

The main steps of the in-depth cybersecurity audit of the SaaS platform is summarized below.

Step 1: Decentralized Application Audit

This step is focused upon creating and maintaining a secure integration with blockchains, as well as upon protecting assets and reputation. Among other things, it involves securing the off-chain code, preventing private key leakage, and ensuring a secure connection to the blockchain.

Step 2: Penetration Testing

Penetration testing involves the proactive identification of weak spots in the decentralized application by putting the SaaS platform against a simulated cyberattack in a safe and controlled environment. This step also involves a full-scale security risk reporting, detection of multivector vulnerabilities, as well checks for intrusion possibility. The testing is performed in any platform with zero business interruptions and guarantees a high degree of accuracy.

Step 3: Blockchain Protocol Audit

This step involves the detection and fixing of consensus mechanism flaws, as well as protection against network vulnerabilities and prevention of costly errors by auditing cryptography and keys. Finally, as part of this step the Company will receive top-notch recommendations on fixing detected vulnerabilities.

Commercial Due Diligence

The commercial due diligence focuses on the following topics:

  • viability of the business model,
  • feasibility of the go-to-market channels (partner integrators, direct-to-consumer, etc.),
  • the technology’s efficiency and effectiveness in reducing future transaction costs at scale,
  • the Company’s product or service offerings, including the features, functionality, and benefits, how the product/service is differentiated from competitors, and if the product addresses real customer pain points in the market,
  • the potential for customer acquisition, retention, and building recurring sales volumes,
  • the pricing strategy for the direct and partner subscription model as compared to the market,
  • the customer acquisition cost for the direct and partner subscription model, and
  • the Company’s competitive position, including its strengths and weaknesses.

Our approach

client meetings & interviews

Interaction with the key client personnel to take a deep dive into the technical and commercial aspects of the solution.

technical and commercial assessment

Detailed an structured technical analysis of the client’s solution, as well as commercial assessment of aspects related to go-to-market strategy and business model.

delivery of reports

Preparation of detailed and comprehensive reports on the findings of the technical and commercial due diligence and organization of workshop sessions with the client for the dissemination of the results of the due diligence process.