1. BITBILIHome
  2. Article

Consensys releases new tool for enhanced smart contract security

24 views

TL;DR Breakdown

  • Consensys has announced the release of a new diligence fuzzing tool to enhance smart contract security.
  • Embracing sophisticated fuzzing to mitigate Defi vulnerabilities.

Description

Blockchain technology firm ConsenSys has taken a significant step in bolstering the security of decentralized finance (DeFi) platforms by publicly releasing its “Diligence Fuzzing” tool for smart contract testing. The announcement, made on August 1, highlights the tool’s capability to generate “random and invalid data points” to detect vulnerabilities in contracts before they are deployed, … Read more

Blockchain technology firm ConsenSys has taken a significant step in bolstering the security of decentralized finance (DeFi) platforms by publicly releasing its “Diligence Fuzzing” tool for smart contract testing. The announcement, made on August 1, highlights the tool’s capability to generate “random and invalid data points” to detect vulnerabilities in contracts before they are deployed, potentially preventing millions of dollars in losses due to hacks and security breaches.

Consensys plans to prevent breaches with the tool

The urgency for better testing tools stems from the staggering $2.8 billion lost to DeFi hacks in 2022. As hackers continue to exploit vulnerabilities in smart contracts, developers are turning to more sophisticated testing methods to identify weaknesses before malicious actors can do so. The “Diligence Fuzzing” tool was initially accessible only through a closed beta version, which required developers to seek approval for access. However, as of August 1, the tool has been made available to all without the need for prior approval.

Additionally, it has been integrated into the smart contract toolkit Foundry, offering developers a free version to evaluate its effectiveness before committing to a full-fledged version. To implement the “Diligence Fuzzing” tool effectively, developers can use “Scribble,” a machine language developed by ConsenSys, to annotate their contracts. These annotations enable the fuzzing tool to understand the contract’s behavior and subsequently produce “unexpected” inputs to assess whether the contract can be manipulated to execute unintended actions.

It is important to note that the “Diligence Fuzzing” tool differs from a conventional “black box fuzzer” that generates completely random data. Instead, it operates as a “grey-box fuzzer,” leveraging insights into the program’s current state to produce data types more likely to uncover potential vulnerabilities. This approach increases the tool’s efficiency, allowing developers to uncover security risks more effectively. According to ConsenSys security researcher Gonçalo Sá, there has been a notable increase in developers’ interest in fuzzing.

Embracing sophisticated fuzzing to mitigate Defi vulnerabilities

Foundry’s popularity has led developers to utilize its default black-box fuzzer, becoming more comfortable with fuzzing methodologies. However, some developers are now seeking more sophisticated fuzzing capabilities, which Diligence Fuzzer aims to provide. Sá emphasized the growing awareness among developers about the power of security tools, including fuzzing. The need for enhanced security measures has become increasingly evident as the number of smart contract hacks continues to rise.

In the first half of 2023, excluding rug pulls and phishing scams, losses from Web3 security vulnerabilities exceeded $471.43 million. While Diligence Fuzzing represents a valuable step towards minimizing smart contract vulnerabilities, ConsenSys security services lead Liz Daldalian cautioned that it is not a “silver bullet” to eradicate all smart contract hacks. Nonetheless, it serves as a crucial tool that developers can use to write more secure smart contracts, mitigating potential losses from malicious attacks.

The public release of ConsenSys’ “Diligence Fuzzing” tool marks a significant milestone in the efforts to enhance smart contract security within the DeFi ecosystem. By enabling developers to identify vulnerabilities before contract deployment, the tool can potentially save millions of dollars lost to hacks and security breaches. While it may not provide an absolute solution to all security challenges, it stands as an essential asset in the ongoing battle to safeguard the Web3 community from malicious attacks. With an increasing number of developers recognizing the importance of fuzzing and security tools, the path toward a more secure DeFi landscape becomes clearer.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Consensys releases new tool for enhanced smart contract security

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年8月2日 12:04
Next 2023年8月2日 13:25

Related articles

  • House hearing sparks heated debate over CBDC – Details

    Description The fiery chasm between Congress members and industry professionals grew even wider in a recent hearing over the controversial topic of Central Bank Digital Currencies (CBDCs). While the dust is still settling after the introduction of an anti-CBDC bill, both sides of the aisle have armed themselves with data, expertise, and a great deal of … Read more The fiery chasm between Congress members and industry professionals grew even wider in a recent hearing over the controversial topic of Central Bank Digital Currencies (CBDCs). While the dust is still settling after the introduction of an anti-CBDC bill, both sides of the aisle have armed themselves with data, expertise, and a great deal of bravado. The Digital Dollar Dilemma The latest sparring ground was the House Subcommittee on Digital Assets, Financial Technology, and Inclusion. On one side, we had financial and law experts highlighting potential risks and pitfalls of a CBDC system, while on the other side, advocates boasted about the potential of public financial security and streamlined payments. Now, we’re no strangers to Representative Warren Davidson’s take. This Ohio…

