SolidProof x Crypto Challengers AMA Recap

CRYPTO CHALLENGERS
12 min readSep 2, 2023

--

Dear Crypto Challengers Community,

📍 Here is a recap of the AMA held with SolidProof on 10th August 2023, a session where we got to know more about SolidProof where the team answers the questions from Host & Live segment respectively. The AMA session was consisting of Introduction segment & Live segment.

🎃 Guest: Brandom Willis — CSO
⏰ Time: 12 PM UTC
🏟 Venue: https://t.me/CryptoChallengersD

Introduction Segment
- The host will introduce the guest and give a brief overview of their background. The host will then ask the guest a few questions about their work, their goals, and their vision for the future.

Live Segment
- The host will open up the chat to allow users to send their questions in the chat. The guest will select 5 questions to be answered.

Below is the recap of the AMA session that took place on 10th August 2023.

👉 Did you know? You can clap up to 50x. By clapping 50x you’re helping us to spread the recap.

Part 1 : Introduction Segment

What is SolidProof?

Your brief introduction hit it right on the nail. SolidProof is a leading registered security company based in Germany, operating under MAKE Network GmbH. It was established on May, 2020, but actually goes back further than that. SolidProof was established by 3 Co-Founders:

Mails Nielsen (CEO)
Kevin Arens (CFO)
Orhan Demis (CTO)

Since May of 2020, we have expanded to eight employees and have seen massive growth in terms of awareness, reputation and skillset even. We are tied to anything security related in the blockchain space and are partnered with most leading launchpads.

Could you please tell us about SolidProof’s services?

Sure thing! Here at SolidProof we specialise in the following:

Smart contract audits, penetration testing, KYC (Know Your Customer) processes, development (Smart contracts and anything Web3 related) as well as security consultations.

These are the services we offer, with most known services being the contract audits and KYC processes. Furthermore, we are expanding our platform and will soon not only be service providers. We have a new version of our app (app.solidproof.io) releasing shortly, which will include a new product for SolidProof. This includes automated booking procedures for even faster audits and KYCs, as well as a token minter in collaboration with 2 cybersecurity companies. More info on the upcoming SolidProof products will be released shortly on our Twitter and Website.

Tanmay:

Sounds great! Looks like SolidProof is one-stop-shop for blockchain security services :)

I’m kinda more interested in the automated booking procedures and KYCs.

Good way to streamline the process and to make it more efficient for both sides

Brandon:

That’s exactly it.

We are trying to make the process as straight forward as possible, as security is key in this young market and the process should not be complicated to project owners.

What sets SolidProof apart from other security providers in the crypto space?

My favourite question thus far. Let me start by saying this:

There are so many security providers out there with various “tiers”. 90–95% of them are not even actual registered companies and do not have any official employees. The teams are not even “doxxed”, so who can say something about how legit the security provider actually is. Who can say something about their skills in terms of security auditing? Who can tell for certain if these security providers will take on responsibility if an audited contract gets exploited? Will they take responsibility if a project that did a KYC with them rugs? That includes going to the authorities and opening up a lawsuit.

I can tell you that all of these unregistered security providers will most likely not take the responsibility needed and most likely do not have the technical skills are experience to actually put out meaningful reports.

So back to your question: we stand out by being a fully transparent registered blockchain security company. Our core members are listed on our website, along with a legal notice for everybody to see. All of our employees are on LinkedIn and we visit and sponsor crypto events in Germany multiple times a year. The recent blockchain event we sponsored was Germany’s largest event “Blockchance”, which was a great success.

Another point that makes us stand out apart from our products is our proactive collaboration with clients to fix issues found during the auditing process. Also our first re-audits are free of charge, giving the project more flexibility. In addition, we are regularly sharing educational content and will be hosting our own workshops soon and regular voice chats in our community channel.

This is a big topic that we could talk about for a long time. But to move on I will say “Done”

Tanmay:

I agree with you that there are many security providers in the blockchain space, but only a few of them are truly reputable

SolidProof’s transparency and accountability is a major point to be different from all the other security providers out there

In addition to your points, I also think that SolidProof stands out because of its focus on education & community

You regularly share those educational content on your website and social media accounts and you host workshops and VCs to help people learn more about blockchain security A great way to build trust with your clients and to help the community too đŸ’Ș

Brandon:

Yes, we have active collaborations with many communities including, but not limited to, many german communities that we also regularly see at events. Our educational content and AMA’s are shared into these groups to help educate as many investors as possible. We know how easy it can be to get lost and lose money in crypto. We are aiming to make the transition from Web2 to Web3 not only easier, but safer.

