Faraland
  • Welcome to Faraland
    • About Faraland
      • Faraland – where everything is “unique”
      • Faraland – the continuation of a legend
    • Faraland's Lore
      • Battle Of Crystals
      • 7 Races of Warriors
        • Humans - Small Heroes With Super Power
        • Orcs — The Most Powerful Warriors In Faraland
        • Angels - The Creator’s Guardians In Faraland
        • Demons - The Seed Of Destruction
        • Elves - The Spirits Of The Deep Forest
        • Dragonborns -Mysterious Warriors
        • Fairies— Warriors Holding The Secret Of Time
    • Vision and mission
      • Metaverse and the future of Faraland
      • The Future of Blockchain Gaming Industry and Faraland’s Vision
    • Changelog Update
      • Faraland v0.3.7 Changelog
      • Faraland Changelog Update
      • Phase 5
      • Phase 4
      • Phase 3
      • Phase 2
      • Phase 1
    • Remarkable milestones
      • Faraland certified by CertiK
      • Official NFT Heroes Sale
      • NFT Heroes Revealing event
      • 20,000 NFTs officially sold out
      • $Fara IDO completed successfully
      • Exclusively for NFT and $FARA Holders
      • Mystery box sale
      • MVBII Winner & Sold 10,081 Mystery Boxes
      • Gacha/Equipment Marketplace launched with TVL of USD10M
      • PVE Mode Launched in Nov 2021 with 2,000 DAU
      • Demi Heroes and Staking options
      • The premiere of Infernal Summit
      • The first-ever rollout of Partnership Quest series
      • Overall txn stats
      • The continuous growth of further IDOs
      • Faraland's steadfast vision
      • Faraland Expedition Game - PvE mode
      • Website
      • Plans to come in 2022
      • In-app purchase for non-crypto users
      • Comparative advantage for NFT heroes over non-NFT heroes
      • Strategic Plans in brief
  • GET STARTED WITH FARALAND
    • How to download game?
      • Android Download Instruction
      • iOS Download Instructions
      • Faraland Register Instruction
    • How to login game?
      • Creating a Metamask Wallet
      • Connecting Metamask Wallet
    • Faraland basic Information
      • FARA token
      • Tokenomics
      • NFT
      • Soul Stone
  • FARALAND TUTORIALS
    • Tutorials
      • Preparing heroes
      • Team preparation
      • Preparing Items
      • Faraland Hero Line-up
      • Body Parts Characters
    • Hero
      • Stat
        • Update Core Game – Adjusting Base Critical Damage Stats and Dmg Formula
        • Hero Stat Addition Feature
      • Level
      • Skill
        • Skill tree
          • Skill tree of Humans
          • Skill tree of Orcs
          • Skill tree of Elves
          • Skill tree of Fairies
          • Skill tree of Dragonborns
          • Skill tree of Angels
          • Skill tree of Demons
        • Skill Books
          • Permafrost
          • Shield of Faith
          • Lightning Bow
          • Souls Drain
          • Frost Haven
          • Spiritual Healer
          • Wailing Infernal
        • Skill Slots
      • Appearance (Body Part)
      • Element
      • Race
    • Items
      • Equipment
      • Materials
    • PvE gameplay
      • Expedition Text Game Mechanism
      • Expedition Game – Reward and Quest System
      • NPCs and Quests
        • At Gruyeres
        • At Helga
        • At Kreta
        • At Farley
        • At Lumber Camp
        • At AugstMatthorn
        • At Piz Naiz
        • At Zermatt
      • Locations
      • Monsters
      • Adventure Mission Improvement Plan
      • Grima Boss and Emperor Stone
      • Adventure Mission Tutorial
    • PvP Gameplay
      • Mechanics
      • PvP mode
      • Faraland PvP Tutorial #1
      • Faraland PvP Tutorial #2 – Movement & Attack Range
    • Ingame Feature
      • Wheel of Fortune
      • Mailbox
    • Play-to-Earn
      • P2E Direction
      • Earning mechanism
      • In-game bonus $FARA
  • Features
    • Market Place
      • Marketplace Guidelines
      • In-game Heroes and Items
      • How to buy heroes?
      • Buy items from other players
    • Demi Heroes
      • Demi Heroes vs NFT Heroes
      • Demi Heroes Summoning
      • Demi Heroes and Soul Stones Marketplace
    • DAO Voting Function
    • Lady of the Lake
      • Lady of the Lake Update
      • Lady of the Lake
      • Gacha
        • Gacha machine mechanism
        • Gacha isn’t just Mythical Equipment
        • Gacha autumn treasure 2021
        • Gacha Winter Treasure 2021
        • $FARA for items in Gacha
    • Staking
      • Staking V3
      • Staking V2
      • Staking V1
    • Crafting
      • Artisan Blacksmith
      • BlackSmith
      • Dismantle Equipment Feature
      • Equipment Crafting
    • SkillShift (Token Skill Book)
    • Land
    • World Boss
    • Guilds
      • About the Guilds update
      • Hero Selection Optimization
      • Skill Books
        • Permafrost
        • Shield of Faith
        • Lightning Bolt
        • Souls Drain
        • Frost Haven
        • Spiritual Healer
        • Wailing Infernal
    • Tournament
      • PvP Tournament
        • PvP Beta Tournament – Infernal Summit
        • Infernal Summit – The Second Trail
        • Infernal Summit III: A Tale Begins
        • 5 TIPS for you to level up in PvP
      • Community Tournament
    • Security Audits
      • Why does Faraland focus on Audit?
  • Question and Answer Series
    • Q & A #1
    • Q & A #2
    • Q & A #3
  • Schedule
    • Non-NFT mechanism
    • Expedition Game
    • Faraland new in-game UI interface
    • Token Burn Monthly Schedule
Powered by GitBook
On this page
  1. Welcome to Faraland
  2. Remarkable milestones

