Read
Edit
History
Notify
Share
Zokyo
Zokyo is a cybersecurity company specializing in blockchain technology. They provide services to secure blockchain-based applications and infrastructure, including security audits and penetration testing for smart contracts and decentralized applications (DApps). Hartej Sawhney is the founder and CEO of Zokyo. [1]
Overview
Zokyo is a cybersecurity company focused on blockchain technology. It offers services to secure blockchain-based applications and infrastructure. It specializes in security audits and penetration testing for smart contracts and decentralized applications (DApps). It uses industry best practices and advanced methodologies to identify vulnerabilities and potential risks in blockchain systems. By conducting thorough security assessments, Zokyo helps clients ensure the security of their blockchain projects and the protection of user assets. Additionally, Zokyo provides educational resources and training programs to promote cybersecurity awareness within the blockchain community. They aim to enhance the overall security of blockchain technology and contribute to its long-term sustainability and trustworthiness. [1][2]
Zokyo Econ Lab
On December 7th, 2023, Zokyo launched Zokyo Econ Lab, a new division focused on assisting blockchain companies in optimizing their token economics to meet industry and regulatory standards worldwide. Specializing in enhancing growth within blockchain innovation, including ecosystems, protocols, foundations, and DAOs, Zokyo Econ Lab uses mathematical analysis to design comprehensive token models. These models aim to maximize value and foster sustainable growth by examining distribution, utility, governance, and incentives. The division seeks to create resilient ecosystems that enhance stakeholder engagement and project longevity through strategic optimization. [4]
Services
Smart Contract Review
Zokyo conducts comprehensive security reviews and audits to identify security vulnerabilities in smart contracts. This involves collaborating with project teams to understand the project in detail, followed by a meticulous line-by-line code review. The process is adversary-focused, aiming to uncover hidden errors, address design and logic issues, identify vulnerabilities, and mitigate risks before the code is pushed into production or onto the mainnet. The goal is to deliver the best security reviews, avoiding reliance solely on automated tools. [3]
Blockchain Protocol Review
Zokyo addresses its broad attack surface as blockchain technology evolves through advanced blockchain reviews. This involves an in-depth analysis of various protocol levels, including consensus mechanisms, protocol designs, cryptographic algorithms, network and application layer security, node security, and economic processes. Zokyo’s thorough review identifies potential technological and economic vulnerabilities and proposes remedies and cybersecurity measures. [3]
Cryptography Review
Zokyo's cryptographic services cover the mathematical algorithms within cryptographic hardware and software and their design, development, deployment, operation, and assessment within an organizational context. Zokyo offers a range of cryptographic review, advisory, and implementation services to help organizations adopt new solutions or ensure the trustworthiness of existing cryptographic services. [3]
Digital Asset Exchange Review
Zokyo enhances the security posture of high-liquidity digital asset exchanges, prime targets in the crypto ecosystem. This is achieved through a holistic review covering infrastructure, web and applications, blockchain protocols, and human factors, providing comprehensive protection and security enhancements. [3]
Penetration Testing
Penetration testing is a cybersecurity practice where Zokyo conducts authorized cyber-attacks to expose potential system weaknesses before malicious actors can exploit them. This approach helps to identify vulnerabilities, strengthen security defenses, and assess the impact of potential breaches. Zokyo's security experts employ advanced simulations of real-world attackers' tactics, techniques, and procedures aimed at high-risk cyber assets. Their approach encompasses assessing potential risks to critical data, understanding attacker motives and targets, delivering measurable results for assessing risks to essential assets, and identifying and addressing vulnerabilities and misconfigurations that pose potential risks of compromise in the future. Zokyo then provides a high-level executive summary report, technical documentation to recreate findings, fact-based risk analysis to validate results, and tactical and strategic recommendations for improvement. Each penetration test is customized to the client’s environment. [3]
Web Application Security
Zokyo's Penetration Testing services help secure web applications by identifying vulnerabilities and misconfigurations. Following the Open Worldwide Application Security Project (OWASP) Top 10 guidelines, Zokyo’s offensive web application penetration testing involves: [3]
- Gathering Intelligence: Collecting public information to breach user systems.