Exactly, on that note I would like to add our educational channels in here. More languages will come soon!

EN: t.me/SolidProofEducation
DE: t.me/SolidProofKurs

Feel free to check out our educational series here :) Info on our workshops will also be posted in here.

Tanmay:

I’m 100% confident that SolidProof will be a leader in the blockchain security in the years to come

A great team

A solid product

and a clear vision for the future

Brandon:

Appreciate that highly! That is our goal. We have been around for a long time and don’t plan on going anywhere soon. We are clearly seeing progress in this space in terms of security and adoption, and are glad to be on the forefront of blockchain security.

Tanmay:

There are so many scams & copycats in this space I agree with that but REAL is REAL.

Brandon:

It’s really alarming at this current moment. I think what people can currently see is that retail entering the market has slowed down slightly. With the majors not moving much and uncertain headlines, the market is basically waiting to take a direction. Thus there are many scams and copycats project-wise as a result of that. But this is only a short lasted period until the market makes moves again.

Which blockchains do you audit, and which ones are the most common?

Right, so SolidProof is actually present and auditing all EVM-Based chains. There is not one EVM-Based chain that we can or do not audit.

We do however have some chains where we are more present on. These would be Ethereum, Binance Smart Chain, Polygon, zkSync, Arbitrum, Moonbeam, AVAX, Tron

Also since recently, we have expanded to Base, which is a new chain incubated by Coinbase. We are already present on Base and have conducted the first smart contract audits on the entire network.

Tanmay:

Great to see that SolidProof is able to audit on all major blockchains

Also great that SolidProof is expanding to new chains

such as Base

Brandon:

Our team is dedicated to expanding to any blockchain that has a strong investor base. This also includes non-solidity language chains

As a blockchain security company, you possess extensive market insights.

Well, we do see narratives form through the requests that we get, and clients in general, yes. Also, we constantly engage in market analysis. Thus the reason why I mentioned earlier that due to the current market sentiment, we can see that scams and copies are increasing at this current moment.

Tanmay:

That makes sense. By understanding the needs of your clients and the overall market, you can develop security solutions that are effective against the latest threats.

What is your current assessment of the market sentiment, and how prevalent are scammers in these market conditions compared to others?

As previously mentioned I believe the current market is just hanging there stagnant at the moment with a lot of unclarity. I personally don’t see any new retail money coming in at this point, which will of corse change soon whenever the market starts to make moves again. What we have going on right now in the “rinsing” of retail money that is still left in the crypto market. Many legitimate projects are holding back from launching, waiting for better market conditions. I think this is a narrative that is wide-spread, as marketing efforts are not as effective in these market conditions. You can see this effect on presales also, which are not running as good as they normally do. A further sign of proof that we have low liquidity in these markets, and the majority of price action is through global market makers. Nothing that won’t change soon in my personal opinion. These are phases that young markets like crypto have to go through.Especially in times like these, it’s important to educate and force security through. Also, the perfect time to build is when it’s quite đŸ€

Tanmay:

True the market is currently with low liquidity & high volatility which makes it difficult for new projects to launch and for existing projects to raise capital

But strong projects will keep building

Let’s wait for the market conditions to change hopefully soon

What are common scamming methods that projects currently use?

So this is another topic that we could talk about for hours, and our technical team would have even more to say. Currently, there are in fact some schemes that scammers tend to execute.

This includes launching a multi-contract project, for example a DeFi project with staking, borrowing, lending etc. However, they only let their token contract get audited, which does not have anything to do with an exploit or rug from vault-related contracts for example. This means the project gets a simple token contract audited, and announces that they have been audited. Investors then think that the project is safe, because many do not even open up the audit report to see what exactly has been audited.

Another thing that many scams are doing right now is hosting presales on their own websites with “stages”. We have seen many going from 5 stages even up to over 30 stages, making the presale seem “never-ending” while the price rises. These presales often to not even have a presale contract behind them on the back-end, so investors are just depositing their funds to a single wallet which can simply be drained. Talking about presales, some also here get their token contract audited, which does not support a presale in any way, shape or form.

Investors need to be careful and always open up the audit report the see what contracts were actually audited, and what issues were found.

Especially for presales, it’s safer to stick with reputable launchpads and projects that have audit/KYC as a combo.

