The State of Web3 Security

(Q1 + Q2) 2023 Powered by Hackerboard

Incidents Impact Analysis

$100M Club Trends & Projections

2022 - 2023
 Index

1. A Quick Summary 2
2. Introduction 3
3. Q1 & Q2 Key Statistics 4

4. The $100M Club 8

5. $200M Exploit: Understanding the Euler

Finance Attack 9

6. $127M Ponzi scheme: The Canine Cryptocurrency Scam 13

7. BonqDAO's $120M Oracle Hack 15

8. $100M Atomic Wallet Hack 17

9. DAO Hacks: Causes, Implications, and Lessons 20

10. Navigating the Future: Web3 Security Trends

and Projections 24

11. Securing your Investments with QuillCheck: Your

Web3 Due Diligence Partner
28

12. Quill Red Team: Reinventing Web3 Security 31

13. QuillAudits: Securing Your Web3 Journey 34

01
A Quick Summary

We have compiled a detailed analysis of Web3 security

incidents over the first half of 2023. Our report offers an in-
depth examination of hack incidences, their causes, and
financial implications, offering insights into the ever-evolving
cybersecurity landscape. With a total of 351 hacks recorded
during this period, the losses amounting to $605M highlight
the increasing urgency for robust security measures.

Among the diverse types of exploits, smart contract

vulnerabilities and rug pulls were the most common,
accounting for 36 and 39 hacks respectively. Logic errors
and private key compromises led to significant losses,
contributing to over $335M of the total amount.

In the spirit of learning from these alarming statistics and

fortifying the Web3 space, we've also introduced sections
focused on DAO Hacks and future security trends, setting
the stage for discussions about evolving our defences to
outpace the threat landscape.

02
Introduction:
Welcome to the QuillAudits Quarterly Report for 2023, a
deep dive into the Web3 security landscape across the first
two quarters. With the number of hacks in 2023 (351)
significantly surpassing the previous two years combined,
our mission to fortify digital assets against rising threats has
never been more critical.

Despite the overwhelming number of hacks, the total losses

($605M) show a decrease from the previous year. This
report unpacks these trends and their implications, with
sections dedicated to understanding the causes and
consequences of DAO hacks, as well as forecasting future
security trends and challenges in the Web3 ecosystem.

As a global leader in Web3 security solutions, QuillAudits

has continued to expand our offerings, initiatives, and
services aimed at safeguarding the digital asset industry.
From specialized auditing solutions to inventive tools and
products, our commitment to protecting your digital assets
remains stronger than ever. Join us as we delve into the past,
present, and future of Web3 security.

Stay tuned for a comprehensive journey through our key

initiatives, services, and product advancements that define
QuillAudits' growth, resilience, and unwavering dedication
to ensuring a safe and reliable Web3 ecosystem.

03
01
Q1 & Q2 Key
Statistics

04
Q1 & Q2 Key Statistics :

Monthly Hack Status

$216.72M
80 $200M
70 73 72
67
$164.70M

60 $150M
49
$106.56M
40 $100M
$66.57M
20
$39.27M
20 $50M
$14.40M

0 $0M
Jan Feb Mar Apr May Jun

No. of Hacks
Amount loss

Exploits by Type

$225M

80 $200M

60 $150M
$43M $110M
39
40 36
$100M
$31M

20 $50M
$10M
6 4 4
0 $0M
Smart Rug Pull Flash Loan Logic Error Private Key
Contract Attack Compromise
Vulnerability

No. of Hacks
Amount loss

05
First Two Quarters of 2023 as compared to 2022 & 2021

351
$1.7B

200 $1.6B

150 $1.2B

100 $800M
$658M $605M
53
50 38 $400M

0 $0M
2021 2022 2023

No. of Hacks
Amount loss

06
https://quillaudits.substack.com/

07
02
The
$100M
Club

08
 $200M Exploit: Understanding the Euler
Finance Attack

This appears to be an ice phishing attack. The scammer tricked users

into signing an approve function that authorized them to spend the
users' tokens on their behalf. The scammer then called the
transferFrom function and stole all of the users' assets.

