Security

Security is Catoshi's #1 focus and where we succeed the most.

Our bridges have moved trillions of tokens successfully.

We have never been exploited or lost a token.

All our products approach security through simplicity.

The more complexity that is added to any system the more opportunity for error and increased attack vectors.

By design we use simple tried and true code and infrastructure to keep all systems secure.

Catoshi audits each of our products internally before anything is launched to Mainnet.

Our code has also been externally audited.

🔍 our Certik Audit Report for Apex bridge developed by Catoshi Team - LINK

Code Slip and Best Practices.

"Code slip" has been the cause of many bridge exploits

Catoshi team has experienced developers and auditing partners Spadetech.io that understand and actively review all code to avoid "Code slip" or any errors that stray from audited smart contracts and node script code.

Coding best practices are adhered to constantly reviewed by the developers to avoid any vulnerabilities.

Centralized vs. Decentralized Bridging.

Catoshi bridges have never been exploited and we are confident that they never will be.

Bug bounty - we have an open bug bounty for any vulnerability that is found in our bridge systems.

We have yet to have anyone find any vulnerabilities.

Most other bridge exploits have occurred from poor attempts to decentralize bridge code.

For this reason we have chosen a centralized model to host our current bridge node scripts.

In the future Catoshi team will be implementing decentralized technology and going fully decentralized on bridge node scripts.

This will be done in a high end and fully developed way that will make our bridges even more secure than they currently are without taking any short cuts as others have.

Centralized Model.

Bridge node script security is achieved through AWS (Amazon Web Services) tools and other industry leading server security tools.

AWS server is configured for high security usage

Firewall is locked down for only node script traffic

Cloudflare is used to protect servers from a multitude of common attacks on server infrastructure.

KMS is used to encrypt and manage keys and server user rights.

Encrypted keys and users rights are only accessible by the designated owner of the project team