1. Home
  2. audit

audit

SEC Fines Prager Metis $1.95M Over Negligent FTX Audits

SEC Fines Prager Metis .95M Over Negligent FTX AuditsThe U.S. Securities and Exchange Commission (SEC) has reached a $1.95 million settlement with Prager Metis CPAs LLC and its affiliate over serious allegations related to their audits of crypto exchange FTX. The case highlights critical oversights and violations of key industry standards, raising questions about the firm’s practices and the risks it missed. “Prager’s […]

Crypto Analyst Predicts Incoming Bitcoin Parabolic Rally, Says BTC at Point Where Things Get Exciting

Liminal Says Grant Thornton Confirms Its Security Amid Wazirx Breach Concerns

Liminal Says Grant Thornton Confirms Its Security Amid Wazirx Breach ConcernsGrant Thornton’s review of Liminal’s infrastructure revealed no signs of any security breach within its frontend or backend systems, according to Liminal. Following a breach at Wazirx that resulted in the theft of over $230 million, internal and third-party investigations at Liminal identified a data discrepancy, though no security vulnerability was uncovered. The company emphasized […]

Crypto Analyst Predicts Incoming Bitcoin Parabolic Rally, Says BTC at Point Where Things Get Exciting

Elon Musk Agrees to Head Donald Trump’s D.O.G.E. Government Efficiency Commission

Elon Musk Agrees to Head Donald Trump’s D.O.G.E. Government Efficiency CommissionFormer U.S. President Donald Trump has announced a plan to create a government efficiency commission led by Tesla CEO Elon Musk if re-elected president. This commission would conduct a financial and performance audit of the entire federal government. Musk is pushing the idea of the Department of Government Efficiency (D.O.G.E.), emphasizing concerns about government overspending. […]

Crypto Analyst Predicts Incoming Bitcoin Parabolic Rally, Says BTC at Point Where Things Get Exciting

Elon Musk Can’t Wait to Reform US Government Spending and Regulations

Elon Musk Can’t Wait to Reform US Government Spending and RegulationsTesla CEO Elon Musk has expressed his eagerness to tackle excessive waste and regulations in the U.S. government, responding to a report that former President Trump is considering him for a role in auditing federal agencies. Musk emphasized the need to reduce wasteful spending to curb inflation and proposed forming a “government efficiency commission” to […]

Crypto Analyst Predicts Incoming Bitcoin Parabolic Rally, Says BTC at Point Where Things Get Exciting

Tether Posts $5.2 Billion Profit in First Half of 2024

Tether Posts .2 Billion Profit in First Half of 2024Tether Holdings Limited reported a record-breaking net profit of $5.2 billion for the first half of 2024, according to its latest assurance opinion for the second quarter. The report, conducted by BDO, highlighted Tether’s increased exposure to U.S. Treasury bills and a significant rise in group equity. Tether Reveals Mid-Year Financials The largest stablecoin issuer […]

Crypto Analyst Predicts Incoming Bitcoin Parabolic Rally, Says BTC at Point Where Things Get Exciting

Allegations of ‘Rug Pull’ Arise After Gemholic Team Withdraws $3.5M in Previously Locked ETH

Allegations of ‘Rug Pull’ Arise After Gemholic Team Withdraws .5M in Previously Locked ETHOn June 7, the team behind the Zksync project Gemholic withdrew 921 previously locked ethereum tokens in a suspected rug-pulling incident. The Gemholic team executed the theft despite reportedly completing the blockchain security firm Solidproof’s Know Your Customer (KYC) process. Zksync’s v24 Upgrade The layer two (L2) Ethereum blockchain scaling protocol, Gemholic, faced allegations of […]

Crypto Analyst Predicts Incoming Bitcoin Parabolic Rally, Says BTC at Point Where Things Get Exciting

Ernst & Young taps ZK-proofs on Ethereum to automate contracts

EY said it chose Ethereum instead of a private network as it is cheaper, more confidential and prevents a party from gaining a “strategic advantage” over another.

Big Four accounting firm Ernst & Young has launched an Ethereum-based solution using zero-knowledge proofs aimed at helping its private business clients facilitate complex contracts.

Called the EY OpsChain Contract Manager (OCM), the solution will help private businesses execute complex business agreements in a timely, confidential and cost-effective manner, the firm explained in an April 17 statement.