The Nuts and Bolts of Euler Finance

Euler Finance functions as a lending platform, allowing users to

deposit crypto and let the platform lend it to others, or they can use
the deposit as collateral to borrow crypto. A user’s collateral value
must always exceed their borrowed amount to prevent liquidation.

Liquidation event emitted during the Euler attack. Source: Ethereum blockchain data

The platform operates with two types of tokens - eTokens (assets) and
dTokens (debts). When users deposit crypto, they receive eTokens
equivalent to the deposited coins. As these eTokens accumulate
interest, they become more valuable than the original deposited
asset.

09
Users have a “health score” based on their eToken to dToken value
ratio. A user needs more eTokens than dTokens to maintain a health
score above 1. Falling below this score initiates a “soft liquidation”,
where the system transfers some eTokens and dTokens to the
liquidator until the borrower’s health score returns to 1.25

The Attack on Euler Finance

The exploit involved draining various tokens from the Euler protocol.
The attacker initiated a series of attacks using three different
Ethereum addresses. The first attack drained about $8.9 million worth
of Dai from the deposit pool, and this was repeated for other deposit
pools, leading to an aggregate loss of $197 million.

The steps in the attack were as follows:

1. The attacker borrowed a large sum of DAI from Aave using a smart
contract.
2. They deposited a portion of this loan into Euler and received eDAI
coins in return.
3. The attacker then minted a substantial amount of eDAI, which led
to the generation of equivalent dDAI.
4. They paid off part of their debt by depositing more DAI into Euler,
reducing their dDAI debt.
5. This enabled the attacker to mint more eDAI, thereby increasing
their total eDAI minted.
6. After maximizing eDAI minting, the attacker destroyed a portion of
eDAI, which plummeted their health score, triggering the liquidation
process.

10
7. The liquidation process transferred debt from the attacker to the
liquidator account.

8. The attacker, now functioning as the liquidator, redeemed some

eDAI, returned the loan to Aave, and was left with a sizable profit.

Analysing the Exploit

The donateToReserves function in Euler's system, introduced in Euler

Improvement Proposal 14 (eIP-14), was identified as the primary
issue. This function enabled the attacker to remove assets without
reducing the corresponding amount of debt.

Moreover, steep discounts offered to liquidators provided an

attractive arbitrage opportunity, which the attacker exploited to siphon
off a significant amount of collateral without the need for collateral or
debt repayment.

11
Mitigating Future Attacks

To prevent a similar attack in the future, lending protocols need to

integrate necessary health checks in functions involving user funds.
Developers should also be aware of security risks that can emerge
from combining different modules.

In Conclusion

While the Euler Finance exploit was a significant setback for the DeFi
community, it provided valuable lessons. The attacker's decision to
return the funds mitigated the immediate losses. However, the event
underscores the need for continued diligence and better risk
management practices to safeguard the rapidly expanding DeFi
ecosystem

12
$127M Ponzi scheme: The Canine
Cryptocurrency Scam
In an unconventional twist to the burgeoning cryptocurrency world, a
South Korean company introduced an innovative blockchain
application, claiming to identify dogs by their unique nose wrinkles.
The project was paired with a proprietary cryptocurrency and
promised high investment returns

Cause of the Hack

This intriguing concept, unfortunately, turned out to be a disguise for
a Ponzi scheme of massive proportions. The company promised
lucrative returns of up to 150% in 100 days, enticing around 22,000
people to invest approximately $127 million.

The investigation revealed that the company's purported dog nose

wrinkle identifier was fake and didn't use blockchain technology as
promoted. The promised pet theme parks were non-existent, as the
company hadn't leased any sites for such purposes. The company's
deceit extended to its Ethereum-based token, traded on decentralized
exchanges and a prominent South Korean centralized exchange.

