We released a brand new security service
Check it out

Vidma is a Leader in blockchain
security audit

We have expertise across multiple DeFi protocols, layer one solutions, marketplaces, and more.

Request a Quote
Schedule a Call

Vidma focuses on ethereum virtual machine (EVM) ecosystems such as:

Layer 1
Layer 2

Our Key Security Services

Vidma specialists provide a range of security services to ensure the reputation and prosperity of your project. Safety comes first! Chose the service that suits your needs.

Smart Contract Audits

A Smart Contract Audit is required if you are about to release new product functionality, list your token on an exchange, or are ready to initiate a fundraising campaign. Our auditors will do a through review to certify your code. Your community, investors and partners can be confident the codebase is ready to provide safe operations and use.
Secure My Codebase!

Ongoing Code Review

Best match for projects in the active development stage and want to get cost and workflow optimization in sync with their development team. We are on call to review each significant change in your codebase and are charging for the amount of lines changed! Security services have never been easier or cheaper!
It's Time To Get Safe!

Penetration Testing

Penetration Testing will ensure that your environment is not vulnerable to various types of hacks and attacks. It is a "must" for wallets, exchanges, launchpads, marketplaces and other applications or platforms with rich interfaces and a high volume of funds flowing through the system or application.
Shield My Environment!

Our History Contributing To Your Safety

Back in 2020, we conducted our first smart contract audit. For the first 105 audits, our security experts worked under the brands of two partner companies. In 2021, after perfecting our expertise, Vidma was formed- we've done over 130 audits and counting.

Thanks to our professional team, techniques, and methods, we've managed to reveal plenty of security and operational issues with different severity levels. We've saved a day for a lot of projects and are proud to be ongoing security partners for many of them.

Below we've tracked the number of issues our team has found on all past projects.

134
Total amount of audits
97
Companies we worked with
1166
Total issues found
94
155
159
369
389
Critical
High
Medium
Low
Informational

Our latest smart contract Audits

They apply systems thinking to dynamically map out the influencing factors for each project. They establish relationships with partners who create added value and bring together the public and private sectors. They create cross-industry links for knowledge flows. They apply values that reinforce each other: socio-cultural value, experimental value, technical value, and economical value.

Score:
95.00
Check it out

Credit Unions, Cooperatives, and Individuals anywhere in the world can now earn higher interests in stable currencies on their savings.

Score:
99.00
Check it out
January 25, 2023

EGMigrate is a dApp for projects and token holders to upgrade smart contracts and swap old tokens for new ones. This EG’s technology allows seamlessly provide new tokens to their holders in a decentralised, secure way.

Score:
100
Check it out
December 14, 2022

EG’s mission is to leverage community action and blockchain technologies to grow a global movement that defies the status quo and makes profitability intrinsically linked to positive social impact.

Score:
99.50
Check it out
Check All Audits

Our Recent Audits

Credit Unions, Cooperatives, and Individuals anywhere in the world can now earn higher interests in stable currencies on their savings.

Score:
97.60
Check it out

POP Network is a user-friendly ecosystem of blockchain and AI applications built to power the streaming economy. Their vision is a universal system for turning attention into real-world goods and services.

Score:
95.60
Check it out

Credit Unions, Cooperatives, and Individuals anywhere in the world can now earn higher interests in stable currencies on their savings.

Score:
99.00
Check it out

milestoneBased is on a mission to fix a legacy system of VC capital inefficiency by revolutionizing collaboration on milestone management between crypto investors and startups. It is the first company to leverage a bloc

Score:
100.00
Check it out

Ukraine's Angels is here to help Ukrainian people to fight off the plague of war afflicting their communities right now. This is the world’s crypto family’s contribution to #StopTheWar.

Score:
98.20
Check it out

POP Network is a user-friendly ecosystem of blockchain and AI applications built to power the streaming economy. Their vision is a universal system for turning attention into real-world goods and services.

Score:
96.00
Check it out

INOFolio is a user-friendly ecosystem of blockchain and AI applications built to power the streaming economy. Their vision is a universal system for turning attention into real-world goods and services.

Score:
99.00
Check it out

POP Network is a user-friendly ecosystem of blockchain and AI applications built to power the streaming economy. Their vision is a universal system for turning attention into real-world goods and services.

Score:
95.00
Check it out

Ammbr applies systems thinking to dynamically map out the influencing factors for each project. They establish relationships with partners who create added value and bring together the public and private sectors.

Score:
95.00
Check it out
Check All Audits

Recent Hacks in blockchain world

Company
Crypto Bugs and Exploits
Lost
Mirror Protocol
May 28, 2022

On May 28th the exploit of Mirror Protocol has drained around $2M. Turns out it was not the only and not the first hack of the protocol.

