Audit Company

Hacken

Hacken is a cybersecurity company with a focus on Web3, founded in 2017. The company was created in Kyiv and quickly gained attention by winning the HackIt cup. That same year the HKN token was listed. In 5 years the company became an internationally recognized tier-1 auditor and security tools developer.
Among its values, Hacken lists ethics, honesty, and mutual respect for the Web3 community.
DSA presents a unique series of reports on the smart contract and blockchain app auditor market. This report is published for the first time and is not affiliated with any specific vendor. The DSA expert team has performed an in-depth analysis of the blockchain security providers in the market. For that, a methodology was developed, and specific criteria were selected. The data provided in the report are actual for November 2022.
Contents
The main criteria for auditor review
1
Trustworthiness
At this point, we analyze the team, key players, as well as the experience of the company in the field.
2
Media Presence
In this paragraph, we analyze the social networks of the project, the engagement rate, and media publications.
3
Speed and service
In this paragraph, we analyze the speed of the audit as well as the speed of the team's response to the request.
4
Expertise
At this point, we analyze the company's experience with different networks, technological advancements, as well as additional services.
5
Price
In this paragraph, we analyze prices and additional services (We send the same sample contract to every auditor), sales, promo offers, bonuses, discounts, and legal transparency.
6
Quality
In this paragraph, we analyze audit quality, report analysis, and user experience.
Categories and sub-categories
6 categories are present in the review and each may be divided into sub-categories. Each category is evaluated to receive from 1 to 10 points. The same rule applies to each sub-category and the arithmetic mean value of the sub-categories will become a result of the main category. The main result will be calculated in the same manner.
Trustworthiness
  • Team members' separate experiences in the field
  • Current team’s experience in the field
  • Company experience (years of service, date of the first audit)
Media Presence
  • Social media (engagement rate, further – ER)
  • Media publications
Speed
  • Audit speed
  • First response speed (from a real person)
  • Follow-up response speed
Expertise
  • What blockchains does the company audit (rare chains and language get an additional point)
  • Technological advancements (developments, tools, automated tools)
  • Services (KYC, Incident research, marketing)
Price
  • Prices and additional services (We send the same sample contract to every auditor)
  • Sales, promo offers, bonuses, discounts
  • Legal transparency
Quality
  • Audit quality, report analysis
  • User experience

Detailed analysis

6 categories are present in the review and each may be divided into sub-categories. Each category is evaluated to receive from 1 to 10 points. Same rule applies to each sub-category and the arithmetic mean value of the sub-categories will become a result of the main category. The main result will be calculated in the same manner.

Trustworthiness

Average score 9/10

1

Team members' separate experiences in the field

The leadership team consists of 5 people:
Dyma Budorin Co-Founder and CEO
Yevheniia Broshevan Co-Founder and CBDO
Oleg Bevz Marketing Director
Andrii M. CTO

Every member of the leadership team possesses considerable experience of over 7 years in their respective fields.
2
Current team’s experience in the field
Aside from the key team members (CEO, CTO, COO, etc), the company’s LinkedIn page contains an employee list with 106 names. The staff includes technical specialists and auditors as well as HR, recruitment, and marketing specialists.
3
Company experience (years of service, date of the first audit)
Our company works according to the principle of individual approach to every client. This method allows us to achieve success in problems of all levels.

Media presence

Average score 8,17/10

1

Social Media

The company’s social media are active, Twitter is updated regularly and the company interacts with its audience even via tweets.
2
Media publications
The company’s articles are regularly published and the company's mentioned in the top online media. Among others, their media presence is established through Coindesk, The Times, The Washington Post, The Wall Street Journal, Cointelegraph, Forbes.

Speed

Average score 8,66/10

1

Audit Speed

Audits are performed within 10-11 days. Though it may seem long compared to cheaper auditors that deliver results within hours, it’s a fairly normal time frame for large and better-known tier-1 companies. On the contrary, extreme speed in this matter would seem suspicious.
2
First response speed
An answer was received 6 hours after the initial request. The response was provided by a human manager, not a bot.
3
Follow-up response speed
After receiving the response, we provided the required information. The manager was online, so they responded right away and the communication was held in real-time.

