XCarnival’s Primary Product, XBroker passes the Certik Security Audit

XCarnival’s Primary Product, XBroker passes the Certik Security Audit
Photo by Kelly Sikkema / Unsplash

According to Bloomberg, billions of dollars have been lost through rug pulls, hacks, and crypto scams. In these cases, both individuals and crypto platforms bear the brunt of such actions. For individuals, they lose their hard-earned money and crypto assets in the process. On the other hand, hacked crypto and blockchain platforms lose credibility as their reputation to safeguard their users' assets is ruined. Therefore, to ensure their platform is well secured against hackers, these platforms carry out a comprehensive security audit.

Recently, the primary product of XCarnival, XBroker passed the Certik security audit. This comes as a big plus to the platform as it will help ensure the safety of users' assets. Certik is one of the leading blockchain security companies specializing in verifying the security, efficiency, and effectiveness of blockchain-based systems and smart contracts.

Overview of the Certik Security Audit of XBroker

The essence of the security audit by Certik is to help XCarnival discover any underlying issues and vulnerabilities with its primary product XBroker. They need to ensure that the source code of XBroker does not have any flaws, and even it has, they can resolve them. The security audit also helped to identify contract dependencies that were alien to the officially recognized library.

Certik executed a comprehensive examination of XCarnival's primary product, XBroker. They utilized Static Analysis as well as Manual Review techniques in carrying out the security audit. During the security audit of XBroker, Certik majorly executed the following tasks:

  1. Tested XBroker's smart contract against both common and uncommon attack vectors.
  2. The security audit assessed the codebase of the product to ensure that it is in compliance with all current best practices and other industry standards.
  3. They also ascertained whether the contract logic meets the specifications and intentions of XCarnival.
  4. Certik compared the smart contract structure and implementation of XBroker to the smart contracts created by industry leaders.
  5. They carried out a thorough line-by-line manual review of the whole codebase of XBroker.

Certik made some findings ranging from just informational to critical. They recommended that XCarnival address those findings in order to ensure that the XBroker protocol has high-level security standards.

XBroker's Security Audit Report

In its vulnerability level assessment, Certik discovered there was no critical vulnerability issue with XBroker’s source code. However, they discovered that the smart contract protocol of XBroker had two major vulnerabilities, of which one of them was resolved while the other was acknowledged. XBroker also had two medium vulnerabilities, and Certik was also only able to resolve one of them while the other was acknowledged. Four minor vulnerabilities were identified, and three of them were resolved while one was acknowledged. There were three informational vulnerabilities; two were resolved, while the remaining one was partially resolved.

Generally, XCarnival's primary product XBroker was scored 94% by Certik's security experts. The Certik experts made some recommendations that will help strengthen the protocol, while XCarnival’s technical team explained in the reply that they will continue to increase the security level and reduce the level of centralization of the product.

Certik Security Recommendations for XBroker

The blockchain security experts recommended that XBroker enhance its general coding practices to ensure a better structure of source codes. Certik also recommended that XCarnival add enough unit tests to cover for possible use cases since they are currently not represented in the repository. For XBroker, XCarnival needs to provide more comments for each function in order to ensure readability. The security experts also recommended that the product offer more transparency on privilege activities whenever the protocol goes live.


Looking at the 94% pass mark at the time of writing this article, XBroker says it will follow the Certik Security audit recommendations to improve its security rating as an on-going task. Having a security rating of more than 99% should be the target for a product like XBroker, the primary product of XCarnival. For more details about the XCarnival platform and its product XBroker, you can see its official website.

Read more