A week ago the ICO community was shaken by a hack that cost a large Japanese Syndicate 10 Million dollars. Instead of using a secure solution, the syndicate managed their ether and tokens manually in an online wallet.



How does PrimaBlock protect your funds?


Our experience with ICOs


When we develop a smart contract we do our best to make sure that the contract is secure.  At a high level, ICOs all work the same: pay Ether, get back tokens. But, there are differences in the details of how each ICO handles their presale and crowdsale.

Since our launch, our smart contracts have powered thousands of pools interacting with many different ICOs. We have dealt with cases where the ICO has had to reissue their token contract and other unexpected events. The PrimaBlock smart contract is battle tested and has been flexible enough to handle a variety of different failure scenarios.

Our number ONE priority when developing smart contracts is security


In some ways writing a smart contract is similar to writing the software which powers a spaceship. You cannot always modify a smart contract after it has been deployed. Therefore, we do our best to make sure that no bugs are introduced into our smart contract releases.


When developing a smart contract you really need to be attentive to the details and you certainly should not compromise on development best practices or getting security reviews.

As the contract manage our clients’ funds, security is our number one priority. For that reason, we are dedicated to the prevention of bugs and potential coding errors which may result in funds being stolen. Even the tiniest mistake can have an impact so we are very cautious.

In 2017, a small bug in a smart contract resulted in 280M dollars of loss. 



We spend A LOT of time testing our smart contracts.


Whenever we modify our smart contracts we always make sure to include automated tests to detect any potential issues. We put in roughly 5 times more effort testing the smart contract than developing it.

Once we release a smart contract, we sometimes find cases of people using our pools in unexpected ways. We incorporate feedback from our users and maintain a backlog of changes to include in upcoming releases; over time, our smart contracts become wiser!

It is important to note that we try not to pack in too many changes into a smart contract release. Instead, we prefer to improve the smart contract incrementally. Large changesets are difficult to review and increase the likelihood of bugs.


PrimaBlock’s platform is reviewed quarterly by a team of security experts


We hired Longterm Security, a highly skilled independent security firm, made up of dedicated researchers and engineers with experience in security roles working for large companies (Apple, Samsung, and Spotify). They reviewed every layer of our tech stack, from the smart contract to the front-end.

The first audit was led in March. At no point were Longterm Security able to find an exploit where an attacker could steal funds or tokens from contributors.


The next audit will be led on the 2nd of July.


New feature KYC coming soon!


Note that it is already well known that a pool admin can misuse pool funds. We remind you that PrimaBlock pools are not yet trust-less and require that pool admins act in good faith.

We are getting ready to push out a feature allowing :

  • The option to create pools which require KYC from contributors
  • Pool creators will have the option to verify their account. Pools created using a verified account will look different than other pools. Contributors will be able to reduce the risk of getting scammed by participating in pools created by verified accounts.


At PrimaBlock, Security is of paramount importance. We are proud of our track record and will always look to improve our development practices!

Share This