Hacken

BACKGROUND

Please describe your company and position.

I am the BDM of QAN

Describe what your company does in a single sentence.

QANplatform is a quantum-safe Layer 1 hybrid blockchain platform that accelerates Web3 development for startups, SMEs, enterprises, and government projects by enabling smart contracts in any programming language, backed by memberships in the Linux Foundation’s Post-Quantum Cryptography Alliance and Blockchain for Europe.

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire Hacken to accomplish?

Security Audit of QANplatform's protocols

SOLUTION

How did you find Hacken?

• Referral
• Other

Why did you select Hacken over others?

• High ratings
• Great culture fit
• Good value for cost
• Referred to me
• Company values aligned

How many teammates from Hacken were assigned to this project?

2-5 Employees

Describe the scope of work in detail. Please include a summary of key deliverables.

QVM
Hacken conducted a comprehensive security audit of the QAN Virtual Machine (QVM) execution pipeline for QANplatform.

Audit Components:

• A primary scope of the audit is to determine if the QVM runtime can be abused to cause non-deterministic output given any output binary from any of the supplied compilers and an arbitrarily chosen state.
• The main scope of compiler and pre-compiler pentesting is assessing if there are situations in which:
• The supplied pre-compilers produce non-deterministic output from the same source code.
• The supplied compilers can produce non-deterministic output binaries given any output from the language-relevant pre-compiler.

Key Deliverables:

• Comprehensive Audit Report
• Audit Summary
• Scope Definition

QAN XLINK
Hacken conducted a comprehensive blockchain protocol security assessment of QAN XLINK, a cryptographic protocol enabling seamless migration from Elliptic Curve to Post-Quantum (ML-DSA-65) cryptography while preserving Ethereum compatibility.

Audit Components:

The entire XLINK folder codebase was reviewed, including:

• Key Generation & Derivation;
• Signature Generation & Verification;
• Address Derivation;
• Payload Creation & Validation;
• Link Payload;
• Renew Payload;
• Relink Payload;
• Cross-Validation Logic;
• Payload Serialization & Deserialization;
• State & Memory Management, Key Lifecycle, Memory Safety;
• Timestamp & Replay Protection;
• Version & Protocol Management;
• Utility & Helper Functions.
• Methodology: Assessment conducted using Hacken's Cryptography Audit Methodology aligned with NIST SP 800-115 and Penetration Testing Execution Standard (PTES)

Key Deliverables:

• Comprehensive Audit Report
• Audit Summary
• Scope Definition

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

QVM
1. Vulnerability Identification and Resolution:

• Identified 22 potential issues through comprehensive testing
• Successfully fixed all 22 identified issues
• Zero critical findings discovered
• All findings were resolved
• Protocol successfully passed comprehensive security audit​

2. Testing Coverage and Verification:

• Executed over 2,800 test cases through AI-powered threat modeling
• Verified deterministic execution under stress conditions
• Tested across multithreaded and high-concurrency scenarios

3. Determinism Validation:

• Confirmed the QVM's ability to deliver consistent, predictable results across all nodes
• Verified that complex Linux binaries execute deterministically without requiring developers to use restricted programming languages
• Validated that the deterministic execution mechanism functions correctly even with any programming language input

4. Architectural Security Assessment:

• Completed comprehensive review of the QVM's execution logic
• Assessed protocol architecture and security properties

5. Innovation and Community Impact:

• Custom AI-powered threat modeling tool developed specifically for the QVM and open-sourced for the Web3 community
• Set a new benchmark for Layer-1 security reviews and VM auditing methodologies

QAN XLINK
1. Security Assessment Results:

• Zero critical issues identified​
• Protocol successfully passed comprehensive cybersecurity audit​

2. Cryptographic Validation:

• Verified ML-DSA (FIPS 204) lattice-based Post-Quantum Cryptography algorithm implementation complies with NIST standards​
• Confirmed protocol's ability to protect against quantum computing attacks targeting exposed public keys​
• Validated quantum-safe signature generation mechanisms​