Among the types of contracts that can leverage EY’s Ethereum-based solution are purchase agreements, standardized rate cards, volume discounts, rebates and strike prices.

Read more

Crypto Analyst Predicts Incoming Bitcoin Parabolic Rally, Says BTC at Point Where Things Get Exciting

ChatGPT can’t beat human smart contract auditors yet: OpenZeppelin’s Ethernaut challenges

While ChatGPT-4 can’t compete with human auditors yet, OpenZeppelin noted it was not optimized to do so, and AI models trained for this purpose would likely be more accurate.

While generative artificial intelligence (AI) is capable of doing a vast variety of tasks, OpenAI’s ChatGPT-4 is currently unable to audit smart contracts as effectively as human auditors, according to recent testing.

In an effort to determine whether AI tools could replace human auditors, blockchain security firm OpenZeppelin’s Mariko Wakabayashi and Felix Wegener pitted ChatGPT-4 against the firm’s Ethernaut security challenge

Although the AI model passed a majority of the levels, it struggled with newer ones introduced after its September 2021 training data cutoff date, as the plugin enabling web connectivity was not included in the test.

Ethernaut is a wargame played within the Ethereum Virtual Machine consisting of 28 smart contracts — or levels — to be hacked. In other words, levels are completed once the correct exploit is found.

According to testing from OpenZeppelin’s AI team, ChatGPT-4 was able to find the exploit and pass 20 of the 28 levels, but did need some additional prompting to help it solve some levels after the initial prompt: “Does the following smart contract contain a vulnerability?”

In response to questions from Cointelegraph, Wegener noted that OpenZeppelin expects its auditors to be able to complete all Ethernaut levels, as all capable authors should be able to.

While Wakabayashi and Wegener concluded that ChatGPT-4 is currently unable to replace human auditors, they highlighted that it can still be used as a tool to boost the efficiency of smart contract auditors and detect security vulnerabilities, noting:

“To the community of Web3 BUIDLers, we have a word of comfort — your job is safe! If you know what you are doing, AI can be leveraged to improve your efficiency.“

When asked whether a tool that increases the efficiency of human auditors would mean firms like OpenZeppelin would not need as many, Wegener told Cointelegraph that the total demand for audits exceeds the capacity to provide high-quality audits, and they expect the number of people employed as auditors in Web3 to continue growing.

Related: Satoshi Nak-AI-moto: Bitcoin's creator has become an AI chatbot

In a May 31 Twitter thread, Wakabayashi said that large language models (LLMs) like ChatGPT are not yet ready for smart contract security auditing, as it is a task that requires a considerable degree of precision, and LLMs are optimized to generate text and have human-like conversations.

However, Wakabayashi suggested that an AI model trained using tailored data and output goals could provide more reliable solutions than chatbots currently available to the public trained on large amounts of data.

AI Eye: 25K traders bet on ChatGPT’s stock picks, AI sucks at dice throws, and more

Crypto Analyst Predicts Incoming Bitcoin Parabolic Rally, Says BTC at Point Where Things Get Exciting

Multiple US state regulators allege AI trading DApp is a Ponzi scheme

The scheme allegedly claimed it could generate returns of up to 2.2% a day by leveraging AI to trade more often and with higher profits than a person could.

Securities regulators from Montana, Texas, and Alabama have jointly filed enforcement actions against cryptocurrency trading platform YieldTrust.ai, alleging it is “perpetrating a Ponzi scheme.”

According to April 4 statements from the Montanan, Texan and Alabamian regulators, YieldTrust.ai and its Romanian owner, Stefan Ciopraga, claimed the decentralized application (DApp) called “YieldBot” is “powered by cutting-edge artificial intelligence” and is “capable of executing 70 times more trades with 25 times higher profits than any human trader could.”

The regulators alleged YieldTrust didn’t provide “any proof” to investors that the artificial intelligence (AI)-powered bot exists, “let alone that it is performing at the level YieldTrust.ai claims.”

Montana’s regulator stated in its cease and desist order that YieldBot was developed for Binance’s BNB Smart Chain and could interface with staking programs to generate returns for new investors of up to 2.2% per day through:

“[Analyzing] the crypto markets and – in milliseconds – make its own trading decisions, autonomously choosing from hundreds of trading methods and chaining them together to create unique strategies – achieving an exhilarating performance.”

