Skip to main content

25% of All Smart Contracts Contain Critical Bugs

25% of All Smart Contracts Contain Critical Bugs

For every problem that smart contracts solve, they seem to introduce another. In a week in which EOS has made news for all the wrong reasons over a RAM vulnerability, a code auditor has revealed the prevalence of smart contract bugs. Security firm Hosho, which has forged a new partnership with community managers Amazix, has found that one in four projects contains critical vulnerabilities.

Also read: Researchers Find Discrepancies With Top Exchange Volumes

$1 Billion Is No Guarantee Against Bugs

25% of All Smart Contracts Contain Critical Bugs$1 billion. That’s the amount raised by the projects whose smart contracts Hosho has audited. The security company claims to have audited more smart contracts than any other industry player. Despite the significant human and financial resources at their disposal, many of these projects would have been crippled had they neglected to have their code thoroughly scrutinized. A quarter of the projects Hosho has audited were found to have critical bugs, and some 60% of all projects they saw had at least one security issue.

Ethereum, the ICO economy’s go-to launchpad, has been the worst affected, with stories abounding of exploitable code that’s led to hundreds of millions of dollars of ether being stolen or locked up. While smart contract platforms such as Stratis are pushing the availability of debugging deployment suites and professional decompilers that come with using C#, Ethereum’s Turing-complete system leaves greater margin for error. Identifying and eliminating all potential security holes is a Sisyphean task, and one which even experienced Solidity developers struggle with. Enlisting the support of a third party specializing in smart contract audits, while not foolproof, is the best bet against shipping bug-filled code.

Smart Contract Testing as a Service

While it is industry practice to have smart contracts audited ahead of a tokensale, projects that have yet to raise funds may be tempted to cut corners and skimp on this task. Doing so can prove fatal, however, with the worst bugs leading to wallets being drained, or buffer overflow exploits being manipulated to alter account balances. Several Ethereum-based projects have been forced to conduct token swaps after screwing up their first attempt at a smart contract.

In EOS land this week, all energies have been focused on patching a RAM exploit that’s recently been detected. It allows a malicious user to “install code on their account which will allow them to insert rows in the name of another account sending them tokens. This lets them lock up RAM by inserting large amounts of garbage into rows when dapps/users send them tokens.”

25% of All Smart Contracts Contain Critical BugsAmazix, the preeminent community management and consultancy firm within the token economy, has now partnered with Hosho to offer its clients smart contract auditing. “In the absence of industry standards, we see smart contract auditing and penetration testing to be essential components of good security in blockchain systems,” said Amazix CMO Kenneth Berthelsen. “In our view, there are no better qualified people to do this than Hosho engineers.”

Proponents of cryptocurrencies see smart contracts eventually infiltrating everything from insurance to dispute resolution. Before that can happen, developing trust in the code that governs them will be crucial.

Do you think smart contracts will eventually become bug-proof, or will exploitable vulnerabilities persist? Let us know in the comments section below.

Images courtesy of Shutterstock.

Need to calculate your bitcoin holdings? Check our tools section.

The post 25% of All Smart Contracts Contain Critical Bugs appeared first on Bitcoin News.



from Bitcoin News https://ift.tt/2LEcDwm
Labels:

Comments

Post a Comment

Popular posts from this blog

Deep Web Roundup: Dream Adds Monero and Bitcoin Tumbler “Chip Mixer” Launches

The darknet has been quiet of late, which is the way it’s meant to be. No news means no mega busts, honeypots, or mass market shutdowns. Even when it’s out of the spotlight though, the deep web is quietly making news, whether trialling the latest privacy coins or the newest coin mixers that promise to restore a little of the privacy that’s being stripped away from bitcoin users on a daily basis. Also read: U.S. Agency ICE Conducts Investigations That Exploit Blockchain Activity The Battle for Privacy Heats Up Privacy is all relative, but of late there’s been relatively little privacy to be enjoyed by bitcoin users. Blockchain monitoring software is becoming more sophisticated and more common, with U.S. law enforcement agencies using it to profile and hunt down deep web users. Chip Mixer is a relatively new bitcoin tumbler that’s designed to restore some of that privacy. Available on both the clearnet and darknet, the service uses a variety of techniques to obfuscate blockchain m...
10 comments
Read more

Ombudsman Receives Complaints About Crypto Investments in Spain

The Spanish ombudsman has been receiving complaints about cryptocurrency and how some Spanish citizens investing in these vehicles have lost everything. In his annual report, Angel Gabilondo recognized the rise of cryptocurrencies as a new problem due to the little or no regulation crypto sees in the country. In the same way, the EU has also warned about these assets recently. Spanish Ombudsman Gives His Take on Crypto Angel Gabilondo, the Spanish ombudsman, has given his take regarding cryptocurrencies and the effects they have on citizens investing in some of these projects. Gabilondo said in his yearly report that cryptocurrencies have become “a new problem” during the year examined, with many people having lost all of their funds invested. The report states : Cryptocurrency exchange companies or platforms are not regulated in the legal system, are not subject to any public supervision system, nor do they benefit from deposit guarantee systems. The affected users that sought...
Post a Comment
Read more

2021 Bitcoin Price Predictions: Analysts Forecast BTC Values Will Range Between Zero to $600K

As bitcoin has touched new price highs on Thursday nearing the $50k handle, people have been curious as to where the price will go in the future. Meanwhile, despite the gains so far, a number of luminaries, analysts, executives, and proponents from the crypto space believe the leading crypto asset will reach between $60k to six-digits this year. Mike Novogratz Predicts $100K Bitcoin: ‘Other CFOs and CEOs Are Saying, What Should We Be Doing?’ Satoshi Nakamoto’s invention has gained mass appeal in recent times as the leading digital asset bitcoin ( BTC ) has reached its highest value ever in 2021. On Thursday morning (EST), BTC spiked to an all-time high (ATH) at $48,697 per unit. Earlier in the morning at around 2 a.m., bitcoin was exchanging hands for $44,485 and saw an 8.98% increase since then. At the time of publication, at 6:30 p.m. (EST) on February 11, 2021, bitcoin (BTC) is swapping for $47,821 per coin. With BTC so close to the $50k mark, people have been forecasting ...
Post a Comment
Read more