1. BITBILIHome
  2. Article

Consensys releases new tool for enhanced smart contract security

162 views

TL;DR Breakdown

  • Consensys has announced the release of a new diligence fuzzing tool to enhance smart contract security.
  • Embracing sophisticated fuzzing to mitigate Defi vulnerabilities.

Description

Blockchain technology firm ConsenSys has taken a significant step in bolstering the security of decentralized finance (DeFi) platforms by publicly releasing its “Diligence Fuzzing” tool for smart contract testing. The announcement, made on August 1, highlights the tool’s capability to generate “random and invalid data points” to detect vulnerabilities in contracts before they are deployed, … Read more

Blockchain technology firm ConsenSys has taken a significant step in bolstering the security of decentralized finance (DeFi) platforms by publicly releasing its “Diligence Fuzzing” tool for smart contract testing. The announcement, made on August 1, highlights the tool’s capability to generate “random and invalid data points” to detect vulnerabilities in contracts before they are deployed, potentially preventing millions of dollars in losses due to hacks and security breaches.

Consensys plans to prevent breaches with the tool

The urgency for better testing tools stems from the staggering $2.8 billion lost to DeFi hacks in 2022. As hackers continue to exploit vulnerabilities in smart contracts, developers are turning to more sophisticated testing methods to identify weaknesses before malicious actors can do so. The “Diligence Fuzzing” tool was initially accessible only through a closed beta version, which required developers to seek approval for access. However, as of August 1, the tool has been made available to all without the need for prior approval.

Additionally, it has been integrated into the smart contract toolkit Foundry, offering developers a free version to evaluate its effectiveness before committing to a full-fledged version. To implement the “Diligence Fuzzing” tool effectively, developers can use “Scribble,” a machine language developed by ConsenSys, to annotate their contracts. These annotations enable the fuzzing tool to understand the contract’s behavior and subsequently produce “unexpected” inputs to assess whether the contract can be manipulated to execute unintended actions.

It is important to note that the “Diligence Fuzzing” tool differs from a conventional “black box fuzzer” that generates completely random data. Instead, it operates as a “grey-box fuzzer,” leveraging insights into the program’s current state to produce data types more likely to uncover potential vulnerabilities. This approach increases the tool’s efficiency, allowing developers to uncover security risks more effectively. According to ConsenSys security researcher Gonçalo Sá, there has been a notable increase in developers’ interest in fuzzing.

Embracing sophisticated fuzzing to mitigate Defi vulnerabilities

Foundry’s popularity has led developers to utilize its default black-box fuzzer, becoming more comfortable with fuzzing methodologies. However, some developers are now seeking more sophisticated fuzzing capabilities, which Diligence Fuzzer aims to provide. Sá emphasized the growing awareness among developers about the power of security tools, including fuzzing. The need for enhanced security measures has become increasingly evident as the number of smart contract hacks continues to rise.

In the first half of 2023, excluding rug pulls and phishing scams, losses from Web3 security vulnerabilities exceeded $471.43 million. While Diligence Fuzzing represents a valuable step towards minimizing smart contract vulnerabilities, ConsenSys security services lead Liz Daldalian cautioned that it is not a “silver bullet” to eradicate all smart contract hacks. Nonetheless, it serves as a crucial tool that developers can use to write more secure smart contracts, mitigating potential losses from malicious attacks.

The public release of ConsenSys’ “Diligence Fuzzing” tool marks a significant milestone in the efforts to enhance smart contract security within the DeFi ecosystem. By enabling developers to identify vulnerabilities before contract deployment, the tool can potentially save millions of dollars lost to hacks and security breaches. While it may not provide an absolute solution to all security challenges, it stands as an essential asset in the ongoing battle to safeguard the Web3 community from malicious attacks. With an increasing number of developers recognizing the importance of fuzzing and security tools, the path toward a more secure DeFi landscape becomes clearer.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Consensys releases new tool for enhanced smart contract security

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年8月2日 12:04
Next 2023年8月2日 13:25

Related articles

  • China’s new dawn? Central bank pitches reform roadmap

    TL;DR Breakdown China’s central bank adviser suggests macroeconomic tweaks aren’t sufficient to rekindle growth; holistic structural reforms are needed. Liu Shijin emphasizes demand-side reforms like equal public services for migrant workers and supply-side changes to boost entrepreneurship in emerging sectors. Amid concerns of dwindling investor confidence, there’s a call for Beijing to ideologically and politically recognize private businesses. Description China, the colossal economic powerhouse, might be at a critical crossroads. The nation’s central bank adviser suggests that simply fiddling with macroeconomic policies won’t reignite its growth. Instead, a holistic structural reform, celebrating entrepreneurship and innovation, is the route to reviving the economic giant’s lost momentum. A Shift in Economic Winds Gone are the days … Read more China, the colossal economic powerhouse, might be at a critical crossroads. The nation’s central bank adviser suggests that simply fiddling with macroeconomic policies won’t reignite its growth. Instead, a holistic structural reform, celebrating entrepreneurship and innovation, is the route to reviving the economic giant’s lost momentum. A Shift in Economic Winds Gone are the days when Beijing had vast avenues to play with…

