Certik Skynet Quest— відповіді на всі квести
Тут ти знайдеш ВСІ відповіді на квести, залітай
Certik Skynet Quest— відповіді на всі квести
Skynet Rating
Web3 Security with Skynet
What feature of Skynet helps users assess the security of Web3 projects?
- Security Scores
Verified source code is one of the common security threats in Web3.
- False
Introduction to Account Abstraction
What is NOT a benefit of Account Abstraction?
- Allowing for transactions to be conducted fully anonymously
What is a real-world example where Ethereum’s account abstraction can be useful?
- All of the above
Operational Security
Non-blockchain components such as websites and software applications must be secured, as they can be targeted by hackers.
- True
What makes bug bounty programs beneficial for Web3 projects?
- They harness community expertise to identify bugs
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Team and Insider Risks
Why is it risky to invest in projects with anonymous teams?
- Lack of accountability and transparency
The CertiK KYC Badge means that CertiK ensures code safety.
- False
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Governance and Security in DAOs
Which issue is a common risk in DAO governance?
- Centralization risks in smart contract
Community approval is usually required before implementing changes to a DAO’s project model.
- True
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Code Security
What is the main purpose of conducting security audits on Web3 code?
- To identify and fix potential security vulnerabilities
A code repository’s regular updates and community involvement can be indicators of the team’s commitment to a project.
- True
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Governance and Security in DAO
Which issue is a common risk in DAO governance?
- Centralization risks in smart contract
Community approval is usually required before implementing changes to a DAO’s project model.
- True
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Market-Related Risks
What is a risk associated with tokens being concentrated in few wallets?
- It increases the risk of market manipulation
Why is high trading activity viewed positively in token markets?
- It indicates strong interest and potential liquidity.
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Community and Security Risks in Web3
Why is monitoring social media sentiment important for Web3 projects?
- Influences market stability and trust
Transparency decreases trust in the Web3 community and should be minimized.
- False
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security
Introduction to User Security
Why is user security particularly important in the world of crypto?
-Because crypto assets are often held in decentralized wallets with no central authority to help recover lost funds
What additional security measure is recommended beyond a strong password?
- Two-Factor Authentication (2FA)
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Ventures
Which is not part of CertiK Ventures’ current portfolio?
- Shiba Inu
What is CertiK Ventures’ Vision?
- Foster the growth of security-first projects
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Insights on Market Analytics
Which of the following metrics is NOT included in the Skynet Market Analytics section?
- Fully diluted market cap
Which of the following factors might contribute to a potential drop in the Market Category Score? (Select all that apply)
- High price volatility
- Whale movement
- Irregular trading volume
Skynet Security Score incorporates insights from Market Analytics.
- True
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Operational Security via Website Scan
Which are the primary categories of Website Scan? (Select all that apply)
- Network Security
- DNS Health
- Application Security
Negative scan results could suggest a project’s lack of attention to security.
- True
Further assessment and improvement of website security can be achieved through?
- Penetration Testing
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
GitHub Monitoring for Better Code Security
Which of the following factors are considered by the GitHub Impact Indicator?
- All of the above
If a project has a long existing GitHub account, age > 8 years, that means the project is secure and actively maintained?
- False
Good looking Activity Heatmap means improved code security
- False — Introducing new code may also introduce bugs and vulnerabilities
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Governance Activity Monitoring
Which of the statements best describes the governance indicator mentioned?
- It reflects the level of governance activity in comparison to other Web3 projects by aggregating various signals
Projects with low governance activity indicators suggests lower risk compared to higher ones.
- False
Which of the following values is not conveyed by governance activity?
- Project’s financial performance
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Skynet Rating
Insights on Token Holder Analysis
- False
Which of the following metrics is NOT included in the Skynet Token Holder Analytics section?
- Total Value Locked (TVL)
Which of the following factors might indicate the potential centralization risk of a project?
- High percentage on project owner holding
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Security Rating for Pre-Launch Projects
Which of the following categories is not included in the pre-launch project rating?
