Security Audit of Waves Enterprise Voting

Deteact team has recently conducted a security audit of the blockchain voting service which is a part of Waves Enterprise system.

Waves Enterprise system is a blockchain platform combining private and public networks. Waves Enterprise provides consulting, deployment, and support services.

Image for post

The audit included penetration testing of the client web application, server-side API, blockchain smart contract integration.

We’ve been able to identify several issues such as Insecure Direct Object Reference, stored Cross-Site Scripting, voting manipulation, regular expression injection, email HTML injection, etc.

All the issues have been immediately reported and soon fixed by the Waves Enterprise team.

Previously we’ve already successfully worked with Waves and tested other components of the Waves Enterprise system.

Link to the press release:

If you need a security audit of any application or network infrastructure, please contact us at [email protected] or visit a website

Leave a Reply

Your email address will not be published. Required fields are marked *