1. BITBILIHome
  2. Article

Consensys releases new tool for enhanced smart contract security

16 views

TL;DR Breakdown

  • Consensys has announced the release of a new diligence fuzzing tool to enhance smart contract security.
  • Embracing sophisticated fuzzing to mitigate Defi vulnerabilities.

Description

Blockchain technology firm ConsenSys has taken a significant step in bolstering the security of decentralized finance (DeFi) platforms by publicly releasing its “Diligence Fuzzing” tool for smart contract testing. The announcement, made on August 1, highlights the tool’s capability to generate “random and invalid data points” to detect vulnerabilities in contracts before they are deployed, … Read more

Blockchain technology firm ConsenSys has taken a significant step in bolstering the security of decentralized finance (DeFi) platforms by publicly releasing its “Diligence Fuzzing” tool for smart contract testing. The announcement, made on August 1, highlights the tool’s capability to generate “random and invalid data points” to detect vulnerabilities in contracts before they are deployed, potentially preventing millions of dollars in losses due to hacks and security breaches.

Consensys plans to prevent breaches with the tool

The urgency for better testing tools stems from the staggering $2.8 billion lost to DeFi hacks in 2022. As hackers continue to exploit vulnerabilities in smart contracts, developers are turning to more sophisticated testing methods to identify weaknesses before malicious actors can do so. The “Diligence Fuzzing” tool was initially accessible only through a closed beta version, which required developers to seek approval for access. However, as of August 1, the tool has been made available to all without the need for prior approval.

Additionally, it has been integrated into the smart contract toolkit Foundry, offering developers a free version to evaluate its effectiveness before committing to a full-fledged version. To implement the “Diligence Fuzzing” tool effectively, developers can use “Scribble,” a machine language developed by ConsenSys, to annotate their contracts. These annotations enable the fuzzing tool to understand the contract’s behavior and subsequently produce “unexpected” inputs to assess whether the contract can be manipulated to execute unintended actions.

It is important to note that the “Diligence Fuzzing” tool differs from a conventional “black box fuzzer” that generates completely random data. Instead, it operates as a “grey-box fuzzer,” leveraging insights into the program’s current state to produce data types more likely to uncover potential vulnerabilities. This approach increases the tool’s efficiency, allowing developers to uncover security risks more effectively. According to ConsenSys security researcher Gonçalo Sá, there has been a notable increase in developers’ interest in fuzzing.

Embracing sophisticated fuzzing to mitigate Defi vulnerabilities

Foundry’s popularity has led developers to utilize its default black-box fuzzer, becoming more comfortable with fuzzing methodologies. However, some developers are now seeking more sophisticated fuzzing capabilities, which Diligence Fuzzer aims to provide. Sá emphasized the growing awareness among developers about the power of security tools, including fuzzing. The need for enhanced security measures has become increasingly evident as the number of smart contract hacks continues to rise.

In the first half of 2023, excluding rug pulls and phishing scams, losses from Web3 security vulnerabilities exceeded $471.43 million. While Diligence Fuzzing represents a valuable step towards minimizing smart contract vulnerabilities, ConsenSys security services lead Liz Daldalian cautioned that it is not a “silver bullet” to eradicate all smart contract hacks. Nonetheless, it serves as a crucial tool that developers can use to write more secure smart contracts, mitigating potential losses from malicious attacks.

The public release of ConsenSys’ “Diligence Fuzzing” tool marks a significant milestone in the efforts to enhance smart contract security within the DeFi ecosystem. By enabling developers to identify vulnerabilities before contract deployment, the tool can potentially save millions of dollars lost to hacks and security breaches. While it may not provide an absolute solution to all security challenges, it stands as an essential asset in the ongoing battle to safeguard the Web3 community from malicious attacks. With an increasing number of developers recognizing the importance of fuzzing and security tools, the path toward a more secure DeFi landscape becomes clearer.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Consensys releases new tool for enhanced smart contract security

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年8月2日 12:04
Next 2023年8月2日 13:25

Related articles

  • Best Twitter threads of the day – August 29th

    Description Grayscale’s victory over the SEC is a big win Will stablecoins eclipse Mastercard, PayPal, and other leading digital payment solutions? Grayscale’s victory over the SEC is a big win 1/ Grayscale’s victory over the SEC is *massive.* It’s very rare for a federal circuit court to find that an agency has violated the APA by acting arbitrarily and capriciously. The DC Circuit just delivered a huge embarrassment for the SEC. But the ETF isn’t approved yet 🧵 — Jake Chervinsky (@jchervinsky) August 29, 2023 2/ The DC Circuit soundly rejected the SEC’s view that Grayscale’s ETF proposal was not “designed to prevent fraudulent and manipulative acts and practices.” The SEC has spent a full decade denying spot bitcoin ETF proposals under this reasoning. That era has now come to an end. — Jake Chervinsky (@jchervinsky) August 29, 2023 3/ But the court didn’t order the SEC to approve Grayscale’s ETF proposal. It just said the SEC’s analysis on the “fraud and manipulation” issue was wrong. Now, the SEC has to go back and review Grayscale’s proposal again, with the…