3. Integration Validation:

• Confirmed seamless integration with existing EVM-compatible blockchain ecosystems​
• Validated keypair management across Ethereum-compatible wallets​

4. Protocol Architecture Verification:

• Confirmed the protocol's architecture through formal verification and code review​
• Validated the hybrid ECC + ML-DSA design for EVM compatibility​
• Assessed protocol security properties and implementation correctness​

5. Standards Compliance:

• Achieved compliance with NIST post-quantum cryptography standards (FIPS 204)​
• Ensured alignment with international cybersecurity best practices​

Describe their project management. Did they deliver items on time? How did they respond to your needs?

Hacken demonstrated excellent project management throughout both audits. The team completed both the QVM audit and the XLINK audit in 2025, maintaining agreed timelines.​

Responsiveness to needs:

Hacken's team went above and beyond by developing custom solutions tailored to our specific requirements. For the QVM, they created a proprietary AI-powered threat modeling tool to handle the unprecedented complexity of our multi-language runtime, evaluating over 2,800 test cases. They recognized the novel nature of our technology and adapted their methodology accordingly.​

The team provided clear communication throughout both engagements, offering detailed remediation guidance and recommendations aligned with industry best practices. Their professionalism, technical expertise, and willingness to innovate made the entire audit process smooth and efficient.

What was your primary form of communication with Hacken?

• Virtual Meeting
• Email or Messaging App

What did you find most impressive or unique about this company?

What truly set Hacken apart was their innovation and willingness to push beyond conventional audit methodologies.

Most impressively, for the QVM audit, Hacken developed a custom AI-powered threat modeling tool specifically designed to address the unprecedented complexity of our multi-language runtime. This innovation enabled them to evaluate over 2,800 test cases that would have been impossible to deliver through manual auditing alone.

For the QAN XLINK audit, their deep expertise in quantum-resistant cryptography and NIST post-quantum standards set them apart. Few firms possess the specialized knowledge required to thoroughly assess cutting-edge post-quantum algorithms like ML-DSA (FIPS 204).

Their work on both engagements demonstrated that Hacken doesn't just audit blockchain projects; they genuinely invest in advancing the security and innovation of the entire industry.

Are there any areas for improvement or something Hacken could have done differently?

We have no suggestions for improvement. Hacken delivered exceptional value. Their performance was outstanding in every aspect of both audit engagements, from technical expertise to communication to project management.

It was great to find a security partner that consistently demonstrates this level of professionalism, technical excellence, and genuine commitment to their clients' success.

BACKGROUND

Please describe your company and position.

I am the CEO's Office of Valuit

Describe what your company does in a single sentence.

Valuit is the worlds first comprehensive RWA ecosystem providing compliant tokenization services; creating scalable and equitable accesibility to financing opportunities for asset owners, and enabling a broad spectrum of users to invest in asset classes through a compliant and abstracted interface. 

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire Hacken to accomplish?

• Smart Contract Audit

SOLUTION

How did you find Hacken?

• Online Search
• Other

Why did you select Hacken over others?

• High ratings
• Company values aligned

How many teammates from Hacken were assigned to this project?

2-5 Employees

Describe the scope of work in detail. Please include a summary of key deliverables.

We engaged Hacken to conduct a smart contract audit for Valuit, and the experience was seamless from start to finish. Their team demonstrated deep expertise in blockchain security, providing a thorough audit that identified critical vulnerabilities and offered clear recommendations for resolution.

Their detailed reports, proactive communication, and willingness to clarify technical aspects made the process highly efficient. The audit helped us enhance the security and reliability of our smart contracts, ensuring compliance with industry standards. We highly recommend Hacken for any blockchain project looking for a top-tier security partner.

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

• Number of vulnerabilities identified and resolved: 0 critical, 0 high, 6 medium, and 11 low-risk issues fixed.
• Compliance achieved: Ensured adherence to ERC-3643 and other industry security standards.
• Smart contract deployment confidence: Successfully deployed with zero post-audit security issues.

