Mundus Security Technical Blog
2023-04-14 19:22

What is Deployment Check?

Ensuring Consistency and Security in Your Deployed Smart Contract

At Mundus Security, we pride ourselves on being a Solidity Smart Contract Audit firm, helping companies to build trust across investors, community, and partners. Our experience spans various domains, including DeFi, DAO, Token, and many more. We are excited to announce our new product: Deployment Check!

Check out our website and please join our community!

Twitter

Telegram

Website

Looking for audit, let's talk

Deployment Check: What Is It and Why Do You Need It?

Deployment Check is an expert review focusing on the consistency of a project's storage and codebase after deployment. It is specifically designed for projects with active development and regular updates, ensuring that the set of contracts and their settings remain consistent even after incremental changes.

This service is crucial to your project's security, as it helps to:

  • Identify inconsistencies in code versions between deployed smart contracts or discrepancies between deployed code and repository versions.
  • Verify that contract storage corresponds to developer expectations, ensuring that cross-references and variable names align with documentation.
  • Check the correctness of governance smart contracts, ownership settings, and roles.

What Does Deployment Check Protect Against?

Deployment Check aims to safeguard your project against various risks, including:

  • Errors in CI/CD, particularly in large projects.
  • Potential attacks from individuals with access to the codebase.
  • A wide range of human errors during updates or partial updates, such as incorrect cross-references, forgotten role members, or uncorrected ownership when fixing governance.

What do you need to start Deployment Check ?

To conduct a Deployment Check, we require the following:

  • A list of smart contract addresses (additional contracts discovered by our team can be included upon agreement in the SoW).
  • Project documentation.
  • Access to the codebase repository.
Upon completion, we provide a report detailing all inconsistencies and recommendations for their resolution. Two rechecks are included with a max duration of 14-30 days, depending on the project size.
Deployment check could be done much faster than audit (average 1-3 days) and become the crucial part in CI/CD process.

Deployment Check is essential for maintaining the consistency and security of your project's codebase and storage during updates.
If you are interested in increasing the security of your deployed codebase, we would be happy to jump on the call. Feel free to use our Calendly [click here].
**Please note that a security code audit is not included in the Deployment Check but it is a separate, more comprehensive service we offer.

Check out our website and please join our community!

Twitter

Telegram

Website

Looking for audit, let's talk