1. BITBILIHome
  2. Article

Consensys releases new tool for enhanced smart contract security

191 views

TL;DR Breakdown

  • Consensys has announced the release of a new diligence fuzzing tool to enhance smart contract security.
  • Embracing sophisticated fuzzing to mitigate Defi vulnerabilities.

Description

Blockchain technology firm ConsenSys has taken a significant step in bolstering the security of decentralized finance (DeFi) platforms by publicly releasing its “Diligence Fuzzing” tool for smart contract testing. The announcement, made on August 1, highlights the tool’s capability to generate “random and invalid data points” to detect vulnerabilities in contracts before they are deployed, … Read more

Blockchain technology firm ConsenSys has taken a significant step in bolstering the security of decentralized finance (DeFi) platforms by publicly releasing its “Diligence Fuzzing” tool for smart contract testing. The announcement, made on August 1, highlights the tool’s capability to generate “random and invalid data points” to detect vulnerabilities in contracts before they are deployed, potentially preventing millions of dollars in losses due to hacks and security breaches.

Consensys plans to prevent breaches with the tool

The urgency for better testing tools stems from the staggering $2.8 billion lost to DeFi hacks in 2022. As hackers continue to exploit vulnerabilities in smart contracts, developers are turning to more sophisticated testing methods to identify weaknesses before malicious actors can do so. The “Diligence Fuzzing” tool was initially accessible only through a closed beta version, which required developers to seek approval for access. However, as of August 1, the tool has been made available to all without the need for prior approval.

Additionally, it has been integrated into the smart contract toolkit Foundry, offering developers a free version to evaluate its effectiveness before committing to a full-fledged version. To implement the “Diligence Fuzzing” tool effectively, developers can use “Scribble,” a machine language developed by ConsenSys, to annotate their contracts. These annotations enable the fuzzing tool to understand the contract’s behavior and subsequently produce “unexpected” inputs to assess whether the contract can be manipulated to execute unintended actions.

It is important to note that the “Diligence Fuzzing” tool differs from a conventional “black box fuzzer” that generates completely random data. Instead, it operates as a “grey-box fuzzer,” leveraging insights into the program’s current state to produce data types more likely to uncover potential vulnerabilities. This approach increases the tool’s efficiency, allowing developers to uncover security risks more effectively. According to ConsenSys security researcher Gonçalo Sá, there has been a notable increase in developers’ interest in fuzzing.

Embracing sophisticated fuzzing to mitigate Defi vulnerabilities

Foundry’s popularity has led developers to utilize its default black-box fuzzer, becoming more comfortable with fuzzing methodologies. However, some developers are now seeking more sophisticated fuzzing capabilities, which Diligence Fuzzer aims to provide. Sá emphasized the growing awareness among developers about the power of security tools, including fuzzing. The need for enhanced security measures has become increasingly evident as the number of smart contract hacks continues to rise.

In the first half of 2023, excluding rug pulls and phishing scams, losses from Web3 security vulnerabilities exceeded $471.43 million. While Diligence Fuzzing represents a valuable step towards minimizing smart contract vulnerabilities, ConsenSys security services lead Liz Daldalian cautioned that it is not a “silver bullet” to eradicate all smart contract hacks. Nonetheless, it serves as a crucial tool that developers can use to write more secure smart contracts, mitigating potential losses from malicious attacks.

The public release of ConsenSys’ “Diligence Fuzzing” tool marks a significant milestone in the efforts to enhance smart contract security within the DeFi ecosystem. By enabling developers to identify vulnerabilities before contract deployment, the tool can potentially save millions of dollars lost to hacks and security breaches. While it may not provide an absolute solution to all security challenges, it stands as an essential asset in the ongoing battle to safeguard the Web3 community from malicious attacks. With an increasing number of developers recognizing the importance of fuzzing and security tools, the path toward a more secure DeFi landscape becomes clearer.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

文章来源于互联网:Consensys releases new tool for enhanced smart contract security

Disclaimers:

1. You are solely responsible for your investment decisions and this info is not liable for any losses you may incur.

2. The copyright of this article belongs to the writer, it represents the writer's opinions only, not represents the site's ones. Not financial advice.

Previous 2023年8月2日 12:04
Next 2023年8月2日 13:25

Related articles

  • Fed warns top U.S. banks of incoming $500b meltdown

    TL;DR Breakdown U.S. banks could survive a hypothetical $541bn loss, according to Federal Reserve’s annual stress tests. The tests gauge banks’ ability to meet capital requirements under extreme economic scenarios. Banks exceeding requirements can allocate capital to dividends and buybacks freely. Description The financial colossi of the United States could weather a $541 billion loss in a hypothetical economic apocalypse. This is the outcome of the annual stress tests carried out by the Federal Reserve, putting stalwarts like JPMorgan Chase and Goldman Sachs in a favorable light, allaying Wall Street fears regarding the systemic importance of banks … Read more The financial colossi of the United States could weather a $541 billion loss in a hypothetical economic apocalypse. This is the outcome of the annual stress tests carried out by the Federal Reserve, putting stalwarts like JPMorgan Chase and Goldman Sachs in a favorable light, allaying Wall Street fears regarding the systemic importance of banks amidst heavy losses. The silver lining amidst a financial catastrophe According to the Fed’s stress tests, U.S. banks emerged victorious with their capital reserves surpassing…