Precautionary Measures for Other Web3 Projects

While it's clear that the increasing interest in cryptocurrency and

blockchain technology can lead to innovative applications, this case
underlines the necessity of due diligence before investing in such
projects. Here are some precautionary steps:

Research Extensively: Always research extensively about the

company, its technology, and its founders before investing.

13
Beware of "Too Good to be True" Offers: Promises of high returns
in a short span should raise red flags. A legitimate business will
never guarantee short-term, high profits.

Verify the Technology: If a project claims to use advanced

technology such as blockchain, it's crucial to verify these claims with
experts in the field.

How Could QuillAudits Have Prevented the Hack?

At QuillAudits, we are committed to fostering a secure and

trustworthy Web3 environment. Our approach could have unveiled
this scheme before it escalated:

Code and Contract Audit: By analyzing the project's code, we could

have established whether it genuinely used blockchain technology as
claimed.

Financial Audits: We could have scrutinized the project's financial

model, which would likely have revealed the unrealistic return rates
indicative of a Ponzi scheme.

Security Audits: Our rigorous security checks would have identified

potential red flags and vulnerabilities.

In a world where new blockchain applications are emerging daily, it's

paramount to remain vigilant. At QuillAudits, we are dedicated to
ensuring the security and authenticity of Web3 projects, offering a
shield against fraudulent activities.

14
BonqDAO's $120M Oracle Hack
BonqDAO, a decentralized autonomous organization (DAO), recently
fell victim to a sizable smart contract exploit, leading to an estimated
loss of $120 million. The exploit was orchestrated via an oracle hack,
which allowed the perpetrator to manipulate the price of the
AllianceBlock (ALBT) token within the Bonq protocol.

Reason Behind the Hack

The root cause of the hack was a crucial flaw in the oracle
updatePrice function of one of BonqDAO's smart contracts. This
loophole permitted the hacker to manipulate the price of the wALBT
token drastically, leading to the subsequent exploitation of wALBT and
BEUR. The exploiter was able to:

Inflate the ALBT price and mint an exorbitant amount of BEUR

Swap the BEUR for other tokens on Uniswap
Drastically reduce the price to near-zero, initiating the liquidation of
ALBT troves.

15
Precautionary Measures for other Web3 projects

As an immediate response to the attack, BonqDAO paused its

protocol and actively developed a recovery solution. Nevertheless,
this incident serves as a stark reminder of the potential security risks
in the Web3 environment. Web3 projects should consider:

Regular and comprehensive smart contract audits by professional

auditors.
Implementing stringent security measures against price oracle
manipulation.

Constantly monitoring and updating their security protocols.

Building a contingency plan in case of security breaches.

In the aftermath of this breach, it is crucial to address these security

issues promptly. QuillAudits remains committed to ensuring a secure
environment for Web3 projects and mitigating risks associated with
digital assets.

16
$100M Atomic Wallet Hack
Atomic Wallet is a renowned cryptocurrency platform that offers a
desktop and mobile crypto wallet for multiple operating systems. It is
a repository for various digital currencies, spanning Windows,
Android, iOS, macOS, and Linux users.

The Hack and its Causes

On June 3rd, the Atomic Wallet team received reports of

compromised wallets, sparking an immediate investigation.
Alarmingly, this mass-scale security breach stole over $35 million
worth of cryptocurrency.

It is unclear how the compromise occurred; some users noticed the

theft after a recent software update, while others reported their crypto
was stolen without any updates. The first known stolen asset
transaction was detected on Friday, June 2nd, at 21:45 UTC

17
Regrettably, the scale of this breach has escalated. Recent analysis
indicates that losses have now surpassed $100 million. It is believed
that over 5,000 crypto wallets were compromised in the attack. At
least ten crypto addresses suffered losses exceeding $1 million, while
at least 164 faced losses over $100,000. The average loss for each
compromised wallet is estimated at $2,800.