Describe their project management. Did they deliver items on time? How did they respond to your needs?

The vendor demonstrated strong project management capabilities, maintaining clear communication and structured workflows throughout the engagement. They adhered to the agreed-upon timeline, delivering key milestones on schedule. When challenges arose, they were proactive in addressing them and provided timely updates to ensure transparency.

Their responsiveness to our needs was commendable, incorporating feedback efficiently and making necessary adjustments without delays. Overall, their professionalism and commitment to delivering quality work were evident in every phase of the project.

What was your primary form of communication with Hacken?

• Virtual Meeting
• Email or Messaging App

What did you find most impressive or unique about this company?

What stood out most about this company was their deep industry expertise and innovative approach to solving complex challenges. Their ability to seamlessly integrate cutting-edge technology with practical business solutions set them apart.?

Additionally, their commitment to transparency, responsiveness, and customer-centric service ensured a smooth and productive collaboration. Their proactive problem-solving mindset and dedication to delivering high-quality results made a significant impact on the success of our project.

Are there any areas for improvement or something Hacken could have done differently?

NA

BACKGROUND

Please describe your company and position.

I am the COO of a financial services company 

Describe what your company does in a single sentence.

A borrowing and lending platform for various digital assets.

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire Hacken to accomplish?

• Hacken was hired to audit the product’s codebase.

SOLUTION

How did you find Hacken?

• Online Search
• Referral

Why did you select Hacken over others?

• High ratings
• Pricing fit our budget
• Referred to me

How many teammates from Hacken were assigned to this project?

6-10 Employees

Describe the scope of work in detail. Please include a summary of key deliverables.

The project is a blockchain based platform, taking a fork of compound and adding significant features to bring more value to our users. The platform is intended to use NFTs, LPs and RWAs as collateral for loans. After years of development, we have been successful in delivering this promise to our community. 

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

They have delivered throughout reviews of our code and have been delivering many detailed reports, helping us avoid coding based issues. They also helped us resolve issues when they arose, making sure that we were covered. 

Describe their project management. Did they deliver items on time? How did they respond to your needs?

The Hacken team is always very responsive and has really been a pleasure to work with. Due to their attentive communication style, we have developed a long-lasting relationship. They have also always been quick and accurate with their quotes and timelines.

What was your primary form of communication with Hacken?

Email or Messaging App

What did you find most impressive or unique about this company?

I think their blend of quality service, good pricing, and excellent communication is what makes Hacken unique and will keep us coming back.

Are there any areas for improvement or something Hacken could have done differently?

Nothing comes to mind particularly. The great thing is that I know if any issues come up, we will be able to communicate and find a resolution in a short manner of time.

BACKGROUND

Please describe your company and position.

I am the Founder/President of Marsha+ Foundation

Describe what your company does in a single sentence.

Introducing Marsha+: A revolutionary initiative designed to empower and support the LGBTQ+ community through blockchain technology. Our commitment is grounded in the belief that equality and human rights are fundamental, and Marsha+ stands as a beacon of positive change.

This innovative token, built on Ethereum and deployed on the Binance Smart Chain, is more than just a digital asset; it's a catalyst for meaningful action. Marsha+ will facilitate secure and transparent transactions, fundraising initiatives, and various applications within the community. Our mission is clear: to strengthen the LGBTQ+ community by providing the necessary tools to face contemporary challenges.

With a total supply of 8 billion tokens and an annual burn rate of 3%, Marsha+ represents a symbol of sustained commitment to equality, diversity, and a brighter future. Join Marsha+ and be part of the change!

OPPORTUNITY / CHALLENGE

What specific goals or objectives did you hire Hacken to accomplish?

• Security Audit

SOLUTION

How did you find Hacken?

Referral

Why did you select Hacken over others?

High ratings

How many teammates from Hacken were assigned to this project?

2-5 Employees

Describe the scope of work in detail. Please include a summary of key deliverables.

.