    Article 2023年7月2日

  • Fed makes ridiculous prediction for U.S. recession

    TL;DR Breakdown The Federal Reserve’s claim that the U.S. will avoid a recession until at least 2027 seems more absurd than informed. Despite stopping interest rate hikes, the Fed’s optimistic projections, especially the 2.1% economic growth, seem detached from reality. Current economic threats like surging oil prices, auto worker strikes, and potential government shutdowns could disrupt these forecasts. Description Well, this is a head-scratcher. In a move that reeks more of absurdity than of informed confidence, the Federal Reserve has declared that the U.S. is on a magical economic carpet ride, poised to dodge any sign of a recession until at least 2027. But before we all start feeling relieved over it, maybe we … Read more Well, this is a head-scratcher. In a move that reeks more of absurdity than of informed confidence, the Federal Reserve has declared that the U.S. is on a magical economic carpet ride, poised to dodge any sign of a recession until at least 2027. But before we all start feeling relieved over it, maybe we should examine the forecast with a critical eye….

    Article 2023年9月21日

  • 9 US Senators rally behind ‘Digital Asset Anti-Money Laundering Act’

    TL;DR Breakdown Nine US Senators have thrown their weight behind Senator Elizabeth Warren’s Digital Asset Anti-Money Laundering Act. Senator Warren welcomed the support of her fellow Senators, highlighting the strength and determination of their coalition. Senator Warren has been a vocal advocate for closing what she refers to as a “$50 billion crypto tax gap.” Description In a significant display of bipartisan support, nine United States Senators have thrown their weight behind Senator Elizabeth Warren’s Digital Asset Anti-Money Laundering Act. This move is poised to bolster the legislative push to regulate and combat illicit activities within the cryptocurrency space. Bipartisan support grows Senator Elizabeth Warren’s initiative has gained backing from prominent … Read more In a significant display of bipartisan support, nine United States Senators have thrown their weight behind Senator Elizabeth Warren’s Digital Asset Anti-Money Laundering Act. This move is poised to bolster the legislative push to regulate and combat illicit activities within the cryptocurrency space. Bipartisan support grows Senator Elizabeth Warren’s initiative has gained backing from prominent Democratic Party Senators, including Gary Peters, Dick Durbin, Tina Smith, Jeanne…

    Article 2023年9月19日

  • Solana Pay integrates with Shopify, enabling USDC payments for millions of businesses

    TL;DR Breakdown Solana Pay has integrated with Shopify, allowing millions of businesses to accept payments in USDC, with near “fee-free” transaction costs, significantly lower than traditional credit card fees. The integration opens doors for innovative loyalty programs, such as NFT loyalty tokens, and is part of Shopify’s ongoing embrace of crypto payment options, including previous collaborations with Coinbase Commerce, Strike, and others. Description Solana Pay, a decentralized payment protocol developed by Solana Labs, has made a significant stride by integrating its plug-in with Shopify. This integration allows millions of businesses on Shopify’s platform to accept payments in USDC, the second-largest stablecoin with a market capitalization of $25.9 billion. The decision to start with USDC was strategic, as merchants … Read more Solana Pay, a decentralized payment protocol developed by Solana Labs, has made a significant stride by integrating its plug-in with Shopify. This integration allows millions of businesses on Shopify’s platform to accept payments in USDC, the second-largest stablecoin with a market capitalization of $25.9 billion. The decision to start with USDC was strategic, as merchants are likely more willing…

    Article 2023年8月24日

  • NFT platform Recur stops operations despite $50 million funding

    TL;DR Breakdown Recur, an NFT-focused startup, is closing down despite having raised $50 million and partnered with major brands like Nickelodeon and Hello Kitty. The platform will phase out key features, including NFT retrievals, trades, and stablecoin cash-outs, due to unforeseen market challenges. Having once been valued at $333 million, Recur’s digital collectibles will migrate to the InterPlanetary File System (IPFS) to ensure their longevity. Description The popular NFT-centric startup, Recur, revealed its impending closure plans this Friday in an internal blog post. Despite securing a hefty $50 million in funding and partnerships with massive brands such as Nickelodeon and Hello Kitty, Recur seems to have been caught off-guard in the tumultuous whirlwind of the crypto domain. NFT Services Winding Down … Read more The popular NFT-centric startup, Recur, revealed its impending closure plans this Friday in an internal blog post. Despite securing a hefty $50 million in funding and partnerships with massive brands such as Nickelodeon and Hello Kitty, Recur seems to have been caught off-guard in the tumultuous whirlwind of the crypto domain. NFT Services Winding Down Recur’s…

    Article 2023年8月21日
TOP