- Creating Test Cases: Constructing customized test cases based on identified threats and business logic flaws, incorporating OWASP vulnerabilities and CVE exploits.
- Executing Offensive Measures: Conducting extensive penetration testing using OWASP methodology, replicating attackers' methods and tools to validate and exploit vulnerabilities.
- Comprehensive & Accurate Reporting: Providing an exhaustive assessment of credible threats, ensuring zero false positives, and recommending corrective actions.
- Validating Remediation: Assisting the Engineering team in validating the effectiveness of applied security solutions.
Supported Chains
- LayerZero
- Protocol Labs
- Mysten Labs
- Movement Labs
- Linea
- BNB Chain
- Conflux
- Arbitrum
- Avalanche
- Base
- Chainlink
- Ethereum
- Aurora
- zkSync
- Solana
- Aptos
- Celo [5]
Security Audits
Zokyo has conducted numerous security audits and published reports for various companies and projects, including: [6]
- 1inch
- CORGI
- Fractal
- Hord
- IOTA
- MarsDAO
- Minterest
- Railgun
- Tigris
- UniFarm
- Wombat Exchange
- Wavefront
Partnerships
Uplift
On January 5th, 2022, Zokyo partnered with UpLift as its strategic security auditing partner. This alliance started as a smart contract audit and expanded to secure UpLift’s future projects and product offerings. Zokyo provided cybersecurity services, including penetration and infrastructure testing, to enhance UpLift’s ecosystem. [7]
Galaxy Fight Club
On January 6th, 2022, Zokyo partnered with Galaxy Fight Club (GFC), a cross-IP, cross-platform real-time player-versus-player fighting game in the NFT Universe. This strategic alliance enabled GFC to leverage Zokyo’s security expertise. As a security auditing partner, Zokyo also offered resources to support GFC in securely scaling its operations and future product launches. [8]
DeHorizon
On February 28th, 2022, Zokyo and Buidl Capital announced a partnership with DeHorizon, a company developing the next-generation metaverse gaming ecosystem. Following a security audit, Zokyo and Buidl Capital invested in DeHorizon and committed to supporting its long-term vision. This collaboration aims to facilitate the creation of a virtual carnival accessible to all metaverse participants across various blockchain networks. [9]
Struct Finance
On March 22nd, 2022, Zokyo and Buidl Capital announced a partnership with Struct Finance, a protocol offering structured products in the Decentralized Finance (DeFi) sector. This strategic alliance enabled Struct to leverage Zokyo’s security expertise. As a security partner, Zokyo also provided resources to help Struct securely scale operations and expedite future product launches. [10]
AdaSwap
On August 1st, 2022, Zokyo announced a partnership with AdaSwap, a decentralized exchange (DEX) based on Cardano. This alliance enabled AdaSwap to utilize Zokyo’s security expertise to strengthen its platform. As a Web3 security auditing partner, Zokyo supported AdaSwap with resources to ensure secure scalability and facilitate future product launches. [11]
Palmswap
On September 2nd, 2022, Zokyo announced a partnership with Palmswap, a DeFi platform specializing in perpetual contracts. This strategic alliance enabled Palmswap to utilize Zokyo’s security expertise to strengthen its platform offering. [12]
Acquire.Fi
On September 14th, 2022, Zokyo announced a partnership with Acquire.Fi, a platform at the intersection of Web3 and investing, aimed at inclusive wealth creation. This strategic alliance allowed Acquire.Fi to leverage Zokyo’s extensive security expertise. [13]
SupraOracles
On September 14th, 2022, Zokyo partnered with SupraOracles, a leading provider of next-generation oracle and cross-chain interoperability solutions featuring advanced cryptography. This strategic alliance aimed to innovate the Web3 space and enhance projects developed in the Move programming language. [14]
Shimmer Network