RESULTS & FEEDBACK

What were the measurable outcomes from the project that demonstrate progress or success?

We got 10/10 smart contract security audit! 

Describe their project management. Did they deliver items on time? How did they respond to your needs?

Great job of all of them! 

What was your primary form of communication with Hacken?

Email or Messaging App

What did you find most impressive or unique about this company?

They got absolutely family vibes and you always feel like home! 

We want to leave a very positive review for Hacken and their entire team, especially Sofía, Vlady, and Vitalii, who have always been attentive to every aspect of our project. We are truly very grateful. The security audit process has been successfully completed, and we have nothing but words of appreciation. We feel that Hacken is not just our partner, but also part of our family. 
The communication, management, and work have been brilliant! Thank you so much, everyone. The whole Marsha+ team sends their regards.

Are there any areas for improvement or something Hacken could have done differently?

Don't think so! Everything was perfect.

BACKGROUND

Please describe your company and your position there.

Paid Network is a blockchain solution for legal agreements. Right now, one of our branchs (ignition) are making Initial DEX Offering (IDO's). I am a DevOps, owning all the security stories along with my team.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Hacken?

To audit our Blockchain smart Contracts, and security assesment in general, related with blockchain and cryptocurrency

SOLUTION

How did you select Hacken and what were the deciding factors?

We research several vendors, and we also work with anothers, but Hacken was the one with the best client response, and also show expertise in their fields

Describe the project in detail and walk through the stages of the project.

They analyze our Smart Contracts and performance several test on it. After that, in this first round, they always find some security holes, bugs or errors, they give us their report and then our developers run the fixes. There is a second round of test, and normally all the holes are fixed, but in case of another issue, we have another correction.

How many resources from the Hacken team worked with you, and what were their positions?

We had a Project Manager, 2 blockchain developers, 2 pentester

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

Great team, Hacken is amazing, always get quick support, great acctitude from the team, great proffesionalism. 1000% recommended

How effective was the workflow between your team and theirs?

Its just great. When you are a proffesional and really know your bussiness, its just easy work with you

What did you find most impressive or unique about this company?

They've extended their background and clarification on the subject to ensure the project's success.

Are there any areas for improvement or something they could have done differently?

Maybe with the time, we can adjunst the prices xDDD

BACKGROUND

Please describe your company and your position there.

Cirus unlocks data as a form of digital currency, enabling people across the world to freely participate in value generation from their most common digital asset. We accomplish this with a two-tiered model: hardware and virtual systems. The CIRUS device replaces a traditional Wi-Fi router and allows the user to collect high-quality data from all internet-enabled devices. The Virtual Cirus is a lightweight client enabling node creation for the network and baseline data collection.

The network will be supported on ETH L2 standards and we aim to build this solution on Polygon. Our enterprise go-to-market strategy enables our hardware solution to reach millions of users through direct engagement with ISPs (major contracts to be announced). The virtual solution will be accessible worldwide. Our long-term aim is to bring new users into the digital economy by way of their data asset or “found-money” to open further avenues of wealth creation. This will bridge the adoption gap in crypto and allow new inroads into DeFi and wallet applications as we expand.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Hacken?

The key reason behind our decision to start cooperating with Hacken was to ensure the security of our end users. Every day we could hear from our industry partners and other players a lot of information about the intensification of cybercrimes. Companies were losing millions of dollars due to cyberattacks and we realized that in the near future, the scope of threat would become even much greater.

That is why we have recently decided to work with Hacken, the company that has become one of the most trusted security auditors in the industry. We are an emerging but highly promising project. Our users expect us to get high-quality solutions while facing minimal security risks. And we decided that cooperation with Hacken would allow us to meet users’ expectations related to security. We work with data and it’s our obligation to ensure the ultimate security of users’ information since they are our main asset.

SOLUTION

How did you select this vendor and what were the deciding factors?

Hacken came highly recommended from several of our partners who's opinion we value and they're held in a very high regard across the space specializing in smart contract audits. Hacken was the perfect fit.