Precautionary Measures for Other Web3 Projects

While the Atomic Wallet team works on mitigating the damage and
further investigating the hack, there are several important lessons for
other Web3 projects:

Enhanced Security Measures: Implement stronger security systems,

including multi-factor authentication and complex password policies

Software Updates: Ensure software updates are thoroughly security-

checked to avoid potential vulnerabilities

User Awareness: Inform users about the importance of not sharing

sensitive information and safekeeping their login credentials.

Real-Time Monitoring and Quick Response: Monitor system

activities in real-time and have a rapid response plan to swiftly act
upon any suspicious activities.

H ow Could QuillAudits Have Prevented the Hack?

At QuillAudits, we believe that the best defense is a good offense.
Our approach to securing Web3 projects is proactive, focusing on:

Comprehensive Audits: We perform meticulous audits of the entire

project, scanning every line of code to uncover potential
vulnerabilities.

18
Proactive Threat Hunting: Instead of waiting for an issue to arise,
we actively seek out and rectify potential vulnerabilities.

Real-World Threat Simulation: Our Red Team emulates real-world

cyber threats to test your defenses to their limits.

Continuous Monitoring and Improvement: With QuillAudits,

security isn't a one-time event but an ongoing process of monitoring
and enhancement.

As we witness the rapid evolution of digital landscapes, it's clear that

the Atomic Wallet hack is a sobering reminder of the importance of
robust security mechanisms in Web3 projects. With QuillAudits,
secure your project and stay one step ahead of potential threats.

19
03
DAO Hacks:
Causes,
Implications, and
Lessons

20
Decentralized autonomous organizations (DAOs) can revolutionize
how entities operate by providing a transparent and autonomous
management framework. However, with these innovations come new
threats.

The past few months have seen several DAOs fall victim to
cyberattacks, resulting in significant losses. Here's a deeper dive into
six such incidents, highlighting their causes, consequences, and the
necessary precautions to prevent such attacks.

1. VPANDA DAO: The Disastrous Rug Pull

VPANDA DAO, operating on BNB Chain, suffered a severe setback

when perpetrators orchestrated a "Rug Pull". The hackers made off
with approximately $265,000 in BUSD, transferred to an unidentified
address. A Rug Pull typically occurs when project developers
abandon it, taking the invested funds with them.

"The VPANDA DAO hack underscores the unpredictability and risks

of 'Rug Pulls', underlining the need for thorough project vetting."

2. NFDAO: Stripped Bare by a Rug Pull

In a similar attack to VPANDA DAO, NFDAO fell victim to a "Rug

Pull". The assailants managed to remove bulk liquidity and profited
around $88,300.

21
"NFDAO's Rug Pull exploit illustrates the necessity for secure liquidity
protocols to protect community interests."

3. Degen Zoo: A Mystery Still Unsolved

Degen Zoo, a project under DAO Maker, is suspected of having been

compromised via Binance Oracle. The exact details of the hack
remain undisclosed as investigations are still underway.

"The Degen Zoo incident is a reminder that even well-established

platforms can face security challenges."

4. PeopleDAO: Trapped by Social Engineering

PeopleDAO lost approximately $120,000 in ETH due to a social

engineering attack while distributing monthly contributor rewards. A
person with access to accounting privileges erroneously shared a link
with editing permissions, enabling a hacker to manipulate payments.

"PeopleDAO's experience emphasizes the importance of securing

internal communications and access permissions to prevent
unauthorized manipulations."

5. BonqDAO & AllianceBlock: Price Manipulation Woes

BonqDAO and AllianceBlock incurred an estimated $120 million loss

due to a flaw in BonqDAO's smart contracts. Hackers managed to
manipulate the price via the oracle, liquidating other users' holdings.

"The BonqDAO & AllianceBlock incident demonstrates how

exploitable smart contract bugs and oracle manipulations can be,
highlighting the need for robust smart contract audits."

