Careers

For journalists

email contact@scnsoft.com en flag +1 214 306 68 37
en flag +1 214 306 68 37
Contact us
Web3 Audit and QA for BattleFly, a Blockchain Gaming Studio

Web3 Audit and QA for BattleFly, a Blockchain Gaming Studio

Industry
Entertainment, Software products
Technologies
Blockchain, AWS

Summary

ScienceSoft provided Web3 audit and QA services to BattleFly, a blockchain gaming startup. As a result, the Client strengthened its GameFi project’s health and delivered a new exciting gameplay mode with smooth functionality.

About Our Client

BattleFly is a Web3 gaming studio that continuously enhances its blockchain-based GameFi solution with diverse gameplay mechanics (crafting, exploring, strategy, battling tactics, etc.), collectible and tradable NFT assets, hundreds of modifications, and innovative features.

Expert Audit Needed for a Rapidly Evolving Web3 Solution

The startup planned to refine and further expand its Web3 gaming functionality. It was looking for an experienced vendor to help reveal potential risks and areas for improvement to ensure BattleFly’s sustained success and growth.

During the pre-sales process, ScienceSoft showed deep understanding of blockchain technology, which helped secure the partnership with BattleFly.

All-Around View of Project Health and Quality Assurance to Strengthen it

Web3 audit phase

For the comprehensive architecture and code review, the Client provided our blockchain audit team with necessary information about the project and access to its Git repositories, Confluence documentation, and AWS console.

Security check

To identify potential security issues, ScienceSoft’s experts scanned and manually reviewed the Client’s codebase, architecture, and AWS cloud resources. The audit team revealed issues of various severity but didn’t find any critical vulnerabilities. Some of the remediation measures that ScienceSoft recommended include:

  • Using SSL connections with blockchain RPC nodes, databases, and external services to protect data in transit from being viewed and tampered.
  • Enabling encryption at rest for databases to protect critical data from disclosure.
  • Storing sensitive information like contract addresses and cryptographic salt in a secure data storage (e.g., AWS Systems Manager Parameter Store, AWS Secrets Manager).

Architecture review

ScienceSoft’s auditors verified that the Web3 application has a sensible structure split into presentation, business, and data layers. They also assessed how the code implements common design patterns and language- and framework-specific code patterns.

Our experts concluded that the overall architecture was well-designed and flexible. For further improvement, they drew up recommendations, including:

  • Creating a standalone microservice for blockchain operations and implementing several access levels (e.g., read-write, read-only) for this microservice. This would help isolate sensitive data and cryptographic and signing functions.
  • Using AWS Lambda layers to extract the dependencies shared by multiple lambdas into one common place. This would greatly reduce the size of deployed lambdas.
  • Extracting the core logic of lambdas with similar functionality into a single function with a possibility to define parameters such as a data source. This would eliminate code duplicates and facilitate project maintainability.

Code review

ScienceSoft’s auditors examined the Client’s application and infrastructure codebase to verify its quality, security, and adherence to best practices. To enhance code clarity, maintainability, and security, they recommended:

  • Removing commented-out code and unused variables.
  • Extracting magic numbers to constants with self-descriptive names.
  • Simplifying complex conditional statements. For example, applying an early return approach or switch statements would reduce the number of nested if/else blocks.

Project status assessment

ScienceSoft analyzed the results of the auditing activities and commended BattleFly’s strategic use of front-end and back-end technologies and the adherence to performance-oriented coding practices. ScienceSoft’s auditors drew up a project status report and outlined suggestions to facilitate the project’s evolution, including:

  • Expanding unit and integration test coverage and fixing broken tests to ensure early bug detection and faster development.
  • Implementing consistent dependency management to ensure regular updates, uniform versioning across the project, and cleanup of unused, outdated, and vulnerable dependencies.
  • Establishing disaster recovery plans and testing procedures to bolster the project's resilience.

QA phase

BattleFly wanted to improve the testing quality of its Web3 gaming project and ensure flawless player experience from day one of launching a new gameplay mode. The startup enlisted ScienceSoft’s manual and automation test engineers to support its QA processes.

During more than six months of the collaboration, ScienceSoft’s QA engineers updated all existing tests, as well as created and ran functional and automated regression tests, which totaled in 500+ valid test cases. The regression tests helped maintain backward compatibility of new features with the existing functionality. The functional testing ensured smooth operation of the application’s API and UI.

Franklin Mongiove, Product Owner at BattleFly, says:

Having reached a new milestone in BattleFly’s evolution, we hired ScienceSoft to audit our GameFi platform. The team’s expertise in software architectures, front end and back end, and cybersecurity was invaluable. It took ScienceSoft just 4 weeks to conduct a comprehensive audit and deliver clear reports with actionable recommendations.

Satisfied with the audit’s tangible results, we continued our partnership and enlisted ScienceSoft’s test engineers. For 6 months, they supported our QA processes for BattleFly’s existing and new ambitious features.

We are happy to have partnered with ScienceSoft, a competent vendor that shares our enthusiasm for the exciting future of Web3 gaming.

Key Outcomes for BattleFly

  • All-around view of the Web3 project’s health and issues classified in the audit reports.
  • Enhanced security, stability, and overall efficiency of the project facilitated by improvement suggestions.
  • Early bug detection and enhanced robustness of the existing functionality thanks to 500+ test cases refactored and created.
  • Seamless integration of new functionality thanks to automated regression testing.

Technologies and Tools

Static code analysis

MegaLinter, KICS, Checkov, Grype, SonarQube, secretlint, Gitleaks.

Quality Assurance

PactumJS, Atlassian Jira.

Blockchain Case Studies AWS Case Studies Entertainment Case Studies Software Products Case Studies Test Automation Case Studies Software Testing Case Studies

Have a question to our team or need help with your project?

Our team is ready to provide client references, estimate your project, or answer any other question related to your IT initiative.

Upload file

Drag and drop or to upload your file(s)

?

Max file size 10MB, up to 5 files and 20MB total

Supported formats:

doc, docx, xls, xlsx, ppt, pptx, pps, ppsx, odp, jpeg, jpg, png, psd, webp, svg, mp3, mp4, webm, odt, ods, pdf, rtf, txt, csv, log

Get in touch instantly

Call us Email us WhatsApp Live chat

More Case Studies