Called the Microsoft of Decentralised Finance, Jigstack is a cryptocurrency platform where any company can join and create their own unique, crypto tokens. With it, a company can have an easy to create and use digital currency for their clients and customers. These currencies can then be used by the

The penetration test for Jigstack was performed under our White Box penetration testing service.

Due to its nature as a custom-coded financial application built on the blockchain, it required this deep dive into security. We tested the web application, the integration of smart contracts, and the API. Our testing also extended to load and performance testing, as they expected a huge amount of traffic and transactions daily.

Some of the common vulnerabilities we test for are:

  • Remote Code Execution
  • SQL Injection
  • Path traversal attacks
  • File upload vulnerabilities
  • Parameter tampering
  • Access control flaws
  • Transport layer security, Business logic, and Authentication flaws
  • SMTP, Header, and JSON Injection
  • XML Injection / Code Execution

However, given the blockchain nature of this client, we also tested for some specific vulnerabilities. These are commonly exploited with smart contract and blockchain technologies:

  • Re-entrancy attacks
  • Over & Underflow attacks
  • Block Gas Limit
  • Front Running


We found a number of vulnerabilities across our source code and penetration tests. Thanks to our discoveries, the team at Jigstack were able to secure themselves against potential malicious actors. Once they had completed patching, we then ran full sanity and regression tests. In addition, they were able to scale and prepare for a high load of users and traffic on a regular basis.

“Working with Cyrex was an awesome experience all around. Even with timezone differences, communication was smooth and really easy, which is really important when working against a tight deadline. Cyrex’ analysis and tests were all precise and really well explained, without sacrificing agility or comprehensiveness. They also ended up being crucial for the security and performance of our platform, so I can easily say Jigstack is satisfied with the work delivered and we’re keen to working once again with such a talented team.”



Test your application's security against the best

Learn more about our penetration testing and ethical hacking for applications.