Tanmay:

Too many scams right now

It is very important for investors to be aware of the latest scams that are being used in the crypto ecosystem.

I see a new kind of scam like every week

What’s next for SolidProof? Can you share any upcoming news or announcements with us?

Next is our SAAT v2, which introduces a new UI to our app. People can search all audits on this app with a dashboard and upcoming scoring system, and every audit dashboard will provide project owners and investors with an option to download the audit as PDF. This integrates both common audit report methods into 1 HUB. Our upcoming token minter will have a bunch of pre-made contracts which are created by SolidProof from scratch. Each contract gets delivered with an audit report, meaning they do not need any further security checks on their token. Upgradable contracts will also be introduced in the future, as well as built in real-time monitoring and threat prevention through our partners Lossless.

The first updates on our SAAT v2 will start to roll out today.

We have a lot coming up, I would suggest everybody that is interested come join our community channel on Telegram to stay up-to-date. We will also be hosting weekly voice chats in there soon.

To conclude this segment, we have one final question. What advice do you have for investors on how they should approach the market, and what best practices should they follow to avoid falling victim to scams?

My advise is:

Stay away from any presales that are not fully audited and KYC’d. If something smells fishy, it most likely is fishy. There are so many possibilities to make money in crypto, don’t try and be greedy and take the next best play, although it does not seem fully legit. Prioritize security and make sure the security provider that does the audits and KYC are trusted and registered company. Otherwise, who will take responsibility and guarantee a thorough security analysis?

Always stay cautious, don’t bet all your money on one horse. Always open up a audit report and compare the contract that is in the report with the actual deployed contract. Check what is audited and take the found issues into consideration before investing.

SolidProof is your trusted security provider from Germany. If you have any questions on a project we have audited or KYC’d, please reach out to us. You can find all contact methods on our website solidproof.io

Stay safe. Report scams. Ask security providers any open questions.

The job of a security provider is to 
?

Tanmay:

secure them

Brandon:

Provide security. Exactly

On that note, thanks for having me and letting me talk about SolidProof and what investors should look out for! :)

I am here on Telegram to contact if anybody has any requests or questions.

Part 2: Live Segment

How does SolidProof’s extensive portfolio of over 1000 projects contribute to its knowledge and expertise in the industry?

A: During our audits over the past years, we have learnt a lot of new modern attacks and loopholes that scammers use to deceive security providers and investors. We are therefore up-to-date with the common scam attempts and flash loan attacks, as well as how to mitigate them.

Can you provide examples of previous audits you’ve conducted? Were there any notable findings or challenges?

A: To see our previous audits, visit solidproof.io for more info. Visit our GitHub and app, which can be navigated to through our website.

In your opinion, what has been the most impactful outcome of Solidproof X Digifinex so far?

A: This is one of our latest partnerships with a leading exchange. We have a few things planned which are not public yet, but follow our channels to not miss the news when it drops!

What kind of projects does SolidProof typically work with, and how does the company choose which projects to support?

A: We don’t typically avoid working with any project, unless we see that the project is a straight scam. We conduct security audits not only for project, but for its investors. Our reports are non-biased and we aim to provide transparency for every projects investors. We do not support any project that we audit or KYC, unless we are directly partnered with them or an incubator.

Can SolidProof help with incident response and recovery in case of a security breach?

A: Yes, we act fast on any breach. Recently, we even investigated and helped a big incident (Kannagi Finance) although another security provider audited the affected contracts. SolidProof is a security provider and takes its job in this space serious.

How do you stay up-to-date with the rapidly evolving regulatory landscape in the crypto industry?

A: Our team of experts and technicians are always informing themselves to have the edge and knowledge needed to adapt to our surroundings.

Can you share Your social media link? So that we can keep ourselves updated?please tell me this question?

A: Sure, visit our Twitter here twitter.com/solidproof_io and our website solidproof.io for all links!

Could you provide more details about SolidProof’s support for projects like VEMP Studios, UNCX, Arker, Zyberswap, Kryxivia, Pinksale, and Musure World?

A: These are all Gold-Status projects or incubations from SolidProof that have been fully secured by us. We are also working together closely with these teams on a regular basis and are kept in the loop. Basically, here we are active security partners.

The AMA is now over!

About SolidProof:

SolidProof is a leading brand under the German company Make Network. Established on May 30, 2020, they have experienced remarkable growth, expanding their team from two to a dedicated group of eight professionals. In 2021, they further expanded our operations, forming three distinct companies to enhance our service offerings.

--

--