Ethereum is making changes to its smart contract system to make it more secure.

Source: unsplash

Ethereum has the most developers compared to all other cryptocurrencies, with 16% of them.

Source: CoinMarketCap

Unfortunately, there are an increasing number of security attacks happening on the Ethereum network. Beosin, a company that protects blockchain, discovered that in the third quarter of this year, cryptocurrency investors lost $282 million. “96 million lost due to rug pulls. ” The report said that some sneaky people took $66. 15 million was taken from the victims all at once. Beosin said that the Ethereum blockchain had a lot of issues and lost a lot of money.

Source: Beosin

Checking smart contract code in a new way.

The EEA hired Charles Nevile to help make more businesses use ethereum. He is in charge of all the technical programs for the group. Nevile told Cryptonews that there are issues with the security of Ethereum. The issue is that there are errors in the Solidity compiler when making code for smart contracts. Neville said that when they make the compiler better, they solve old issues but also discover new ones.

In November 2020, the EEA made a group called the “EthTrust Security Levels Working Group” to fix these problems. The group made a document called “EthTrust Security Levels Specification v1. ” in August 2022. Today, people who create and review smart contract code for Ethereum use this guideline.

Nevile thinks that the EthTrust Security Levels Specification should be updated to reflect the stronger security of the Ethereum network. “We discovered new issues after we launched version 1. ” “He said that the plan for v1 is to solve problems by 2022. ”

Nevile said that the EEA released Version 2. They purposely did not meet any of the security levels in their EthTrust specification. Neville saw that the EthTrust Security Levels Specification v2 solved issues with Solidity compiler bugs, dealing with rounding errors, and providing better defense against read-only reentrancy attacks.

Because security issues have caused problems in the past, it is very important to regularly update the Ethereum system. For example, the hack of “The DAO” was caused by reentrancy, according to Michael Lewellen, who works at OpenZeppelin. They create programs to keep digital agreements safe. “In 2016, Ethereum had a major security issue known as the DAO Hack. This incident made people understand the importance of security,” Lewellen stated. “It was an example of a common problem called reentrancy. ” This was a common problem called reentrancy. “3 dollars were lost by people. ” 64 million dollars’ worth of ETH was lost due to the DAO hack.

Nevile says reentrancy happens when a developer makes changes to a smart contract while it is still working. He said:

“Essentially this means that a program is halfway through running code, but then something else is asked of it. As a result, the two requests could get mixed up. A program hacker can then use this mix up as an opportunity to steal people’s money or change the prompt of things.”

Do lots of companies use the same rules.

Lewellen said that OpenZeppelin uses EthTrust Security Levels v1 to prevent serious security issues. We use this system to check if our clients are ready for an audit. This lets clients know that we are searching for specific things while conducting the audit.

Someone who uses OpenZeppelin said that EthTrust is very useful for the company. The article is about:

“We failed our previous security audit because we didn’t have clear guidance on what security requirements we were missing. We feel much more confident going into our next audit after reviewing the EthTrust requirements and implementing them in our codebase.”

Nevile said that even though people prefer EthTrust standard v1, it’s still difficult to make sure that developers and organizations are aware of it. He also said that the framework is great for starting new projects on Ethereum. He said: Said he:

“Projects like Uniswap, Aave and others may look at these specifications and find them to be useful, but for the most part it’s common knowledge for them. Projects that are just now being developed and going to production on Ethereum will likely find these specifications to be valuable.”

We don’t know if the usual industry practices will fix security issues on Ethereum later. John Wingate, the man who founded BankSocial, a company that works with money, said that it’s a problem when the way things are done in the industry keeps changing. “He said that things are always changing and languages are losing value in different ways, such as methods, variables, data types, and object types. ”

With this in mind, Nevile said that they are already making version 3 of the EthTrust specification. “We release something new about every 16 months. ” I think we should update it every 12 to 18 months to keep it up to date.

Wingate believes that doing lots of tests over and over is the best way to make sure decentralized apps follow the rules and stay safe. “He said:”

“This means being able to set your platform up to have regular, automated, code testing. When the source code, or compiler is known to have a bug, the automation tool can be updated and then everyone gets the benefit of scanning for the exploits.”

Latest stories

You might also like...