    Article 2023年8月30日

  • Binance Australia temporarily suspends AUD withdrawals and deposits

    TL;DR Breakdown Binance Australia has temporarily suspended AUD withdrawal and deposit services through bank transfers. Users can convert their AUD balances to the stablecoin Tether (USDT) to ensure uninterrupted access to trading and withdrawals. Binance users in Australia can still use credit or debit cards to purchase and sell cryptocurrencies on the platform. Binance Australia recently announced that they would temporarily suspend the withdrawal and deposit of the Australian Dollar (AUD) through bank transfers. The decision comes in the wake of an earlier announcement by Binance Australia on May 18, stating that they would no longer support AUD bank transfers through PayID. This change was attributed to a decision made by a third-party payment service provider. However, it was mentioned in a subsequent update on May 22 that the services would still be available until June 1. In a recent tweet, Binance assured its users that they could smoothly conduct their withdrawals and trading activities following the regulation changes. Binance has introduced the option to convert Australian Dollar (AUD) balances to the widely used stablecoin, Tether (USDT). This move aims…

    Article 2023年6月6日

  • U.S. alerts space firms: Beware of foreign espionage

    Description The U.S. has sounded the alarm, urging the nation’s space industry to bolster its defenses against escalating foreign espionage threats. It’s not merely a nudge; it’s a clarion call as other nations, primarily China and Russia, amplify their clandestine operations to infiltrate and extract crucial trade secrets. The very foundation of the U.S. space sector, … Read more The U.S. has sounded the alarm, urging the nation’s space industry to bolster its defenses against escalating foreign espionage threats. It’s not merely a nudge; it’s a clarion call as other nations, primarily China and Russia, amplify their clandestine operations to infiltrate and extract crucial trade secrets. The very foundation of the U.S. space sector, which is growing at a breakneck pace, is under duress. A Surge in Cyber Espionage and Unconventional Tactics The U.S. counterintelligence echelons have voiced their concerns, highlighting the rising vulnerabilities in the American space industry. With a rapidly expanding economy dedicated to this sector, the stakes have never been higher. The repercussions of a lapse in vigilance could echo for decades, potentially destabilizing the country’s position…

    Article 2023年8月21日

  • JPMorgan analysts predict SEC will approve multiple spot bitcoin ETFs following Grayscale’s legal victory

    TL;DR Breakdown JPMorgan analysts predict that the U.S. Securities and Exchange Commission (SEC) is likely to approve multiple spot Bitcoin ETFs following Grayscale’s recent legal win, which challenged the SEC’s rejection of its ETF application. The SEC’s decision to delay rulings on spot Bitcoin ETF proposals from various companies until mid-October is seen as an indicator that multiple approvals are on the horizon, potentially lowering ETF fees through increased competition. While the approval of spot Bitcoin ETFs could be a game-changer, analysts caution that similar products in Canada and Europe have not seen significant investor interest, leaving the broader impact on the cryptocurrency market uncertain. Description In a pivotal development, analysts from JPMorgan, led by Nikolaos Panigirtzoglou, forecasted that the U.S. Securities and Exchange Commission (SEC) is poised to approve several spot Bitcoin Exchange-Traded Funds (ETFs). This prediction emerged following Grayscale’s landmark legal win against the SEC, a decision that could reshape the cryptocurrency landscape. Earlier in the week, a federal … Read more In a pivotal development, analysts from JPMorgan, led by Nikolaos Panigirtzoglou, forecasted that the U.S. Securities…

    Article 2023年9月4日

  • Binance Paris chief dismissed concerns about regulatory charges days before raid by French authorities

    TL;DR Breakdown Binance France’s top executive, David Prinçay, downplayed concerns about regulatory charges just days before French police visited the company’s office. French prosecutors have opened a probe into alleged aggravated money laundering and operating an unauthorized exchange by Binance. Prinçay dismissed the charges brought by U.S. regulators, emphasizing the separation of Binance.US assets from the international exchange and expressing confidence in European regulatory oversight. Description French authorities launched a probe into crypto exchange Binance for “aggravated money laundering” and operating an unauthorized exchange. Just days before the French authorities raid Binance‘s Paris office, the exchange’s top executive in France, David Prinçay, dismissed concerns about regulatory charges from the US, comparing them to the flapping of a butterfly’s wings. When asked … Read more French authorities launched a probe into crypto exchange Binance for “aggravated money laundering” and operating an unauthorized exchange. Just days before the French authorities raid Binance‘s Paris office, the exchange’s top executive in France, David Prinçay, dismissed concerns about regulatory charges from the US, comparing them to the flapping of a butterfly’s wings. When asked by…

    Article 2023年6月20日
TOP