UPDATE: Once again - no one was hacked in reality and the audit was conducted for free. This post is simply an attack scenario. You can download the final report and see clarifications here. For a while we’ve been looking for a project to conduct volunteer security audit. Recently we found a perfect suit for us - an open source crypto currency exchange Peatio powered by Rails. We dedicated 8 hours