ALEX Security and Workflow Optimization
ALEX operates as a comprehensive decentralized finance (DeFi) platform on the Bitcoin blockchain. It leverages the capabilities of Stacks, a protocol that enables smart contracts and decentralized applications (DApps) on Bitcoin, to offer a wide range of DeFi services.
Active Wallets
Total Value Locked
Total Transaction Volumen
Project Overview
ALEX (Automated Liquidity Exchange) is the premier DeFi platform for Bitcoin, built on Stacks smart contracts. It empowers users to launch new projects, earn interest, swap tokens, and revolutionize finance and culture. Alex is a key player in the Stacks ecosystem, with a highly complex and extensive platform. Recognizing the need to enhance their testing and technical documentation, they sought our expertise. CoinFabrik has collaborated with Alex for over two years, conducting multiple audits on their smart contracts, which has given us in-depth knowledge of their platform.
This report reflects our first 3 months of our QA web3 services for Alex.
Project Stages
01
Initial Approach
Our service was structured to update technical documentation and generate tests based on repositories prioritized by ALEX. Within the first month, the technical complexity of the code prompted a reassessment of the approach. The team was reinforced, focusing first on documentation (which allowed us to improve our understanding of the platform) and followed by test generation.
We refined our Web3 QA process as follows:
02
Documentation Generation
We created two types of documentation: high-level overviews describing the functionality and relationships between components, and detailed technical documents. Our documentation covers applications, smart contracts, libraries, services used (internal or external), repository structure, database schemas, tools used, and dockerizations.
We thought using Github was an ideal choice for integrating documentation. This involved reviewing README.md files and creating additional .md files, allowing users to seamlessly navigate from high-level documentation to individual components and their code. This comprehensive approach enabled us to:
- Recommend code structure improvements for easier testing.
- Identify security issues, validated by our auditors.
We also documented ALEX’s governance processes for its DAO and for LISA. In this case the choice was to update public gitbooks with this new content which Alex shared publicly with their community.
Metrics
| Repository | Initial State | Final State |
| bitcoin-oracle | Main readme | Main readme and 1 developerManual.md with an index to all documentation |
| bitcoin-oracle | 11 autogenerated readme.mds | 5 overview docs for apps
5 technical docs for apps 15 technical docs for libraries 1 technical doc for external libraries 5 technical docs for smart contracts 2 setup procedures for a development environment and how to run a validator 1 technical doc for development tools 1 technical doc for dockerization 1 technical doc for monorepo structure 1 technical doc for database schemas |
| sdk | Main readme.md | Main readme.md and a new documentation.md with in-depth information about each function of the SDK |
03
Test Generation
After understanding the components, we focused on strengthening tests. We identified existing test gaps, added end-to-end (e2e) tests for SDK functions, tests for non-happy paths, and other e2e tests. We continually checked against coverage ratings and achieved 80-100% coverage.
Metrics
| Repository | Initial State | Final State |
| SDK | 4 tests (w/no checks/asserts!) | 51 tests in 5 tests suits |
| 71.23% Statements 156/219
46.15% Branches 30/65 75% Functions 45/60 69.9% Lines 144/206 |
94.06% Statements 206/219
73.84% Branches 48/65 98.33% Functions 59/60 93.68% Lines 193/206 |
04
Conclusion
Why ALEX decided to hire our QA Web3 Services
- Besides conducting frequent security audits with CoinFabrik, ALEX keeps strengthening their test coverage and documentation practices.
- CoinFabrik had been working for about over two years auditing their smart contracts. This is beneficial because CoinFabrik’s team already knew their platform.
- The fact that ALEX is working on enhancing their documentation practices, shows how committed they are to promoting transparency and ease of understanding for developers and stakeholders.
- ALEX maintains a long-term partnership with CoinFabrik, benefiting from consistent and reliable auditing services. This resulted in both enhanced security measures and the successful introduction of LISA DAO, a robust, decentralized governance structure to manage the LISA liquid staking protocol on Bitcoin, coauthored and audited by CoinFabrik.
Value delivered by CoinFabrik in the first three months
- Bitcoin-oracle: from 1 readme.md to 38 high-level and technical documents.
- SDK: improved each testing coverage metric.
- Published two high-level documents about ALEX DAO and LISA governance to their community.
- Identify a security issue in one contract related to the oracle-bitcoin repo.
- CoinFabrik’s QA service helps streamline workflows and identify inconsistencies earlier. Besides this leading to cost savings, it also enables programmers to focus on building features.
Ready to bring your business onchain?
Work with our experienced blockchain team to turn your ideas into reality with trusted security and effective solutions.
Our clients
In partnership with top global business organizations
From bold start-ups to big names, CoinFabrik is proud of our clients’ success and passionate about helping them accelerate growth.