- Market Stability
Which of the Pre-Launch Stages represents the phase nearing a new market launch?
- Stage 2
Which of the following factors might boost the project’s pre-launch stage status closer to a new launch?
- All of the above
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
RWA Security and Leaderboard
What is a critical step in ensuring the security of tokenized real-world assets?
- Conducting regular smart contract audits
True or False: Compliance with AML and KYC regulations is unnecessary for tokenized RWAs.
- False
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Proof of Work versus Proof of Stake
Which consensus mechanism is used by Bitcoin?
- Proof of Work
Which is an advantage to using Proof of Stake?
- It saves massive amounts of energy
What is an advantage of using Proof of Work?
- It has a high bar of entry, making it hard for attackers to manipulate
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Security Score Impacts with OKX
What is the main purpose of integrating Skynet’s Security Score with third-party platforms?
- To increase security awareness
Which feature is available for OKX Wallet users regarding Skynet’s Security Score?
- Overall security score and subcategory scores
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Skynet Pulse — Real-Time Insights by Security Experts
How can users access the Skynet Pulse feature?
- By clicking on the heart icon at the top of the Skynet homepage
What information is provided next to each Pulse notification?
- The project’s security score and a link to their Skynet profile
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Apple Recognizes CertiK
How many times has Apple publicly thanked CertiK?
- 5
CVE #1 could have enabled hackers to do which of the following?
- Identify the structure of kernel memory
How did Apple address CVE #2?
- Improving buffer overflow protection
Web3 Security
Introduction to Wallet Security
What is the primary risk of using custodial wallets?
- If the custodial service experiences a security breach, hack, or service itself becomes inaccessible, you may lose access to your private keys.
What is a key practice for securing your wallet’s private keys?
- Storing them in a hardware wallet or encrypted offline location
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Best Practices for Wallet Security
What should you regularly do with your wallet to ensure security?
- All of the above
What should you always double-check before sending funds from your wallet?
- The recipient’s wallet address to ensure it’s correct
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Proof of Reserve
Proof of Reserve (PoR) guarantees against future changes and hacking risks.
- False
What is a limitation of Proof of Reserve?
- All of the above
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Recognizing Risk Signals on the Exchange
Why should you be cautious if someone you don’t know approaches you on social media about using a specific exchange?
- They Might be recommending a scam or fraudulent scheme
What could frequent or prolonged withdrawal freezes on an exchange indicate?
- The exchange has liquidity problems or internal issues
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Important Exchange Security Features
What does ISO 27001 certification signify for a cryptocurrency exchange?
- The exchange has strong information security management systems
What is the benefit of choosing an exchange with both proper licensing and security certifications?
- It minimizes the risks associated with using a cryptocurrency exchange
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Web3 Security · Skynet Rating
Introduction to User Security
Why is user security particularly important in the world of crypto?
- Because crypto assets are often held in decentralized wallets with no central authority to help recover lost funds
What additional security measure is recommended beyond a strong password?
- Two-Factor Authentication (2FA)
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Web3 Security
Private Key Security
Why is it important to keep your private key secure?
- If someone gains access to your private key, they gain access to your crypto assets
What is a best practice for private key security?
- Store it offline, preferably in a hardware wallet
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Web3 Security
Private Key Security: Seed Phrases
What is a recommended strategy for backing up your seed phrase?
- Create a backup and store it in secure locations
What is the main risk of storing your seed phrase digitally (e.g., in cloud storage or email)?
- It can be hacked or accessed by unauthorized parties
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Web3 Security
Losses Related to Private Key Compromises
How much was lost due to private key compromises in 2023?
- Nearly $881 million across 47 incidents
Which of these exchanges did NOT experience a security incident related to a private key compromise?
- Binance
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Web3 Security
Website & dApp Security
A dApp is a centralized application that primarily runs on mobile devices.
- False
What might indicate that a dApp is potentially malicious or risky?