22
Lessons and Reminders

These DAO hacks serve as harsh reminders of the constant security

threats present in the blockchain landscape. To safeguard against
such breaches:

Auditing Smart Contracts: Smart contracts should undergo

thorough and frequent audits to uncover potential vulnerabilities.

Securing Internal Communications: Proper protocols for sharing

sensitive information can help avoid unauthorized manipulations.

Strengthening Liquidity Security: Secure liquidity protocols can

protect community interests from "Rug Pulls".

Effective Project Vetting: It's essential to vet projects thoroughly

before investment, which can help identify potential "Rug Pull"
scenarios.

In the world of DAOs, while the opportunities for growth are

immense, so are the challenges. Continuous vigilance, stringent
security protocols, and comprehensive audits are the keys to creating
a safer ecosystem for DAOs.

23
04
Navigating the
Future: Web3
Security Trends
and Projections

24
Web3 Security Trends and Projections

As part of our mission to provide comprehensive and actionable

security information, our team has examined a vast amount of data
and has developed some key insights and predictions for the future
of Web3 security.

Trend Analysis

Fluctuation in Monthly Hacks: From January to June 2023, the

number of hacks per month varied between 20 and 73, with
February witnessing the highest number. Notably, the amount hacked
doesn't directly correlate with the number of attacks. For instance,
while February had the highest number of hacks, the most substantial
loss was recorded in March, with over $216.72 million. This disparity
underscores the fact that it's not just the frequency of attacks that
matter, but also the severity.

Types of Exploits: In terms of exploit types, the numbers reveal a

clear predominance of smart contract vulnerabilities and rug pulls,
which collectively accounted for the majority of the hack incidents.
However, these types of attacks led to less financial damage when
compared to logic error exploits and private key compromises,
which, although fewer in number, resulted in losses amounting to
hundreds of millions of dollars.

25
 Comparative Analysis
Comparing the first two quarters of 2023 with the corresponding
periods in 2022 and 2021 reveals a substantial increase in hacks.
However, despite the more significant number of hacks in 2023, total
losses have reduced compared to 2022. This suggests that while
attacks are becoming more frequent, security measures may be more
effective at limiting financial damage.

Predictions for Future Quarters

Based on the current data, we predict the following trends in the
coming quarters:

1. Increasing Frequency of Hacks: With the number of hacks

consistently showing a year-on-year increase, we predict an additional
30-40% rise in the frequency of hacks in the next year.

2. Severity of Hacks May Vary: While the frequency of hacks is

anticipated to increase, the severity (in terms of financial losses) may
not necessarily follow the same trend. We could see high-impact
incidents causing losses up to 40% more than the average in the first
half of 2023, mixed with several low-impact incidents.

3. Smart Contract Vulnerabilities Remain a Concern: Given the

prevalence of smart contract vulnerabilities, we expect this type of
exploit to account for around 40-50% of all hacking incidents.

4. Private Key Compromises Will Continue to be Devastating: While

these attacks are fewer, they result in massive financial damage, with
potential losses amounting to 100-200% more than the average loss
from other exploits.

26
5. Continued Need for Proactive Security Measures: Considering
these trends, the need for proactive security measures like regular
audits, stringent access controls, and continuous monitoring is likely
to increase by at least 50%.

At QuillAudits, we're dedicated to staying ahead of these trends and

ensuring your digital assets are protected. By understanding these
insights and predictions, you can be better prepared and well-
positioned to respond to the dynamic landscape of Web3 security.

Predictions for Future Quarters

Based on the current data, we predict the following trends in the
coming quarters:

1. Increasing Frequency of Hacks: With the number of hacks

consistently showing a year-on-year increase, we predict an additional
30-40% rise in the frequency of hacks in the next year.

2. Severity of Hacks May Vary: While the frequency of hacks is

anticipated to increase, the severity (in terms of financial losses) may
not necessarily follow the same trend. We could see high-impact
incidents causing losses up to 40% more than the average in the first
half of 2023, mixed with several low-impact incidents.

