Audits and Reports

Audits and Reports

Funds & Security Audits for Exchanges and Funds

We offer “Proof of Reserves” audits and Security audits for cryptocurrency exchanges, cryptocurrency funds, and other custodial services wanting to increase trust placed in them by their customers, regulators, and business partners such as financial institutions.

These audits help test whether or not a company is solvent, having enough customer assets to account for liabilities. They also help determine how susceptible a custodial service is to a security breach, particularly those that could result in the loss of customer funds, whether via a hack, social engineering attack, an internal breach, and a variety of other threats vectors. Thus, improved security measures can be taken to prevent a breach.

As the blockchain industry continues to mature, this level of transparency will be at a minimum a public expectation – and quite possibly a regulatory one.

Funds & Security Audits for Exchanges and Funds

Case Study

We have conducted a “Proof of Reserve and Security Audit” for Canadian exchange BitBuy and authored a report which is now featured on the BitBuy homepage.

Our suite of capabilities and resources includes Chainalysis certification, CipherTrace expertise, Crypto Defenders Alliance membership, an extensive network of law enforcement, legal and exchange contacts, and most importantly, deep experience with dozens of cases.

Audits and Reports

Security Audits for Blockchain Companies

Taking proactive steps to ensure security, to prevent a loss of funds in the first place, is always both cheaper and far more effective than taking action after a hack, theft, or breach has occurred. 

Unfortunately, blockchain companies, whether an exchange, investment/trading firm, OTC trading desk, liquidity service, payment provider, as well as other types of custodial services, all tend to think they’re far more safe and secure than they actually are until it’s too late.

The hacks and thefts you hear about in the news only represent a small sliver of the major hacks that result in considerable cryptocurrency losses. Hacking of cryptocurrency businesses is extremely financially lucrative. The best defence is taking proactive action to prevent such a breach from occurring in the first place by conducting a professional security audit.

Our scope of work in these audits often includes:

  • API Key management, procedures, & security
  • Tiered access policies, segregation, accessibility, & account management practices
  • Credential-related security & procedures, including recovery options
  • Wallet setup procedures, storage practices & accessibility
  • Review of procedures involving the movement of cryptocurrency between wallets
  • Account-related security concerns of services utilized
  • Risk assessment of services utilized e.g. exchange insolvency or enforcement action risk
  • Social engineering susceptibility
  • Red teaming to demonstrate how an organization would fare against a real-life adversary

Case Study: We were approached by a prominent blockchain company after they had experienced a data breach and a targeted “FUD” campaign against their business. To rebuild the trust of their business partners, they engaged us for performing a security audit and authoring a report.

Send Secure Message To Us

    Please review our Frequently Asked Questions prior to submission.

    Our typical response time is 24 hours or faster during working hours.

    We treat all provided information as strictly confidential.


    CipherBlade LLC
    301 Grant Street, Suite 270
    Pittsburgh, PA 15219