- The dApp has limited documentation and transparency
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Web3 Security
Stay Vigilant on Browser Plugins
Which of the following is NOT considered a good security practice when using plugins?
- Using plugins promoted by users on social platforms
How do scammers carry out plugin attacks?
- Mimicking legitimate projects with similar functionality
- Sending unsolicited messages on social platforms
- Exploiting or taking over third-party plugins
Web3 Security ·
Identifying and Avoiding Phishing Scams in X Replies
Which of the following statements are correct?
- Display names on X can be misused to impersonate official accounts
- Scammers may disguise themselves using Gold Check accounts on X
In the MANEKI incident, what deceptive methods did the scammer use to trick users?
- Same display name as the official account
- A very similar username
- Same account profile picture
Which of the following is NOT true about the End of Thread practice?
- Users could always trust messages prior to the End of Thread
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security
Identifying Malicious Activity on Websites & dApps
How can you protect yourself from phishing attacks related to crypto websites and dApps?
- Be cautious with emails and messages that ask for sensitive information, and always verify links and URLs before clicking
What might indicate that a website is a scam or fake?
- The URL has subtle differences from the legitimate site, like extra characters or misspellings
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security
Intro to Airdrop Scams
Legitimate airdrops require you to provide your private key.
- False — projects never ask for such information.
Which is a common red flag of an airdrop scam?
- Requires software downloads from unverified sources
- Come via unsolicited messages on social media
- Website domain does not match the official site
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security
Choosing a Secure Exchange
Which of the following are key factors to consider when choosing a secure crypto exchange?
- All of the above
Choosing an exchange with both licensing and security certifications minimizes the risks associated with using a cryptocurrency exchange.
- True
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security ·
Common Web3 Phishing Methods
To prevent wallet phishing attacks, verify the data and understand the transaction before signing.
- True
You should always sign airdrops, even if the project team is unresponsive.
- False
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security
Importance of Bug Bounty Programs in Web3
Bug bounty programs in Web3 can offer rewards in the form of tokens and cash.
- True
What is a key benefit of bug bounty programs for Web3 projects?
- Use open source expertise for security
Which projects have published their bug bounty programs on Skynet?
- Massa
- Wemix
- Tonstakers
- Edu3Labs
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security
Evaluating Cryptocurrency News Sources
Community sources are inherently more trustworthy than those from professional sources.
- True
What should you check to evaluate the reliability of a news source?
- The author’s credentials
- The publication’s reputation
- Citations and references
- Consistency with other reliable sources
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security
Intro to Crypto Drainers
A crypto drainer can access your wallet through:
- All of the above
True or False: To protect against crypto drainers, it is recommended to use hardware wallets.
- True
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security
SIM Swap Attacks
How can an attacker obtain your personal information? (Select all that apply)
- Searching the dark web to find your previously leaked information.
- Browsing through your public social media accounts.
What is a common method to protect against SIM swap attacks?
- Use authentication apps like Okta or Authy.
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security
Protecting Yourself from Discord Scams
What tactic do scammers often use on Discord to exploit NFT investors?
- Posting fake offers for free mints or airdrops to exploit FOMO (Fear Of Missing Out)
What should you do if you suspect your Discord account has been compromised?
- Reset your password as soon as possible and ensure 2FA is enabled
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security
Hackers Infiltrating Crypto Job Boards
What is the annual revenue generated from fake hiring schemes?
- $600 million
How many North Koreans are directed to infiltrate the tech industry according to the UN?
- 4,000
What is one red flag during video interviews that can indicate a fake applicant?
- Refusing to turn on the camera
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security
Setting Up a Security War Room
What type of communication platforms should be used for a war room?
- Secure messaging apps
Why are drills and simulations important for a security war room?
- They identify weaknesses and improve team coordination
What should be included in a post-mortem analysis?
- All of the above
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
Web3 Security
Understanding and Preventing Sybil Attacks
What is a Sybil attack?
- An attack where one person creates multiple identities to take over a network.
What can a successful Sybil attack lead to in a blockchain network?
- All of the above.
