TL;DR:
- COTI announced a partnership with Sayfer, a Web3 cybersecurity firm with zero recorded hacks among its clients since its founding in 2019.
- Sayfer completed several independent audits of the smart contracts behind COTI’s private ERC-20 tokens and the upcoming Privacy Portal.
- The firm joins as a long-term security advisor.
COTI partnered with Sayfer, a cybersecurity consultancy specialized in the Web3 ecosystem, to reinforce the infrastructure behind its privacy protocol. The firm, founded in 2019, has a track record that includes clients such as MetaMask, 1inch, Polkadot, Tezos and Binance Smart Chain, and records no hacks among its clients to date. The agreement makes Sayfer a long-term security advisor to the project as it moves forward with the launch of new products.
The initial phase of the collaboration included independent smart contract audits of two core components of the ecosystem: private ERC-20 tokens and the Privacy Portal. In the case of the former, Sayfer reviewed line by line the logic of encrypted balances, RPC handlers, key management flows, token import and validation, and encrypted payload processing. All findings were resolved by the COTI team before launch.
COTI: Privacy Portal Under the Microscope
The Privacy Portal is the web application that will allow users to convert compatible public tokens into private tokens with a single click, and reverse that operation in the same way. Its smart contracts were stress-tested by Sayfer’s senior researchers prior to deployment.
The main interface for interacting with these private tokens will be the MetaMask Snap from COTI, whose latest version will incorporate full support for ctUint256, the 256-bit confidential ERC-20 standard enabled by the Helium Mainnet upgrade. This version will also introduce support for private NFTs, switching between Mainnet and Testnet networks, and a redesigned send flow.
Beyond the Static Audit
Sayfer also has in development a security layer powered by artificial intelligence aimed at continuous, real-time monitoring, which goes beyond the traditional model of one-off audits. The system will combine the expertise of senior auditors with automated vulnerability detection and live analysis of smart contracts and protocol infrastructure. COTI will be one of the first projects to benefit from this permanent monitoring model.