On November 9th, 2022, Zokyo announced its participation in the Touchpoint Open Builders Program and collaboration with Shimmer Network. Shimmer Network utilizes a feeless parallelized directed acyclic graph (DAG) ledger to enable users to build and secure customizable smart contract chains. Zokyo committed to supporting Shimmer and the broader Touchpoint ecosystem by providing necessary resources for secure operations and future product launches. [15]
Chirp
On December 20th, 2022, Zokyo announced a partnership with Chirp, a decentralized global wireless network specializing in IoT and high-speed wireless broadband. This technical partnership involved Zokyo supporting Chirp in blockchain design, development, and security. [16]
Global Interlink Marketing
On March 16th, 2023, Zokyo announced a partnership with Global Interlink Marketing, a community-based platform empowering GIL token holders in governance across various services. This strategic alliance allowed Global Interlink to utilize Zokyo’s Web3 cybersecurity services, encompassing smart contract auditing, penetration testing, and infrastructure testing. [17]
Rising Capital
On March 31st, 2023, Zokyo announced a partnership with Rising Capital to enhance security and foster innovation in Web3. This collaboration saw Zokyo providing security services, such as smart contract auditing, penetration testing, and additional cybersecurity measures, to support Rising Capital and its network of companies. [18]
VAF Compliance
On May 16th, 2023, Zokyo announced a partnership with VAF Compliance to advance risk analysis, innovation, and security within Web3. Moving forward, Zokyo committed to providing security services, such as smart contract auditing, penetration testing, and additional cybersecurity measures, to support VAF Compliance and its network of companies. [19]
BuidlersTribe
On May 29th, 2023, Zokyo announced a partnership with Web3-native incubator BuidlersTribe to enhance innovation and security within the Web3 space. As an ecosystem partner, Zokyo committed to providing security services such as smart contract auditing, penetration testing, and additional cybersecurity measures to support BuidlersTribe's startup support ecosystem. [20]
Conflux
On July 17th, 2023, Zokyo announced a partnership with Conflux Network to enhance security and foster innovation within the Conflux ecosystem. As part of this collaboration, Zokyo committed to providing security services such as smart contract auditing, penetration testing, and additional cybersecurity measures to support projects building on the Conflux Network. [21]
Andromeda
On September 11th, 2023, Zokyo announced a partnership with Andromeda Protocol to bolster security and promote innovation for projects utilizing the Andromeda Operating System (aOS). In this collaboration, Zokyo committed to supporting and prioritizing projects within Andromeda Protocol’s network by providing comprehensive security services. These services include source code analysis, smart contract auditing, blockchain protocol review, penetration testing, and more. [22]
FailSafe and Mamoru
On October 24th, 2023, Zokyo, FailSafe, and Mamoru joined forces to address rising concerns about cybersecurity threats and vulnerabilities. Together, they pooled their expertise to create robust measures to safeguard digital assets and transactions within blockchain and Web3 technology. This collaborative effort produced a comprehensive security solution tailored to these domains' unique challenges. [23]
Linea
On October 31st, 2023, Zokyo announced a new ecosystem partnership with Linea, a Layer 2 zk-Rollup platform developed by ConsenSys. This collaboration aimed to strengthen the secure deployment of innovative projects on the Linea platform. Zokyo committed to providing premium digital asset security services and solutions to dApps developed on Linea as part of this partnership. [24]
Zokyo
Commit Info
Edited By
Edited On
June 24, 2024
Feedback
Average Rating
How was your experience?
Give this wiki a quick rating to let us know!
Twitter Timeline
Loading
REFERENCES
[1]
[2]
[3]
[4]
[5]
[6]
[7]
[8]
[9]
[10]
[11]
[12]
[13]
[14]
[15]
[16]
[17]
[18]
[19]
[20]
[21]
[22]
[23]
[24]