Why is the CargoX Platform secure?
The modular structure of the CargoX Platform is without any single point of failure. That essentially means that there is no central server or central storage to be targeted by hackers.
The security and safety of our smart contracts is assured thorough vetting and auditing. All production-ready CargoX smart contracts have been vetted by at least one independent auditing expert.
Additionally, clients can at any time request additional audit of our entire deployed smart contract code, provided that they cover the costs and select a recognized, independent, auditing professional.
Secured and vetted smart contracts combined with the vast processing power that secures the consensus mechanism of the world’s largest public blockchain - Ethereum, further underline the significant security of the CargoX ecosystem.
CargoX has a dedicated bug bounty program, stimulating researchers and white hat hackers to inspect our code and report any found weaknesses.
CargoX’s smart contracts and ecosystem as a whole are written by a team of experienced in-house developers and software engineers, using only the most secure and vetted libraries, with an emphasis on clear logic and simplified flow. The same libraries are also used in core Ethereum blockchain development, meaning they are inspected and scrutinized hundreds of times every day by the largest blockchain development community on the planet.
On the contrary, proprietary software teams generally consist of fewer people and don’t always include necessary specialists, such as QA engineers, who help eliminate vulnerabilities. With proprietary/closed software solutions you have no option but to trust the vendor.
Who can see your documents
The only users who can see your CargoX documents, are you and other parties included in the exchange.
For a simple Smart B/L those are typical: the issuer, the shipper, the consignee(s), and the cargo release agent. Nobody else but these four parties can access the document. Not even CargoX.
As an additional precaution, all documents stored on the decentralized file storage of the CargoX are always encrypted.
The identity of users is obfuscated by their Ethereum address, and again only parties included in the document exchange know and see each other address.
How CargoX guarantees ownership of documents
Your digital documents are encrypted and stored securely on the IPFS file system. The ownership information along with the hash (digital fingerprint) of each document is written on the Ethereum blockchain network.
Documents are accessible only through the owner’s’ private blockchain key, which CargoX never sees.
Documents uploaded to the CargoX Platform can never be lost or stolen. The Ethereum blockchain and all parts of the CargoX Platform employ the most advanced cryptography, providing military-grade security.