3. Smart Contract Vulnerabilities Remain a Concern: Given the

prevalence of smart contract vulnerabilities, we expect this type of
exploit to account for around 40-50% of all hacking incidents.

4. Private Key Compromises Will Continue to be Devastating: While

these attacks are fewer, they result in massive financial damage, with
potential losses amounting to 100-200% more than the average loss
from other exploits.

27
05
Securing your
Investments with
QuillCheck: Your
Web3 Due
Diligence Partner

28
In an increasingly decentralized world where Rug Pulls have become
a significant threat to digital investments, there's a crucial need for
reliable safety measures. QuillCheck is a 'Web3 Due Diligence tool
with Rug Pull Detection', ensuring you can navigate the choppy
waters of crypto investments with confidence.

Meet QuillCheck

QuillCheck is a powerful tool designed to help investors, enthusiasts,

and newcomers safely navigate the dynamic landscape of Web3 and
cryptocurrency. It focuses on providing actionable insights by
identifying valuable tokens while filtering out the subpar ones,
thereby aiding informed decision-making.

Why QuillCheck?

QuillCheck stands out with its advanced rug pull detection feature. It
uses interactive charts and risk indicators to provide a comprehensive
evaluation of token security, including market and code checks. Key
features include:

Real-time Risk Assessment: Stay ahead with live updates on the

potential risks associated with your tokens.

Comprehensive Code Analysis: Delve deep into the token's

underlying code to understand its strengths and vulnerabilities.

Market Adoption-Based Ratings: Understand the market sentiment

towards your token with ratings based on its adoption in the market.

D etection of Red Flags and Owner Privileges: Stay alert with

immediate notifications of potential warning signs and owner
privileges that could affect your investment.

29
 User-Friendly Interface: Enjoy an intuitive, easy-to-use platform that
makes due diligence a breeze.

How Does QuillCheck Work?

QuillCheck simplifies the process of assessing the safety of your
tokens. Here's how it works:

1. Increasing Frequency of Hacks: With the number of hacks

consistently showing a year-on-year increase, we predict an additional
30-40% rise in the frequency of hacks in the next year.

2. Comprehensive Analysis: QuillCheck performs code-based and

market-based assessments to create an in-depth report on the token.

3. Receive Detailed Report: This report includes details on ownership

permissions, external contract dependencies, transaction limiters, buy
and sell taxes, exchangeability, holders, and liquidity.

4. Honeypot Detector: As an added layer of protection, QuillCheck's

honeypot detector identifies potential scams, thus providing an
additional layer of protection while evaluating tokens.

Trust QuillCheck as your guide in the dynamic world of

cryptocurrency, providing you with the tools to navigate and invest
confidently.

30
06
Quill Red Team:
Reinventing Web3
Security

31
Addressing the rising tide of cyber threats, QuillAudits proudly
presents its latest initiative: the Quill Red Team (QRT). This
specialized team brings a dynamic, innovative approach to detect
and counteract overlooked vulnerabilities, taking Web3 security to a
new level.

The Mounting Challenges of Web3 Security

In the first half of 2023, reported hacks escalated to 70, compared to

just 4 and 2 in 2022 and 2021, respectively. Protocol logic
weaknesses accounted for $230 million in losses in Q1 2023.
Despite a decrease in financial terms from Q1 2022, the growing
frequency of breaches calls for stronger, more proactive security
solutions.

The Quill Red Team (QRT) Solution

In response to the evolving risk landscape, QRT has stepped up with
its team of expert auditors and developers. With over five years of
industry experience, QRT has secured over 850 projects and
protected $16 billion in digital assets. Their proactive approach
allows them to hunt down vulnerabilities before they surface,
emulating real-world cyber threats to test your defenses.

Why Choose QRT?