    Article 2023年9月26日

  • Binance Paris chief dismissed concerns about regulatory charges days before raid by French authorities

    TL;DR Breakdown Binance France’s top executive, David Prinçay, downplayed concerns about regulatory charges just days before French police visited the company’s office. French prosecutors have opened a probe into alleged aggravated money laundering and operating an unauthorized exchange by Binance. Prinçay dismissed the charges brought by U.S. regulators, emphasizing the separation of Binance.US assets from the international exchange and expressing confidence in European regulatory oversight. Description French authorities launched a probe into crypto exchange Binance for “aggravated money laundering” and operating an unauthorized exchange. Just days before the French authorities raid Binance‘s Paris office, the exchange’s top executive in France, David Prinçay, dismissed concerns about regulatory charges from the US, comparing them to the flapping of a butterfly’s wings. When asked … Read more French authorities launched a probe into crypto exchange Binance for “aggravated money laundering” and operating an unauthorized exchange. Just days before the French authorities raid Binance‘s Paris office, the exchange’s top executive in France, David Prinçay, dismissed concerns about regulatory charges from the US, comparing them to the flapping of a butterfly’s wings. When asked by…

    Article 2023年6月20日

  • Sanctions drive BRICS unity as Russia relations deepen

    TL;DR Breakdown Western sanctions against Russia have unintentionally strengthened ties among BRICS nations. BRICS, originally consisting of Brazil, Russia, India, China, and South Africa, recently expanded to include several new members. Post-sanctions, India and China have increased Russian oil imports and explored payment methods outside of the US dollar. Description Amidst the chaotic global energy landscape, the bond among BRICS nations seems to have only grown stronger, largely due to Western sanctions against Russia. The implications of these sanctions, which were a direct response to Russia’s Ukraine invasion, have reverberated beyond Moscow’s curtailed oil revenue. They have inadvertently nudged BRICS closer together, solidifying their alliance … Read more Amidst the chaotic global energy landscape, the bond among BRICS nations seems to have only grown stronger, largely due to Western sanctions against Russia. The implications of these sanctions, which were a direct response to Russia’s Ukraine invasion, have reverberated beyond Moscow’s curtailed oil revenue. They have inadvertently nudged BRICS closer together, solidifying their alliance further. The Unintended Consequences of Western Sanctions While the West’s intent was to penalize Russia, these actions…

    Article 2023年9月5日

  • Ant Group’s $6 billion buyback amid regulatory tension

    TL;DR Breakdown Ant Group, under the leadership of Jack Ma, has launched a plan to buy back shares valued almost 70% below its 2020 IPO estimate amid ongoing regulatory scrutiny. This move came after a $1 billion fine imposed by Chinese financial regulators as part of a broader campaign to rein in corporate influence. The regulatory crackdown began after Jack Ma criticized Chinese regulators and state-owned banks in November 2020, leading to a restructuring of Ant Group. Description In the tempestuous world of fintech, one storm appears to be brewing over Ant Group, the financial technology colossus pioneered by the ubiquitous Jack Ma. The firm has unveiled a plan to buy back shares valued almost 70% below its IPO estimate in 2020, a move that has raised eyebrows in investor circles. But this … Read more In the tempestuous world of fintech, one storm appears to be brewing over Ant Group, the financial technology colossus pioneered by the ubiquitous Jack Ma. The firm has unveiled a plan to buy back shares valued almost 70% below its IPO estimate in 2020,…

    Article 2023年7月10日

  • Ava Labs launches Arcad3 to help gaming companies enter the Web3 space

    TL;DR Breakdown Ava Labs has launched Arcad3 to introduce gaming outfits into the Web3 ecosystem. The platform has announced two firms as early partners in the project. Ava Labs, the crypto firm supporting the Avalanche blockchain, has introduced Avalanche Arcad3, a collaborative program aimed at traditional game developers seeking to explore blockchain game integrations. The initiative has already garnered early partnerships with Japanese metaverse and entertainment companies Gree and Gumi, both of whom are eager to delve into blockchain gaming through the Ethereum-compatible Avalanche chain. Ava Labs wants to bring Web3 to gaming companies Avalanche Arcad3 aims to bridge the gap between “Web2” game developers and various entities within the blockchain gaming ecosystem. The program will connect game makers with existing esports organizations, blockchain gaming guilds, and Web3 game studios operating on the Avalanche network. Participants will gain insights into regulatory compliance strategies, and implementation of on-chain features such as NFTs, prize pools, esports marketing, and in-game tokens. For Web2 partners, Ava Labs will offer guidance on entering the crypto gaming space more broadly and effectively marketing the transition to…

    Article 2023年6月14日
TOP