Blockchain Project Security Audit

Client:

Nexis Blockchain

Industry:

Blockchain

Focus:

Blockchain project security audit and Datami certification

Main challenge:

Risk of asset loss and network compromise

Market:

International

Services provided:

Blockchain security audit

Key Takeaways

Audited 9,000+ lines of Rust code

Project certified by Datami

Prepared for the CertiK Bug Bounty program

Identified approximately 40 potential vulnerabilities

The client received a detailed security report

9000+

Lines of code audited

Potential vulnerabilities identified

Monthly

Audit reports

Jun 30, 2026

3 min

FinTech company Nexis Blockchain engaged Datami to reduce the risk of investor asset loss and network compromise before launch. We audited 9,000+ lines of Rust code, delivered a security report, and issued a compliance certificate.

Nexis Blockchain is a California-based FinTech/Web3 company developing a Solana-based blockchain project with proprietary integrations.

For businesses like this, cybersecurity is essential, as blockchain vulnerabilities can result in investor asset loss or network compromise. Smart contract audits are also often required for listing on cryptocurrency exchanges.

Project objectives and challenges

At the pre-MVP stage, the Nexis Blockchain team was preparing the project for further development and participation in the CertiK Bug Bounty program.

For a FinTech/Web3 blockchain product, this required validating code security before entering the market.

Conduct a comprehensive security audit of the blockchain project to identify vulnerabilities before launch.
Review the GitHub repository, including the core logic, core, and critical functions.
Obtain the Datami security compliance certificate for crypto projects.

Audit scope

Audit of the Nexis GitHub repository with review of the core, critical functions, and project logic.

Codebase and language

In-depth analysis of 9,000+ lines of Rust code with a focus on common blockchain vulnerabilities.

Expected outcome

A detailed audit report with findings and a Datami security certificate confirming compliance.

Our approach

The Datami team conducted a White-Box security audit with full access to the source code and the project's internal logic. The assessment combined manual code review with automated analysis.

This enabled a detailed review of the architecture, critical workflows, and potential code defects. Particular attention was paid to common Rust implementation issues and manual verification to eliminate false positives.

White-box audit

Analysis of the system with full access to the source code, internal logic, and key project components.

Static code analysis

Use of SonarQube and other tools to identify known vulnerabilities and common coding issues.

Dynamic testing

Testing code behavior during execution to identify risks that may not be visible through static analysis.

Key project stages and decisions

Due to the large codebase, Datami and Nexis Blockchain agreed on a long-term engagement model from the start.

The audit stages, review schedule, and monthly reporting were defined in advance.

Communication was via Telegram with the founders and team lead.

Project preparation and access

Agreement on the audit scope, access to the GitHub repository, and clarification of the project's technical details.
Code analysis

Review of the system core, critical functions, and operational logic using manual and automated analysis.
Reporting

Preparation of interim reports, regular client updates, and delivery of the final report upon completion of the assessment.

Results and recommendations

During the security audit, the Datami team identified approximately 40 potential vulnerabilities, around 30 of which proved to be false positives after manual verification.

Most of the identified issues were low risk, and some were related to the libraries in use. This approach made it possible to objectively assess the security of the code without unnecessary noise from automated detections.

Nexis Blockchain received the following recommendations:

eliminate issues related to the libraries;
regularly review code security during product development;
conduct an additional audit before new integrations and releases.

The client received a detailed audit report with the findings, a Datami certificate confirming compliance with security requirements, and a practical foundation for the further development of the product.

Key project results

The security audit objectively assessed the blockchain project's security, reduced the risk of investor asset loss, minimized critical blockchain logic issues, and prepared the system for future integrations and growth.

In Web3, security is a continuous process. A pre-MVP audit helps protect a project's reputation, capital, and future.

Metric

Before the audit

Result after the project

Security level

No independent assessment of the architecture

Architecture reliability confirmed

Vulnerabilities

Possible weaknesses in the blockchain logic

Code reviewed, problematic areas identified

Risks

Potential risks to assets and the network

Key risks reduced

Compliance confirmation

No market-recognized confirmation

Datami compliance certificate obtained

More success stories with Datami

Browse other project case studies

SOC Implementation for an IT Company

47 detection and 25 response scenarios
ISO 27001 compliance: 32% → 94%

Services:

SOC / SIEM Implementation

Jun 30, 2026

Kubernetes Infrastructure Security Audit

21 vulnerabilities of varying severity were identified
The risk of unauthorized access was reduced by 90%

Services:

Penetration Testing, Cloud Security Assessment

Jun 23, 2026

AI Platform Security Testing

51 vulnerabilities identified, including 2 critical
Full system prompt disclosure confirmed

Services:

AI Systems Penetration Testing (OWASP LLM Top 10)

Jun 9, 2026

Back to home page

Datami articles

Mobile App Penetration Testing: Protection Against Malicious Apps

Oleksandr Filipov

Mobile App Penetration Testing: Protection Against Malicious Apps

Malicious mobile apps attack not only the smartphone - they deliberately exploit vulnerabilities in your application. Find out how penetration testing helps identify these weaknesses before they become a security risk.

15 min Jun 30, 2026

Oleksandr Filipov

Top Business Cyber Security Issues

Which issues in cyber security do businesses face most frequently? In this article, we examine the top 9 most relevant cybersecurity issues by criticality level and provide recommendations for their remediation.

3 min May 4, 2026

Oleksandr Filipov

What is a Cybersecurity Incident?

Cyber incidents have long ceased to be a headache only for large corporations and government institutions. Today, they are a common part of the digital reality faced by companies of all sizes.

3 min May 4, 2026

Show all articles

On this page you will learn what cookies are and how and when we use them. Definition of the term Cookies Cookies are pieces of data that a web server generates and that a website stores on your user device (computer, smartphone, tablet, etc.). Each website or third-party service sends cookies to the browser installed on your device only if your browser allows it. This is possible if you have not set any restrictions in your browser settings to save cookies. Browsers are a very well thought out technology. They protect personal data and allow websites to access only cookies that were previously sent to them. Cookies are divided into: session cookies. They are stored in the memory of the browser only during your session, after leaving the site immediately removed. permanent. They are stored in the memory of the browser for a long time. Definition of the term “browser” A browser is an application for browsing websites. The most popular browsers are Chrome, Internet Explorer, Firefox and Safari. All listed browsers are safe. In the settings of these browsers, cookies can be easily disabled, as well as change the settings of their work. You can: accept all cookies; ask the browser to notify when cookies are used; do not accept cookies. Cookies on datami.ee and how we use them We use cookies to: our site is more functional; to understand how you navigate on the site, what content you consume better, to develop the content strategy of the site; understand how many visits to the site were per day, month, year. Analyze the geographical identity of users of the site, the number of repeated visits and other data. Cookies that we use on our site. Third-party cookies. The buttons of social networks, videos and some other services of our site are the property of other companies. These companies may also use cookies on your device if you have used them on our site or have been previously registered with them. The privacy policy of the use of personal data by these services can be found on the websites of these services. Blocking cookies All browsers allow simple actions to disable cookies. To disable them, you must go to your browser settings and find cookies in them. But we must remember that blocking cookies can have a negative impact on the performance of many websites. How to delete files You can also always delete cookies that are stored on your computer. To do this, follow the instructions of your browser Again, deleting cookies can have a negative effect on the performance of many websites.