QRT combines insights from in-house auditors, external auditors, and
newly onboarded developers under the guidance of seasoned
professionals. Our bespoke service, including QRT as a Service
(QRTaaS), ensures tailored solutions to meet the unique needs of
your Web3 project. Security isn't a one-time event — it's an ongoing
process with QRT.

32
Trust the Proven Track Record of QRT

Join the ranks of over 850 projects secured by QRT. Trusted by

industry leaders, it's time for you to experience the QRT advantage.

Quill Red Team

33
07
QuillAudits:
Securing Your
Web3 Journey

34
 As a global leader in Web3 security, QuillAudits presents its
comprehensive suite of services and tools, backed by innovative
programs designed to meet and overcome the challenges of the
rapidly evolving digital landscape.

Auditing Services

We provide robust auditing services across numerous blockchains,

including but not limited to -

Ethereum BSC Polygon dApp

Wallet Audits L1 ZkSync Starknet

Polkadot Sui Solana Audits NEAR

Algorand Tezos Fantom Hyperledger

Due Diligence Services

In a proactive response to Web3's unique challenges, our services
include:

DeFi Diligence NFT Diligence Rug Pull Diligence

35
Web3 Security Suite
Our security suite features tools aimed at maintaining and enhancing
the security of your Web3 initiatives:

QuillCheck: Identifies potential rug pulls and scans contracts for

hidden risks.

Hackerboard: Provides real-time statistics, news, and comprehensive

analysis of Web3 hacks.

QuillShield: Offers contract error detection, threat monitoring, and

attack alerts.

QuillPlay: Secures smart contracts with auditing, deployment, and

monitoring tools throughout their lifecycle.

QuillMonitor: Facilitates live environment tracking of smart contracts

for anomalies and unusual activity.

QuillRelay: Conducts cloud-based, fully automated security audits for

detecting smart contract vulnerabilities.

36
A Deep Dive into QuillAudits' Product Suite

Hackerboard is your Ultimate Source

for all Web3 Hacks Information &
Analysis. Stay ahead of the game with
real-time statistics, recent news, in-
depth analysis, & a comprehensive
database of all web3 hacks since 2020.

Explore now

QuillCheck, a reliable solution for

investors,degens and new entrants to
navigate the constantly changing
landscape of web3 and cryptocurrency
safely. By identifying valuable tokens
and filtering out subpar ones, our
web3 due diligence tool provides
investors with easily digestible
insights, allowing them to make
informed decisions.

Check Now

37
QuillAudits Programs
We also run various programs to foster a secure and inclusive Web3
community:

Affiliate Program: A self-driven initiative that rewards individuals for

contributing to the security of the blockchain industry.

WAGSI Grants: Grants to support new builders in Web3, awarded

as audit credits on the QuillAudits platform.

Ambassador Program: Enlists enthusiastic individuals committed to

securing Web3 and keen to become integral to our mission.

QuillAudits remains committed to promoting safe, reliable Web3

ecosystems globally. Our diverse auditing services, comprehensive
tools, and community-building programs work towards securing
digital assets and providing innovative security solutions.

38
 Spotlight on Excellence (For Q1 and Q2)
Top Audited Projects & Voices of Trust

SpaceFi : Audit Report Polylastic : Audit Report

Pi Protocol : Audit Report FuseFi : Audit Report

xETH : Audit Report Baby Doge: Audit Report

Bit5(pentest) : Audit Report

39
 Our Voices of Trust

“We had an exceptionally good experience with

QuillAudits. They were thorough and timely”
~ Polylastic

‘’While researching similar companies, I came across

QuillAudits and from the moment we first contacted,
we were constantly supported and the process went
smoothly.” ~ Bit5

“It was just fantastic. Created a safe and secure

contract audit.”
~ Advon LLC

URDex Finance: “All great, quick response, high

efficiency, highly responsible team.”
~ URDex Finance

40
 / quillaudits quillaudits.com

2022 - 2023