How do consensus algorithms help defend against Sybil attacks?
- By making it impractical and costly for attackers to succeed.
Web3 Security
What Is a Keylogger?
How can you prevent hardware keyloggers?
- Regularly check USB ports for unfamiliar devices
What is a common use of software keyloggers by cybercriminals?
- Stealing sensitive information
Web3 Security
How to Create and Maintain Secure Passwords
Why should you avoid reusing passwords?
- To prevent hackers from accessing multiple accounts
What makes a password complex?
- A mix of upper and lower case letters, numbers, and special characters
How often should you change your passwords?
- Regularly to prevent expired passwords from being useful to hackers
Web3 Security
Cold Wallets
When should you consider using a cold wallet?
- Storing your crypto assets offline for safe and long-term storage
What are the different types of cold wallets?
- Paper Wallet
- Hardware Wallet
- Offline Software Wallet
What should you do when purchasing a hardware wallet?
- Always purchase a wallet directly from the manufacturer
- Check on hardware wallet’s security features
CertiK Blog
HACK3D Part 1: Top Incident Analyses
Which of the following is NOT listed as a top incident type in Q1 2024?
- Network Congestion
What was the eventual outcome of the attack on Munchables?
- The stolen assets were returned to the Munchables team
What event occurred shortly before the BitForex exit scam, raising suspicions of fraudulent activities?
- The CEO’s resignation
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
HACK3D Part 2: Private Key Compromise
What was the total loss attributed to private key compromises in Q1 2024?
- $239 million
Who suffered a loss of $112 million due to the compromise of personal private keys in Q1 2024?
- Chris Larsen
Storing all multisignature keys within the same BitWarden account is a secure practice.
- False
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
HACK3D Part 3: Rounding Issue Exploits
What is the primary target of the Rounding Issue Exploit?
- Newly-deployed lending pools
What was the outcome of the flaw exploited in the Kyberswap incident?
- Drainage of funds
Solidity’s computational libraries are designed for high-precision mathematical operations, minimizing the risk of rounding errors.
- False
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Build trust and integrity in project teams with KYC
Why is KYC important for Web3 projects?
- It helps users trust the team behind a project
What does a CertiK KYC badge signify?
- The project team has undergone a thorough identity verification process
How does CertiK’s KYC service protect against insider threats?
- By conducting rigorous identity checks on core team members
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
KYC Actors are Ramping Up Their Game
What is a key observation by CertiK regarding KYC fraud?
- Fraudsters are hiring professional actors to circumvent due diligence
What is CertiK’s KYC Badge designed to do?
- Verify development teams and prevent fraud
Why do KYC actors target traditional banks?
- To open bank accounts and store illicit funds
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Unveiling the KYC Actor Industry
What insight did CertiK gain from a KYC actor?
- Passing regular verifications is easy
What is the primary purpose of employing KYC actors according to CertiK’s findings?
- To steal funds from investors
What is essential for due diligence in Web3 start-ups according to CertiK?
- Thorough background investigation by professional investigators
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Best Tools for Tracking Top Crypto Wallets
Which wallet tracking tool supports creating custom dashboards with personalized wallet insights?
- Dune Analytics
Wallet tracking tools offer specific trading directions to make users money.
- False
What does wallet tracking help with?
- Monitoring crypto market trends
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
How CertiK Does KYC
CertiK’s KYC Badge process includes a video interview and identity verification to assess the background of key team members
- True
What are the main steps in CertiK’s KYC verification process?
- Video Call, ID Check, Review & Award
The CertiK KYC Badge means that CertiK ensures code safety.
- False
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Trap Phishing on Trusted Platforms
What are phishers trying to obtain from users in Web3 phishing scams?
- Crypto wallet private keys and mnemonic phrases
Phishing malware can steal private keys by asking users to download and run a fake game client.
- True
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Different Mechanisms for Honeypot Scams
What is a common red flag that a token may be a honeypot scam?