    Article 2023年9月15日

  • Crime displacement from mixers to cross-chain bridges following crackdown

    TL;DR Breakdown The crypto crime game has taken on new heights, one dance law enforcers and crypto criminals will be at for a long time. Crypto criminals have shifted from the mixers, after the US-led enforcement actions and sanctions, to cross-chain solutions to advance their money laundering activities. The Lazarus groups’ recent activities shed light on the shift from Mixers crime to cross-chain crime Description Law enforcement and fights against crime are often a race between the criminals and the enforcers. The race may require more tactics for the other party to win or outrun the other. For instance, too many restrictions in one jurisdiction may prompt criminals to shift their operations to another jurisdiction, referred to as ‘Crime displacement.’ … Read more Law enforcement and fights against crime are often a race between the criminals and the enforcers. The race may require more tactics for the other party to win or outrun the other. For instance, too many restrictions in one jurisdiction may prompt criminals to shift their operations to another jurisdiction, referred to as ‘Crime displacement.’ This is…

    Article 2023年9月21日

  • FTX sues LayerZero Labs in a bid to recover $21 million amid bankruptcy

    TL;DR Breakdown FTX, a bankrupt cryptocurrency exchange, has sued LayerZero Labs to recover $21 million, alleging illicit withdrawals made just before FTX’s bankruptcy. The lawsuit also involves transactions with Alameda Ventures and focuses on a deal allowing Alameda Research to sell back a 5% stake in LayerZero. Bryan Pellegrino, CEO of LayerZero Labs, refutes the lawsuit’s claims, stating they are unsubstantiated. He suggests that FTX is prolonging the legal process to accumulate more legal fees. LayerZero had been trying to address share ownership issues with FTX’s liquidators for nearly a year. The lawsuit is part of a series of legal actions by FTX to recover lost funds. It follows a previous lawsuit by FTX to recover more than $320 million spent on acquiring Digital Assets AG. Both FTX and LayerZero are preparing for a protracted legal battle. Description Bankrupt cryptocurrency exchange FTX has filed a lawsuit against LayerZero Labs, a cross-chain protocol company, seeking to recover $21 million. The lawsuit alleges that LayerZero Labs illegally withdrew these funds just before FTX’s bankruptcy declaration in November. The case stems from transactions…

    Article 2023年9月11日

  • China’s AIIB gets major World Bank partnership

    TL;DR Breakdown AIIB, China’s alternative to the World Bank, approved a significant partnership involving $1 billion in credit guarantees. This collaboration allows the World Bank to overcome financing constraints, while AIIB can better utilize its surplus capital. The partnership aligns with a global effort to increase financing for climate challenges. Description An emblematic partnership has surfaced in the global banking sector. The Asian Infrastructure Investment Bank (AIIB), often considered China’s alternative to the World Bank, has initiated a high-stakes collaboration. This monumental alliance comes amidst accusations that China’s Communist party has been manipulating the bank from behind the scenes. A significant accord for AIIB The governing … Read more An emblematic partnership has surfaced in the global banking sector. The Asian Infrastructure Investment Bank (AIIB), often considered China’s alternative to the World Bank, has initiated a high-stakes collaboration. This monumental alliance comes amidst accusations that China’s Communist party has been manipulating the bank from behind the scenes. A significant accord for AIIB The governing body of the AIIB greenlit a plan to allocate $1 billion in credit assurances against sovereign-supported…

    Article 2023年7月22日

  • Ledger releases highly anticipated white paper for Ledger recover

    TL;DR Breakdown   Ledger releases a white paper on Ledger Recover, a revolutionary key recovery solution. Ledger’s open-source acceleration program promotes transparency and collaboration in the industry. The comprehensive white paper empowers users to manage their digital assets securely. Description Ledger, the industry-leading provider of Bitcoin wallets, has taken a significant step towards openness and cooperation by releasing the highly anticipated white paper for their innovative Ledger Recover product. This revolutionary service has garnered widespread approval within the cryptocurrency community, as it offers a key recovery solution for Ledger Nano X owners who have lost … Read more Ledger, the industry-leading provider of Bitcoin wallets, has taken a significant step towards openness and cooperation by releasing the highly anticipated white paper for their innovative Ledger Recover product. This revolutionary service has garnered widespread approval within the cryptocurrency community, as it offers a key recovery solution for Ledger Nano X owners who have lost their hardware wallet, PIN, and 24 recovery words. The white paper provides an in-depth exploration of the intricate workings of Ledger Recover, shedding light on essential aspects…

    Article 2023年6月24日
TOP