In October 2021, Mirror Protocol faced a $90M exploit which went unnoticed until last week.

$90M + $2M
FORTRESS PROTOCOL
May 8, 2022

The price submit() function was publicly callable, which made the protocol's price oracle was vulnerable.

The attacker was able to drain all assets from the platform using just 100 FTS (~4.5$ at pre-hack prices) as collateral.

Attacker’s address - 0xA6AF2872176320015f8ddB2ba013B38Cb35d22Ad

$3M
Mad Meerkat Finance
May 4, 2022

Front-end side of the project was exploited. In the result, users swapping, adding or removing liquidity on the protocol had the output funds redirected straight into the attacker’s wallet.

It lasted around 3 hours, until the project team shut down the front-end. In discord they stated not to do anything with the website at that time.


"MM.finance site was the subject of a DNS attack earlier where an attacker managed to inject a malicious contract address into the frontend code. Attacker used a DNS vulnerability to modify the router contract address in our hosted files." - stated Mad Meerkat Finance team.

Attacker’s address: https://cronoscan.com/address/0xb3065fe2125c413e973829108f23e872e1db9a6b

~$2M
Company
Crypto Bugs and Exploits
Lost
CRYPTO.COM
01.12.2022
The stolen ETH was sent to Tornado Cash and the address has been inactive since Jan-18-2022 01:21:13 AM +UTC. The hacker bypassed existing 2FA, they bypassed the withdrawal whitelist, could this attack really have come from outside?
10,444 BTC
~$18.7M

Notable Crypto Bugs And Exploits in 2021

An estimated $14 billion was lost through crypto bugs and hacks in 2021

Cream Finance/Alpha
Finance: $37.5M
Furucombo: $14M
Yearn: $11M
February
Meerkat Finance: $32M
Paid Network: $27M
Roll: $5.7M
March
EasyFi: $59M
Uranium Finance: $57.2M
April
PancakeBunny: $45M
Spartan Protocol: $30.5M
Xtoken: $24M
bEarn: $18M
Value DeFi: $21M
Rari Capital: $10M
May
Compound: $147M
Vee Finance: $34M
DAO Maker: $4M
September
Poly Network: $611M
Popsicle Finance: $20M
Cream Finance: $18M
Punk Protocol: $8.95M
Xtoken: $4.5M
August
THORChain: $13M
Anyswap: $7.9M
Bondly: $5.9M
ChainSwap: $4.4M
July
StableMagnet: $27M
Alchemix: $6.5M
Eleven Finance: $4.5M
June
Cream Finance: $130M
Indexed Finance: $16M
October
bZx: $55M
MonoX: $31.4M
Snowdog: $18.1M
December
BitMart: $196M
Badgerr: $120M
Ascendex: $77.7M
Grim Finance: $30M
Visor Finance: $8.2M
November
Cream Finance/Alpha
Finance: $37.5M
Furucombo: $14M
Yearn: $11M
February
Meerkat Finance: $32M
Paid Network: $27M
Roll: $5.7M
March
EasyFi: $59M
Uranium Finance: $57.2M
April
PancakeBunny: $45M
Spartan Protocol: $30.5M
Xtoken: $24M
bEarn: $18M
Value DeFi: $21M
Rari Capital: $10M
May
StableMagnet: $27M
Alchemix: $6.5M
Eleven Finance: $4.5M
June
THORChain: $13M
Anyswap: $7.9M
Bondly: $5.9M
ChainSwap: $4.4M
July
Compound: $147M
Vee Finance: $34M
DAO Maker: $4M
September
Poly Network: $611M
Popsicle Finance: $20M
Cream Finance: $18M
Punk Protocol: $8.95M
Xtoken: $4.5M
August
Cream Finance: $130M
Indexed Finance: $16M
October
BitMart: $196M
Badgerr: $120M
Ascendex: $77.7M
Grim Finance: $30M
Visor Finance: $8.2M
November
bZx: $55M
MonoX: $31.4M
Snowdog: $18.1M
December
I Want to Secure My Project

Partners Who Trust Us

Our Notable Clients

Schedule a free consultation in 20 seconds!

Get in touch

Feel free to use the contact form below for information regarding an audit or a pentest with us.

Vidma is a leader in blockchain security audit with experience across multiple DeFi protocols, layer one solutions, and marketplaces. Our team of engineers and cryptography specialists provides security auditing, penetration testing, and vulnerability assessments.

Contacts

Home
About Us
Portfolio

Security Services

Smart Contract Audits
Ongoing Code Review
Penetration Testing
© 2022 All Rights Reserved Vidma
Terms and Conditions
Link to NDA form
Contact: security@vidma.io
© 2023 All Rights Reserved Vidma