Describe the project in detail and walk through the stages of the project.

The Hacken team performed the smart contract audit for our project.

How many resources from the vendor's team worked with you, and what were their positions?

We communicated directly with 2 people - Project Managers

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

Yes, the smart contract audit performed by Hacken experts allowed us to see our vulnerable points so that we could timely introduce fixes to protect our users. The cooperation with Hacken has fully met our expectations.

How effective was the workflow between your team and theirs?

The communication was very strong and we were updated every step of the way. All deadlines were not only met but the work was actually delivered ahead of schedule at a very critical point in our journey.

What did you find most impressive or unique about this company?

Strong expertise. In our opinion, this team knows everything about cybersecurity. They employ really great specialists.

Are there any areas for improvement or something they could have done differently?

Maybe. Every company has room for improvement. In our opinion, the Hacken team met all our expectations and know in what direction they should move. They have a great chance to strengthen their image in the market.

BACKGROUND

Please describe your company and your position there.

Our company is the first DeFi hack mitigation tool for token creators. Our tool freezes fraudulent transactions based on a set of fraud identification parameters and returns stolen funds back to the owner’s account. The creators of tokens need to insert our code into their protocols to mitigate losses. Our stake-based reward system incentivizes the community to develop increasingly efficient hack-spotting mechanisms - the spotter who took action first gets the reward. Our project is aimed at preventing malicious actors from compromising the safety of users and their assets.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Hacken?

We are a new project in the market. At the beginning of this year, our team realized that there are numerous security risks existing in the industry that could affect our customers, their assets and, thus, our reputation. That is why we decided to look for a reputable security auditor. Based on the feedback made by other market players and the information found on media channels, we decided to choose Hacken as our security auditor since this team was known for working closely with projects operating in the field of DeFi.

SOLUTION

How did you select this vendor and what were the deciding factors?

Our main objective was to reveal security issues that could have been overlooked by our researchers. We realized that our expertise was not strong enough to know any point that could be noticed by malicious actors. We treated cooperation with Hacken as an opportunity to make our product highly secured for clients.

How many resources from the vendor's team worked with you, and what were their positions?

1 representative

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

Yes, our expectations were quite high and we are happy to say that the Hacken team could meet them.

How effective was the workflow between your team and theirs?

effective. We did not have any reasons to doubt the high level of professionalism of the Hacken team. We were aware of all activities performed within the framework of our cooperation and the communication process is clear, structured, and customer-centered.

What did you find most impressive or unique about this company?

Long-term vision. Hacken specialists have focused on long-term results instead of delivering solutions that only have immediate effects. They were focused on being a few steps ahead of any malicious actors and we liked it very much.

Are there any areas for improvement or something they could have done differently?

Yes, there are no companies in the market that are excellent. We strongly believe that the Hacken team will find even more methods to make customers feel confident. Hacken is a great company at the core of which are its professionals.

BACKGROUND

Please describe your company and your position there.

Remitano is the company acting as the escrowed P2P Bitcoin marketplace. We allow people to safely buy/sell Bitcoin while paying as low fees as possible and all in a very convenient way. Our team supports customers 24/7 to ensure that they get the highest quality service. We are serving customers from Vietnam, Nigeria, Kenya, Cambodia, and many other countries. We have already served 1.5M+ customers and are focused on expanding our presence in the industry.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Hacken?

We have experienced significant market growth for the last few months. We have realized that the more clients we serve and the more assets we handle, the higher the risks that malicious actors will try to attack us. That is why in April this year our leaders decided that it was high time to start cooperating with a reputable security vendor. We had a few companies to choose from but based on market reviews and feedback received from our partners we decided to start working with the Hacken team.

We strived to make our product resistant to the digital threats existing in the industry while preparing the ground for addressing future security risks. Our main goal is to make customers realize that their assets are in safety. Thereby we can win their trust and loyalty. Also, by cooperating with Hacken we want to show our partners that security is a top priority for us.

SOLUTION

How did you select this vendor and what were the deciding factors?