- An all-green chart with no sells
The blacklist mechanism in honeypot scams adds buyers to a whitelist, enabling them to sell their tokens freely.
- False
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Introduction to Formal Verification
Formal verification is a mathematical approach that helps identify vulnerabilities not found through conventional testing or code reviews.
- True
What does the specification language BISSOL help with in the formal verification process?
- Defining properties of contracts to be verified
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
How Exit Scammers Mint Tokens Undetected
What do exit scammers use to mint additional tokens without triggering a Transfer event?
- Bypassing the totalSupply metric
Locked liquidity pool tokens create a false sense of security for investors during a rug pull scam.
- True
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Introduction of Diamond Agency Contract
Facets in diamond proxy contracts are smaller contracts that implement specific features and are managed by a central diamond proxy.
- True
Why should the initialize function be protected in diamond proxies?
- To prevent unauthorized access to privileged roles
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Recognizing the Misuse of CertiK’s Brand
What should you do if you’re approached by someone claiming to represent CertiK but you doubt their legitimacy?
- Verify their credentials using CertiK’s Employee Verification tool
Fake recovery services often target individuals who have already suffered financial losses, promising to recover funds but demanding upfront fees.
- True
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Top Compliance Risks in Crypto
Which compliance risk involves using blockchain transactions for illegal activities like money laundering or terrorism financing?
- Exposure to illicit activities
CertiK’s SkyInsights analyzes transaction fees and doesn’t help companies comply with global regulations.
- False
How does SkyInsights help companies comply with global crypto regulations?
- By maintaining a repository of global regulations
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Hedgey Finance Event Analysis
The Hedgey Finance exploit was due to a missing line of code that failed to revoke campaign approvals after cancellations, allowing unauthorized token transfers.
- True
How much was initially stolen in the Hedgey Finance exploit?
- $2 million
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Bot-Driven Wash Trading in Exit Scams
- True
Which platform do scammers use to distribute tokens among multiple addresses? (Select all that apply)
- Disperse.app
- CoinTool
What might trigger social bots to broadcast posts on scammer tokens? (Select all that apply)
- Increased liquidity
- High trading volumes
- Rising market up
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Sonne Finance Incident Analysis
True or False: The precision loss vulnerability in CompoundV2 forks was first discovered in April 2023
- True
What was the total amount lost in the Sonne Finance exploit?
- $20 Million
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Advanced Formal Verification of ZK Proofs
Which of the following best describes a Zero Knowledge Proof (ZKP)?
- A way to verify the correctness of a computation without revealing its details.
True or False: The Load8 data injection bug in zkWasm is caused by improper tracking of call and return instructions, allowing hackers to inject fake returns and manipulate the execution sequence.
- False
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
How AI is Transforming KYC for Crypto Project Teams
What is a primary benefit of using AI in identity verification for KYC processes?
- Increased precision and speed in verifying identities
CertiK uses AI to enhance its background check process for its CertiK KYC badge.
- True
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Understanding the Impact of FIT21 on Crypto Compliance
FIT21 distinguishes between digital assets considered as securities, commodities, and other forms of digital property.
- True
What is one of the key goals of FIT21 for the U.S. blockchain and cryptocurrency sectors?
- To foster innovation and growth
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog ·
SkyKnight
What is the primary purpose of SkyKnight?
- To offer a fast and detailed security assessment tool for memecoins
What are the key features of SkyKnight?
- Deep analysis of smart contract code and comprehensive reporting
Who can benefit from using SkyKnight?
- Investors and developers
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog ·
SkyInsights: Crypto Compliance
What is the primary objective of SkyInsights for Crypto AML and Compliance?
- To identify and analyze suspicious activities in cryptocurrency transactions
Which regulatory body in the USA registers all Money Services Businesses dealing in Convertible Virtual Currency?
- FinCEN
Which of the following are key features of SkyInsights? (Select all that apply)
- Entity Labeling & Categorization
- Asset Movement Tracing and Logging
- Customizable Case Management & Audit Trails
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
OKX and CertiK Fast Pass Program
What role does CertiK play in the Fast Pass Program?