However, the state regulators claimed an independent firm that conducted an audit of YieldBot’s smart contract found it was “dangerous,” as “the deploying team retained sufficient control to block users from withdrawing their assets.”

As noted by the regulator's statements and highlighted in an April 4 tweet from Montana’s securities commissioner, Troy Downing, scammers are apparently capitalizing on the hype surrounding AI “by developing high-tech ploys to deceive investors.”

An order from Montana’s regulator demands YieldTrust.ai cease and desist all activity in the state and seeks a total of $100,000 in fines while the Texas State Securities Board issued multiple cease and desist orders.

Related: Bloomberg reveals AI for financial data, community responds

After the audit of its smart contract was published, YieldTrust.ai allegedly announced it would cease operations, which appears to be verified by the lack of trading activity according to DappRadar data.

Activity on YieldTrust.ai’s dApp from Feb. 1 to April 5. Source: DappRadar

However, the regulator’s orders accuse YieldTrust.ai of “raising capital from the public to cover withdrawals from prior investors,” which, alongside the promise of high returns, are the characteristics of a Ponzi scheme.

YieldTrust.ai’s website has been taken offline and its Twitter account deleted. Cointelegraph was unable to contact YieldTrust.ai or Ciopraga for comment.

AI has become far more prominent, accessible and surrounded by hype since the release of the ChatGPT AI chatbot on Nov. 30 by AI research company OpenAI.

Despite its inaccuracy at times, ChatGPT has proved to be a powerful tool, with the latest version capable of passing the bar, acing SATs and even identifying exploits in smart contracts.

Hodler’s Digest: FTX EU opens withdrawal, Elon Musk calls for AI halt, and Binance news

Crypto Analyst Predicts Incoming Bitcoin Parabolic Rally, Says BTC at Point Where Things Get Exciting

Euler Finance hacked despite 10 audits in 2 years, says CEO

Euler Labs CEO Michael Bentley stated he will “never forgive” the hacker as the exploit caused him to lose time with his newborn son.

Ten separate audits conducted over a two-year period of the Ethereum-based lending protocol Euler Finance deemed it to be “nothing higher than low risk” and having “no outstanding issues” prior to it suffering from a $196 million attack.

In a series of tweets on March 17 Euler Labs CEO, Michael Bentley described the “hardest days” of his life after Euler’s $196 million flash loan attack on March 13.

He retweeted one user sharing information that Euler had 10 audits from 6 different firms, and commented that the platform “has always been a security-minded project.”

Blockchain security firms including Halborn, Solidified, ZK Labs, Certora, Sherlock and Omnisica conducted smart contract audits on Euler Finance from May 2021 to September 2022.

Halborn ranked its risk assessment by measuring the “likelihood of a security incident” and the impact it may have, with the risk level ranging from very low and informational, to critical — Euler received “nothing higher than low risk.”

It was revealed in a Dec. 2022 summary of Halborn’s audit that it had found “an overall satisfactory result.”

The summary stated 23 smart contracts were “inspected and analyzed” by Halborn over a one-month period, of which only “two low risks and three informational” risks were identified.

Euler stated it had reviewed Halborn’s coverage and concluded the risks “pose no significant threats.”

Blockchain security firm Omnisica addressed some “incorrect paradigms” in Euler’s base swapper implementation, as well as how the swap mode was “handled by the codebase” — but stated in the report that these issues were “properly dealt” with by Euler, and “no outstanding issues” remained.

Related: Euler Finance blocks vulnerable module, working on recovering funds

On March 16 the protocol’s hacker began moving funds through crypto mixer Tornado Cash only hours after a $1 million bounty was launched by Euler for information leading to the hacker’s arrest.

In his recent Twitter thread Bentley said he’ll never “forgive the attacker” as he was forced to “sacrifice time” with his newborn son due to the attack but thanked security experts who are “working on leads” for the investigation.

Only 24 hours prior to the bounty, Euler issued a warning saying it would launch a one “that leads to your arrest and the return of all funds” if 90% wasn’t returned within 24 hours.

Crypto Analyst Predicts Incoming Bitcoin Parabolic Rally, Says BTC at Point Where Things Get Exciting