We got references from our other partner and we also searched more similar firms in the industry and compare the service packages, price, repuation...

Describe the project in detail and walk through the stages of the project.

They performed a thorough security audit of our website and web apps, identifying potential risks in our infrastructure.

How many resources from the vendor's team worked with you, and what were their positions?

I'm not quite about the number of team members involved in the project but the team has performed well, timely, they have project leader to coordinate the project and some pentetration testers to perform.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

Hacken team performed the penetration testing for our project and upon detecting security flaws they instructed us on how to eliminate all these issues so that to leave hackers no chance to compromise our systems.

How effective was the workflow between your team and theirs?

The communication process between us and Hacken team fully met our expectations and, generally, was very effective. All information provided by Hacken specialists was structured, detailed, and up-to-date. Also, these guys were in constant contact with us when we needed their assistance such as recommendations or instructions. Based on our communication experience, we can say that Their team was not only composed of highly skilled researchers and experts but also great communicators.

What did you find most impressive or unique about this company?

The straightforward cooperation process. This team provided us only the required information and did not overburden us with details that could not bring any value to us or cause misunderstanding.

Are there any areas for improvement or something they could have done differently?

Of course, every company has room for improvement. Hacken experts have fully met our expectations but we are sure that their potential is tremendous. This team can become a cybersecurity guru on a global scale and we wish these guys to achieve their targets. It’s a great pleasure for us to cooperate with this company.

BACKGROUND

Please describe your company and your position there.

Biki is a global blockchain technology service provider and one of the top-20 cryptocurrency exchanges on CoinMarketCap. The users of the exchange can trade more than 150 cryptocurrencies and 250 trading pairs. Biki serves more than 3 million users worldwide and is focused on making their trading experience as convenient and safe as possible.

OPPORTUNITY / CHALLENGE

For what projects/services did your company hire Hacken?

We realized that the frequency of cyberattacks against major cryptocurrency exchanges increased dramatically in the previous year. Hacken is a leading cybersecurity expert with deep expertise in web application security assessment whose professionalism is recognized in the market.

What were your goals for this project?

Hacken performed the web application & API security assessment. Hacken carried out vulnerability scanning to identify the application’s security weaknesses. Hacken has checked the system configuration and whether the required patches were installed to ensure the security of the system. The company’s specialists investigated web applications, customer scripts, and programs to find any loopholes. Based on the results of the testing, Hacken provided a list of identified vulnerabilities and the recommendation by implementing which Biki would strengthen its security.

SOLUTION

How did you select Hacken?

We realized that the frequency of cyberattacks against major cryptocurrency exchanges increased dramatically in the previous year. Hacken is a leading cybersecurity expert with deep expertise in web application security assessment whose professionalism is recognized in the market.

Describe the project in detail.

We have conducted a few strategic calls with the Hacken team to discuss the goals of our cooperation, its scope, and the required timeline. Based on the information received Hacken team distributed tasks among its members and started testing our product.

What was the team composition?

The team working on the security assessment of the exchange encompassed the Hacken project manager and two penetration testers who were in constant contact with our specialists. Hacken team performed the security assessment within 10 days.

RESULTS & FEEDBACK

Can you share any outcomes from the project that demonstrate progress or success?

Based on the results of the web application & API security assessment, Hacken specialists determined that the level of risks for Biki was low. The cooperation with Hacken has allowed us to identify and eliminate system vulnerabilities that may have been exploited by hackers to commit cyberattacks.

How effective was the workflow between your team and theirs?

The cooperation process was highly effective since our team was open to any suggestions and recommendations made by Hacken specialists while security engineers of Hacken immediately informed us of any updates and progress.

What did you find most impressive about this company?

Structured and highly professional approach to security testing and focus on communication with the customer so that Hacken did not miss any details when performing security assessment

Are there any areas for improvement?

I strongly believe that Hacken specialists provided the services of the highest quality and I do not have any complaints about the company’s work. Hacken team has confirmed its high level of professionalism in practice!