Expertise

Average score 10/10

1

What blockchains does the company audit

Officially, the company works in the following chains: Solana, Near, EverscaleTVM, Polkadot, Cosmos, Casper, Optimism, EthereumEVM, Avalanche, BSC, Fantom, Polygon, EOS. As can be seen from this impressive list, the company works with both EVM and non-EVM blockchains.
Aside from Solidity and Rust, they take on Cosmos chain projects on Cosmos SDK on the Go language. The company audits Polygon projects in Golang and Vyper, and EOS projects in C++. The company has no shortcomings when it comes to stack technologies. It’s competent with any blockchain.

2
Technological advancements
There is a hub where all the company’s developments are presented.
Leading products:
HaaS
HackenAI Bundle
ETD Stablecoin
hPASS
hVPN
In addition, there is a selection of miscellaneous DeFi features such as Staking, LP Farming, HAI Rounds, Education, Social Mining, Governance, Membership. The detailed info about each one is available on the aforementioned hub page.

3
Services
A notable service is hackenproof - a system of awards for bug finding. The company collaborates with the leading players in the market.
Aside from smart contracts audit, the company offers:
Blockchain Protocol Audit
Web 3.0 Penetration Testing
dApp Audit
Bug Bounty

There are also development solutions:
CEX/DEX
Metaverse & NFT
Launchpad
Startup

Prices and additional services

Average score 6,33/10

1

Audit prices, affordability

For a project with a code that’s a little more complex than that of a token, the company set a price of $79k. This price tag is higher than the average on the market, so it’s available only to big or well-financed projects.
2
Sales, promo offers, bonuses, discounts
In addition to the audit report, clients receive a certificate and an option to add an “audited by Hacken” badge to their website. The report is automatically added to the project page on CoinMarketCap, CoinGecko, and Certified. Also, if the project is eligible for the Hacken partnership program, the company may offer an expanded bundle of services that includes marketing support in the Hacken social media with over 100k followers.
3
Legal transparency
The company provides a legal agreement. Payments can be sent via a wire transfer, an invoice, fiat, etc. on demand.

Quality

Average score 7,6/10

1

Audit quality, report analysis

  • Issue description (thoroughness, code examples): YES

  • Project description and contracts (what do they do): NO

  • Conclusions (automatically generated vs written by specialists): NO
Conclusions are missing.

  • Recommendations: YES

  • Manual audits (a large number of automatically generated audits is a disadvantage): YES
2
User Experience
The company can be contacted through a form on the website or direct messages to the admins of their Discord and Telegram channels. This isn’t the most convenient way, since a client has to provide information by hand even to ask a question regarding services.
In the Telegram channel, the admin/manager contacts are not pinned, which is inconvenient. In the common chat, we had to wait for several hours for a response. If a question like “do you work with fiat and invoices” occurs, there’s nowhere to address it. This is a serious disadvantage for the company. In the end, we created a request in Discord and received a response 8 hours later.

Additional Information

Post-audit hacks and attacks
All information is gathered from an open source. Consider that because the company is well-known and audits large, notable projects, the possibility of a hack is increased compared to smaller projects. We are reviewing only the attacks that resulted in the loss of over $100k.

The amount of the lost funds - $8,480,000

Final Score

Considering the results presented in every category, the following points have been assigned:
  • 9/10 Trustworthiness
  • 8,17/10 Media presence
  • 8,66/10 Speed
  • 10/10 Expertise
  • 6,33/10 Prices and additional services
  • 7,6/10 Quality
The Final Score:
8,29/10
This is the analytic report in a series of reports on the smart contract and blockchain apps auditor market. Presented to you by DSA, it’s guaranteed impartial and factual information on the most well-known, new, and obscure players.
Follow us on Twitter and be the first to know about new reports
0XGUARD
Top Solana Vulnerabilities
Solana is a widely popular blockchain and attractively low transaction fees are certainly among the reasons developers choose it. Among Solana-based dApps are some of the most popular and valued projects. This is why knowing Solana and its weaker points is now more necessary than ever.

HASHEX

A Developer’s Guide: A Framework setup
Developers often ask how to correctly, efficiently, and securely set up a framework for developing smart contracts. This guide aims to help new developers do it quickly and conveniently.