- Providing rigorous security audits for projects
How can users benefit from the Fast Pass Program?
- By receiving regular updates and detailed security reports
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Normie Incident Analysis
What measure could likely have prevented NORMIE’s security incident?
- A Smart Contract Audit
What was the initial vulnerability in the NORMIE contract?
- Allowing any address receiving a specific number of tokens to become a premarket_user
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Basics of Hackathons
Hackathons are places where white hat hackers receive rewards from bug counties
- False
Competitive hackathons usually competitions between:
- Small Teams
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog ·Hack3d Report Q2 H1 2024 — Part 1: Overview and Key Highlights
Which type of attack was the most costly in Q2 2024?
- Phising
What was the total financial loss due to security incidents in H1 2024?
- $1.19 billion
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog ·Hack3d Report Q2 H1 2024 — Part 2: Insights and Future Security Enhancements
What critical lesson was learned from the phishing attacks on DMM Bitcoin and 0x1e22?
- The need for user education and enhanced verification processes
What is a crucial step to prevent address poisoning attacks?
- Meticulously verifying wallet addresses before transactions
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
The Memecoin Markets of Springfield
Newly launched coins without any prior history/backing is susceptible to rugpulling.
- True
As an inexperienced cryptotrader, you should trade heavily in newly launched coins as it consistently returns a profit.
- False
Which address acted as the central fund collection hub for the rugpullers?
- Chief Wiggum
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog
Ordinals and the BRC-20 Standard
What is the BRC-20 token standard primarily used for on the Bitcoin network?
- Token creation and transfer
The BRC-20 token standard relies on JSON file inscriptions for its operations.
- True
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK Blog ·
Top Performing Cryptocurrencies of H1 2024
What was the purpose of the merger between SingularityNET, Fetch.ai, and Ocean Protocol?
- To form a decentralized AI alliance
Which token saw significant growth due to the launch of the TokenFi platform?
CertiK BlogWazirX Hack Incident Analysis
How did attackers exploit WazirX?
- Compromised private key in a multisig wallet
What was WazirX’s immediate response to the hack?
- Paused all trading and withdrawals
How much is WazirX offering as a bounty for the recovery of stolen funds?
- 10% of the total amount
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK BlogCertiK’s Journey to Samsung’s Security Hall of Fame
What did CertiK’s Skyfall team achieve in 2023?
- Secured a top five place in Samsung’s Mobile Security Hall of Fame
How many vulnerabilities did Skyfall discover in the Samsung Blockchain Keystore?
- Seven
What types of vulnerabilities were found in the Samsung Blockchain Keystore?
- Critical and high severity vulnerabilities
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK BlogUnderstanding BGP Hijacking and Internet Routing Security
What does BGP hijacking involve?
- Diverting traffic by announcing unauthorized IP address blocks
What are some key measures to prevent BGP hijacking?
- Resource Public Key Infrastructure (RPKI)
- Route Origin Authorization (ROA)
- Route Origin Validation (ROV)
What was the result of the KLAYswap BGP hijacking attack?
- Losses of $1.9 million
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK BlogUtopiaSphere Incident Analysis
What was the amount exploited from UtopiaSphere on 21 July 2024?
- $521K
What mechanism was exploited in the UtopiaSphere incident?
- swapBurn()
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK BlogVanity Address and Address Poisoning
What is the main risk of address poisoning?
- Sending funds to a scam address
How can you protect yourself from address poisoning?
- Always double-check the entire address
Vanity addresses are impossible to detect and there are no tools available to help users identify them
- False
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — —
CertiK BlogNavigating DAO Governance and the Compound DAO Incident
What was the primary controversy in the Golden Boys’ proposal to Compound DAO?
- The funds would be stored in a vault controlled by them
What legal structure is recommended for DAOs to protect members from personal liability?
- Limited Liability Corporation (LLC)
What method is suggested to improve governance participation in DAOs?
