1. BITBILIHome
  2. Article

Consensys releases new tool for enhanced smart contract security

115 views

TL;DR Breakdown

  • Consensys has announced the release of a new diligence fuzzing tool to enhance smart contract security.
  • Embracing sophisticated fuzzing to mitigate Defi vulnerabilities.

Description

Blockchain technology firm ConsenSys has taken a significant step in bolstering the security of decentralized finance (DeFi) platforms by publicly releasing its “Diligence Fuzzing” tool for smart contract testing. The announcement, made on August 1, highlights the tool’s capability to generate “random and invalid data points” to detect vulnerabilities in contracts before they are deployed, … Read more

Blockchain technology firm ConsenSys has taken a significant step in bolstering the security of decentralized finance (DeFi) platforms by publicly releasing its “Diligence Fuzzing” tool for smart contract testing. The announcement, made on August 1, highlights the tool’s capability to generate “random and invalid data points” to detect vulnerabilities in contracts before they are deployed, potentially preventing millions of dollars in losses due to hacks and security breaches.

Consensys plans to prevent breaches with the tool

The urgency for better testing tools stems from the staggering $2.8 billion lost to DeFi hacks in 2022. As hackers continue to exploit vulnerabilities in smart contracts, developers are turning to more sophisticated testing methods to identify weaknesses before malicious actors can do so. The “Diligence Fuzzing” tool was initially accessible only through a closed beta version, which required developers to seek approval for access. However, as of August 1, the tool has been made available to all without the need for prior approval.

Additionally, it has been integrated into the smart contract toolkit Foundry, offering developers a free version to evaluate its effectiveness before committing to a full-fledged version. To implement the “Diligence Fuzzing” tool effectively, developers can use “Scribble,” a machine language developed by ConsenSys, to annotate their contracts. These annotations enable the fuzzing tool to understand the contract’s behavior and subsequently produce “unexpected” inputs to assess whether the contract can be manipulated to execute unintended actions.

It is important to note that the “Diligence Fuzzing” tool differs from a conventional “black box fuzzer” that generates completely random data. Instead, it operates as a “grey-box fuzzer,” leveraging insights into the program’s current state to produce data types more likely to uncover potential vulnerabilities. This approach increases the tool’s efficiency, allowing developers to uncover security risks more effectively. According to ConsenSys security researcher Gonçalo Sá, there has been a notable increase in developers’ interest in fuzzing.

Embracing sophisticated fuzzing to mitigate Defi vulnerabilities

Foundry’s popularity has led developers to utilize its default black-box fuzzer, becoming more comfortable with fuzzing methodologies. However, some developers are now seeking more sophisticated fuzzing capabilities, which Diligence Fuzzer aims to provide. Sá emphasized the growing awareness among developers about the power of security tools, including fuzzing. The need for enhanced security measures has become increasingly evident as the number of smart contract hacks continues to rise.

In the first half of 2023, excluding rug pulls and phishing scams, losses from Web3 security vulnerabilities exceeded $471.43 million. While Diligence Fuzzing represents a valuable step towards minimizing smart contract vulnerabilities, ConsenSys security services lead Liz Daldalian cautioned that it is not a “silver bullet” to eradicate all smart contract hacks. Nonetheless, it serves as a crucial tool that developers can use to write more secure smart contracts, mitigating potential losses from malicious attacks.

The public release of ConsenSys’ “Diligence Fuzzing” tool marks a significant milestone in the efforts to enhance smart contract security within the DeFi ecosystem. By enabling developers to identify vulnerabilities before contract deployment, the tool can potentially save millions of dollars lost to hacks and security breaches. While it may not provide an absolute solution to all security challenges, it stands as an essential asset in the ongoing battle to safeguard the Web3 community from malicious attacks. With an increasing number of developers recognizing the importance of fuzzing and security tools, the path toward a more secure DeFi landscape becomes clearer.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Consensys releases new tool for enhanced smart contract security

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年8月2日 12:04
Next 2023年8月2日 13:25

Related articles

  • U.K. Parliament greenlights online safety bill, extending regulations to the metaverse

    TL;DR Breakdown The U.K. Parliament has passed the Online Safety Bill, which now extends its regulations to the metaverse, aiming to protect users from illegal and harmful content. Companies are required to assess and mitigate risks of users encountering such content, with a focus on both online freedom and safety. The bill awaits royal assent from King Charles and will take effect immediately unless specified otherwise, marking a significant step in internet governance. Description On Tuesday, the U.K. Parliament passed the Online Safety Bill, a comprehensive framework designed to protect internet users from encountering illegal or harmful content.  Notably, the bill has been extended to cover the metaverse, a collective of virtual worlds that has gained significant traction following Facebook’s rebranding to Meta. The legislation mandates companies to assess … Read more On Tuesday, the U.K. Parliament passed the Online Safety Bill, a comprehensive framework designed to protect internet users from encountering illegal or harmful content.  Notably, the bill has been extended to cover the metaverse, a collective of virtual worlds that has gained significant traction following Facebook’s rebranding to…

