With its Layer 2 mainnet launch scheduled for September 31st, Kasplex has released the results of an independent audit carried out by ScaleBit, providing the community and developers with a transparent look into the network’s security posture.
Audit Scope and Methods
The audit reviewed Kasplex’s EVM-compatible rollup solution on Kaspa, designed to bring smart contracts into the Kaspa ecosystem. ScaleBit applied a mix of dependency checks, static analysis, fuzz testing, and manual code reviewto assess the codebase and identify vulnerabilities.
Findings
The audit uncovered five issues in total, including:
- Two critical vulnerabilities, including a transaction authorization bypass and an overflow in base fee distribution that could have led to unintended ETH minting.
- Three medium-severity issues, such as integer overflows and underflows in transaction handling and gas pool logic.
All five issues were fixed by the Kasplex team before the report’s publication. No major or minor unresolved issues remain.
Why It Matters
Audits are a crucial step for any blockchain upgrade, especially when introducing smart contracts to a system originally designed for payments like Kaspa. By publishing the report openly on GitHub, Kasplex signals its commitment to transparency and security as it prepares for launch.
Looking Ahead
With the audit completed and vulnerabilities addressed, Kasplex is on track for its September 31st mainnet release. The rollout is expected to expand Kaspa’s functionality dramatically, enabling developers to deploy dApps, DeFi protocols, and other smart contract–based tools on one of the fastest proof-of-work networks.
full report can be accessed here: https://github.com/kasplex/evm-l2-audit