- Implementing weekend-free voting and experimenting with AI proxy voting
What significant security measures did Pepe implement to enhance trust and transparency?
- Undergoing a CertiK audit of its token contract
How is the ownership of Pepe tokens distributed among holders?
- The top 10 holders own less than 5% of the total supply.
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project FocusAptos | Layer 1
Aptos is a Layer 1 blockchain primarily designed to offer:
- A developer-friendly environment, focusing on scalability and security
Move is the programming language at the core of Aptos for smart contract development.
- True
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project FocusOndo Finance | RWA
Ondo Finance moved $95 million to BlackRock’s BUIDL in 2024 as part of their long-term strategy
- True
What specific actions does Ondo Finance take to ensure regulatory compliance?
- Conducts compliance checks and engages with regulatory bodies
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project FocusTON | Layer 1
What does the MasterChain do in TON’s network?
- Ensures consistency and security across the network
What peak transaction speed did TON achieve in CertiK’s performance testing?
- Over 100,000 TPS
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project FocusRipple (XRP Ledger) | Layer 1
What did CertiK audit for the XRP Ledger?
- The security of its Automated Market Maker (AMM) implementation
What do social monitoring insights indicate about the XRPL community?
- Highly active and engaged
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project FocusWormhole | Infrastructure
Wormhole was originally incubated by Jump Trading
- True
What is the maximum bounty offered by Wormhole’s bug bounty program?
- $5M
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project FocusEigenLayer | Infrastructure
What unique model does EigenLayer use to enhance the security of other protocols?
- Shared security model leveraging staked ETH
What purpose does the insurance mechanism serve in EigenLayer’s ecosystem?
- To provide a safety net in case of protocol failures or hacks
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project FocusEthena | Stablecoin
What method does Ethena use to stabilize its synthetic dollar, USDe?
- Delta hedging
What unique financial tool does Ethena introduce to offer on-chain yields?
- Internet Bond
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project FocusFriendTech | Social
Friend.Tech launched its native token in May 2024, distributing it entirely to VCs.
- False
What incentive does Friend.Tech provide through its bug bounty program?
- Rewards of up to 1,000,000 USDC based on bug severity
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project FocusWorldcoin | Store of Value
Worldcoin uses biometric verification to ensure each person can only claim their share once.
- True
What was a security vulnerability in Worldcoin’s Orb operator onboarding process?
- Operators could bypass verification without proper ID.
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project FocuszkSwap Finance | DeFi
What model does zkSwap Finance use to reward users?
- Swap to Earn
How many files did CertiK audit of zkSwap Finance in December 2023?
- 6
zkSwap Finance’s team is fully anonymous and unverified.
- False — The team has been KYC verified by CertiK
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·Edu3Labs | The Future of Education
What are the 3 key areas Edu3Labs focuses on?
- AI
- Education
- Blockchain
What KYC Badge level Edu3Labs achieved from CertiK?
- Gold
Which exchanges users can trade NFE?
- Gate.io
- MEXC
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·Core DAO | Infrastructure
Core DAO combines Delegated Proof of Work (DPoW) and Delegated Proof of Stake (DPoS) in its consensus mechanism.
- True
What ensures the scalability and security of Core DAO’s blockchain?
- Satoshi Plus consensus mechanism
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project FocusArbitrum | Layer 2
Who were the original developers of Arbitrum?
- Offchain Labs
Does Arbitrum run a Bug Bounty program? If so, how much?
- Yes — $2,000,000
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·Diamante Blockchain | Infrastructure
What did the April 2024 security audit conducted by CertiK find about Diamante Blockchain’s smart contracts?
- No Medium, Major, or Critical issues
What does the Gold KYC Badge signify in the context of Diamante Blockchain’s team?
- The team has been comprehensively verified, demonstrating high transparency
What applications are supported by Diamante Blockchain?
- PayCircle and CreditCircle
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·PAW Chain | Ecosystem
How many signatures are required for funds to be moved from PAW Chain’s Treasury multisig wallet?