    Article 2023年9月22日

  • Canadian crypto investors under siege as home invasions send shockwaves across the nation

    TL;DR Breakdown According to a joint release published by Delta Police and Richmond Royal Canadian Mounted Police (RCMP) on Wednesday, the perpetrators behind these robberies seem to be well-informed about their victims’ heavy investments in cryptocurrency.  In some cases, the criminals have already been successful in gaining entry into their victims’ homes by assuming various false identities, such as delivery persons or individuals with authority. Description Canadian law enforcement has issued a public warning in response to a concerning trend of home invasion-style robberies targeting large crypto investors in the country. According to a joint release published by Delta Police and Richmond Royal Canadian Mounted Police (RCMP) on Wednesday, the perpetrators behind these robberies seem to be well-informed about their victims’ … Read more Canadian law enforcement has issued a public warning in response to a concerning trend of home invasion-style robberies targeting large crypto investors in the country. According to a joint release published by Delta Police and Richmond Royal Canadian Mounted Police (RCMP) on Wednesday, the perpetrators behind these robberies seem to be well-informed about their victims’ heavy…

    Article 2023年7月21日

  • SEC requests asset freeze on Binance.US amidst lawsuit alleging compliance failures

    TL;DR Breakdown The SEC has filed a lawsuit against Binance.US, Binance Global, and CEO Changpeng Zhao, alleging compliance and control failures. The commission has requested a temporary restraining order to freeze assets tied to BAM Management US Holdings and BAM Trading Services, the holding and operating firms for Binance.US. The U.S. Securities and Exchange Commission (SEC) has taken legal action against Binance.US, Binance Global, and Binance CEO Changpeng Zhao, filing a lawsuit that alleges a range of compliance and control failures. In a court filing on Tuesday, the SEC requested a temporary restraining order to freeze assets tied to BAM Management US Holdings and BAM Trading Services, the holding and operating firms for Binance.US. The SEC’s move aims to protect customer assets and prevent the dissipation of funds amid concerns about regulatory evasion and undisclosed financial transfers. Ensuring customer safety and asset preservation In its court filing, the SEC emphasized the necessity of expedited relief to safeguard customer assets. The regulatory body cited years of violative conduct, disregard for U.S. laws, and evasion of regulatory oversight by the defendants as…

    Article 2023年6月12日

  • FDIC Issues Cease-and-Desist Notice to Defunct Crypto Firm Unbanked, Inc.

    TL;DR Breakdown The U.S. Federal Deposit Insurance Corporation (FDIC) has issued a cease-and-desist notice to Unbanked, Inc. This crypto firm ceased operations in June for allegedly making false claims about FDIC insurance coverage. The case highlights the importance of transparency and regulatory compliance in the cryptocurrency industry, reminding crypto firms of the potential legal repercussions of misleading claims about their financial products. Description The U.S. Federal Deposit Insurance Corporation (FDIC) has issued a cease-and-desist notice to Unbanked, Inc., a Georgia-based technology company that shuttered its operations in June. The FDIC alleges that the crypto firm made false and misleading claims about its insurance status, even after it had announced the cessation of its operations. Contents hide 1 Unbanked’s … Read more The U.S. Federal Deposit Insurance Corporation (FDIC) has issued a cease-and-desist notice to Unbanked, Inc., a Georgia-based technology company that shuttered its operations in June. The FDIC alleges that the crypto firm made false and misleading claims about its insurance status, even after it had announced the cessation of its operations. Contents hide 1 Unbanked’s Misleading Claims About FDIC…

    Article 2023年8月7日

  • Uniswap Price Prediction 2023-2032: Will UNI Keep Steady?

    Contents hide 1 Uniswap Price Prediction 2023-2032 2 How much is UNI worth today? 3 Uniswap Price Analysis: UNI sharply declines in the last 12 hours 3.1 Uniswap price analysis on a daily timeframe: UNI bulls lose ground again 3.2 price analysis on the 4-hour chart: Recent developments and further technical indications 3.3 What to expect from Uniswap price analysis next? 4 Uniswap Price Predictions for 2023-2032 4.1 Price Predictions By Cryptopolitan 4.1.1 Uniswap Price Prediction 2023 4.1.2 Uni coin Price Prediction 2024 4.1.3 UNI Price Forecast for 2025 4.1.4 Uniswap (UNI) Price Prediction 2026 4.1.5 Uniswap (uni )Price Predictions 2027 4.1.6 Uniswap Price Prediction 2028 4.1.7 Uniswap (UNI) Price Prediction 2029 4.1.8 Uniswap Price Prediction 2030 4.1.9 Uniswap (UNI) Price Prediction 2031 4.1.10 Uniswap Price Prediction 2032 4.2 Price Prediction By Coincodex 4.3 Uniswap Price Prediction By DigitalCoinPrice 4.4 Uniswap Price Predictions By CryptoPredictions.com 4.5 Uniswap Price Predictions By Market Sentiment 5 Overview 6 Uniswap Price History 7 Recent News/Opinions on the Uniswap Network 8 More on the Uniswap Network 8.1 Is it a good time to invest in…

    Article 2023年6月11日
TOP