Faraland certified by CertiK

Faraland passed a comprehensive inspection for the source code conducted by leading auditing firm CertiK. Faraland and smart contracts are claimed to have reached absolute security.

PreviousRemarkable milestonesNextOfficial NFT Heroes Sale

Last updated 1 year ago

Faraland, a game blockchain within the genre of turn-based strategy and RPG game with NFT hero is the core product, chose to perform its smart contract audit with CertiK, the leading formal verification platform for smart contract and blockchain audits, to ensure that its token is secure against some of the most critical vulnerabilities. With a platform that will be used across the world, Faraland placed an extra emphasis on security, so the choice to work with CertiK is extremely necessary. About CertiK — World-Class Auditor CertiK is a blockchain and smart contract verification platform founded by top formal verification experts from Yale and Columbia University and former senior software engineers from Google and Facebook. Different from the traditional testing approaches, CertiK attempts to mathematically prove blockchain ecosystem and smart contracts are hacker-resistant and bug-free. CertiK’s key features include a layer-based decomposition approach, pluggable proof engine, machine-checkable proof objects, certified dApp libraries, and smart labeling. Trusted by the security industry, CertiK has reached strategic partnerships with the world’s top Exchanges such as Binance, OKEx, and Huobi, as well as Public Chains such as NEO, ICON, and QuarkChain. CertiK is incubated and invested by Binance Labs, along with other world’s leading investors such as DHVC, FBG Capital, Bitmain, and Lightspeed. In order to raise the level of security to the highest, Faraland has chosen a leading auditor like CertiK to ensure that code security is top-notch. Now the company has published an official audited report for Faraland. Auditing Process The audit was performed by experienced economists, security researchers, and security engineers from CertiK, in collaboration with the Faraland research and development team. CertiK performed a comprehensive assessment of Faraland’s smart contracts to check for vulnerability. The auditing process pays special attention to the following considerations: Testing the smart contracts against both common and uncommon attack vectors. Assessing the codebase to ensure compliance with current best practices and industry standards. Ensuring contract logic meets the specifications and intentions of the client. Cross-referencing contract structure and implementation against similar smart contracts produced by industry leaders. Thorough line-by-line manual review of the entire codebase by industry experts. The Highlights of the Audited Report CertiK has found no critical issues on Faraland. Only one major and some medium issues have been found and the team has already handled all those issues by following the CertiK team’s advice. That means that the security aspect of the Faraland System is of high level. For technical details, refer to the full audit report from Certik here at our GitHub repository: For technical details about the issues and how to handle them, we have done just as described below; ECK-01 | Incorrect Fee Severity: Medium Description: rollEquipmentGacha() will mint random equipment. However its charges upgradeFeeInToken, rather than mintFeeInToken. Recommendation: double-check the fee mechanism to make sure the fee-charging is reasonable. ECK-02 | Potential Over Mint Severity: Medium Description: It is dangerous to change balances without checking item.maxSupply and item.minted. Suppose an item has the property maxSupply=10 and minted=9. The operator then call mint (account, id, 1). This will update item.minted=10. Users can still call upgradeItem() to burn the last tier of this item to mint this item. This will cause minted > maxSupply. Recommendation: check item.maxSupply and item.minted before updating balances and _item.minted. MKC-02 | Lack of Reentrancy Check Severity: Major Description Calling MoonKnight.buy(), MoonKnight.sacrificeKnight(), MoonKnight.cancel0ffer() and MoonKnight.take0ffer() might trigger function address.call(), which is implemented by the third party. If there are vulnerable external calls in the third party, reentrancy attacks could be conducted because these four functions have state updates and event emits after external calls. The scope of the audit would treat the third-party implementation as a black box and assume its functional correctness. However, third parties may be compromised in the real world that leads to assets lost or stolen. Recommendation: applying OpenZeppelin ReentrancyGuard library — nonReentrant modifier for the aforementioned functions to prevent reentrancy attack. Why Audit Matters? CertiK audit helps enhance the security of Faraland smart contracts to an international standard level. The aim of MoonKnight Labs is to make Faraland become the biggest war game on Blockchain and specifically on Binance Smart Chain. Also, we want to assure that our users can use Faraland with confidence and we always aim to keep Faraland at the best security level.

https://github.com/faraland/audit-reports/blob/master/Report_Faraland_Security_Analysis_By_Certik.pdf