- 6
What was the primary purpose of the CertiK KYC verification for the PAW Chain team?
- To ensure team transparency and reduce risk
What is the function of PAW Aggregator in the PAW Chain ecosystem?
- Consolidates liquidity across various blockchains to offer the best swap rates
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·Trinique | RAT
What is the name for Trinique utility token?
The TNQ token derives its value from active user base, token transaction volume, total value locked, and the performance of the asset classes.
- True
Which KYC verification badge did Trinique’s team receive from CertiK?
- Gold
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·Mint Club | Build Your Bonding Curve
What type of assets can be created using Mint Club’s platform?
- ERC20 tokens and ERC1155 NFTs
Which best describes the purpose of the MINT token on Mint Club?
- Base token for functionality and bonding curves
What recognition did Mint Club’s core team receive after completing KYC verification by CertiK?
- Gold badge
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·Mint Club | Building Your Bonding Curve
What type of assets can be created using Mint Club’s platform?
- ERC20 tokens and ERC1155 NFTs
What’s the creator benefit of using Mint Club’s Creator Royalties feature?
- It lets creators easily set royalties from 0% to 50% on their assets.
What’s the creator benefit of using Mint Club’s Airdrop tool?
- It simplifies the airdrop process with Public and Private options.
What’s the creator benefit of using Mint Club’s Bulksender tool?
- It allows creators to distribute tokens or NFTs on over 12 networks.
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·HanChain | Transforming Music Copyright
What services does HanChain provide to enhance fan engagement?
- MusiKhan, NFT-PLAY, AdKhan, and staking options
How has HanChain ensured security for its platform and team?
- Top 10% security score, Certik’s KYC verification, and ISO27001 certification
What benefits does HanChain’s decentralized copyright holder identity verification provide to artists?
- Copyright protection and fair compensation through royalties
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·OpenGPU | Harnessing Decentralized GPU Computing
What does OpenGPU leverage to support AI and blockchain applications?
- Decentralized GPU computing
How many operations per second can OpenGPU support?
- 5000
What is the purpose of OpenGPU Devnet?
- To test and innovate with advanced tools
How can users monetize their idle GPU resources on OpenGPU?
- By joining the decentralized computing network
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·Patex | Latin American Blockchain Ecosystems
What is the main focus of the Patex ecosystem?
- A comprehensive solution for the LATAM region
What is the primary function of the Patex Network?
- To solve scalability issues, increase transaction speeds, and reduce fees
What is the role of the PATEX token in the Patex Ecosystem?
- It serves as the main currency for transactions
How does the Bug Bounty Program help Patex?
- By identifying and fixing security vulnerabilities
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·Mintlayer | Build on Bitcoin
What is the primary function of Mintlayer’s blockchain architecture?
- To improve direct token interoperability with Bitcoin
How does Mintlayer enhance decentralization?
- By providing a built-in DEX for P2P transfers
What types of tokens does Mintlayer support?
- Both fungible and non-fungible tokens
What is the purpose of Mintlayer’s staking protocol?
- To enable users to participate in the block signer auction and earn rewards
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·Solidus AI Tech | High-Performance Computing
What security measures has Solidus AI Tech taken?
- Active bug bounty program
- Team KYC verification
- Security audit with automated formal verification
What can users access through the GPU Marketplace?
- High-performance computing power
What is the primary function of the $AITECH token within the Solidus AI Tech ecosystem?
- Payment for AI and GPU services
How many core team members are verified by CertiK?
- 5
— — — — — — — — — — — — — — — — — — — — — — — — — — — — — — — -
Project Focus ·Script Network | Open Source Video Protocol
What is Script Network?
- A Layer 1 open-source live TV platform, protocol, and storage network
What is the purpose of $SCPT in the Script Network ecosystem?
- Governance and staking
How does Script Network ensure security and trust within its ecosystem?
- By completing security assessments, maintaining an active KYC verification, and a bug bounty program
What can users do with Script TV?
- Watch multiple channels 24/7/365 and earn rewards