{"id":117027,"date":"2020-11-21T10:14:00","date_gmt":"2020-11-21T07:14:00","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/smart-contract-standards-making-defi-transactions-on-ethereum-more-secure\/"},"modified":"2020-11-21T10:14:00","modified_gmt":"2020-11-21T07:14:00","slug":"smart-contract-standards-making-defi-transactions-on-ethereum-more-secure","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/smart-contract-standards-making-defi-transactions-on-ethereum-more-secure\/","title":{"rendered":"# Smart contract standards: Making DeFi transactions on Ethereum more secure"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a2d562ed38bf\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a2d562ed38bf\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/smart-contract-standards-making-defi-transactions-on-ethereum-more-secure\/#Smart_contract_transactions_on_Ethereum_require_security\" >Smart contract transactions on Ethereum require security<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-2\" href=\"https:\/\/buradabiliyorum.com\/en\/smart-contract-standards-making-defi-transactions-on-ethereum-more-secure\/#A_registry_system_for_rated_smart_contracts\" >A registry system for rated smart contracts<\/a><\/li><li class='ez-toc-page-1 ez-toc-heading-level-3'><a class=\"ez-toc-link ez-toc-heading-3\" href=\"https:\/\/buradabiliyorum.com\/en\/smart-contract-standards-making-defi-transactions-on-ethereum-more-secure\/#Growing_interest_for_secure_smart_contracts\" >Growing interest for secure smart contracts<\/a><\/li><\/ul><\/nav><\/div>\n<p>&#8220;<strong># Smart contract standards: Making DeFi transactions on Ethereum more secure <\/strong>&#8221;<br \/>\n<img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjAtMTEvM2Q5MWUxOWUtMzRjMC00NjdlLTk3YWMtY2ZiNGFmYmYwYjhjLmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-5a136f3a>Decentralized finance continues to make its impact on the crypto market, and with over $13 billion of total value of assets\u00a0<a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/defipulse.com\">locked<\/a>,\u00a0DeFi projects are clearly resonating with eager crypto investors. Yet while the DeFi space has been progressing over the last year, a number of illegitimate projects have come to fruition, reminding some of the 2017 ICO boom and its subsequent bust.<\/p>\n<p>For example, Harvest Finance, a major decentralized protocol, was recently hacked. The attacker made away with $24 million from Harvest Finance pools. Most recently, Value DeFi, the decentralized finance protocol, fell victim to a $6-million flash loan exploit. And of course, one of the biggest events of the year for DeFi involved SushiSwap, where the creator\u00a0sold $13 million of dev funds, causing a market crash.<\/p>\n<p>It\u2019s important to point out that the majority of DeFi projects are built on the Ethereum blockchain. According to the website <a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/defiprime.com\/ethereum#:~:text=DeFi%20is%20the%20movement%20that,of%20them%20built%20on%20Ethereum.\">DeFiPrime<\/a>, there are currently over 200 DeFi projects on the Ethereum network. Yet while Ethereum <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ears to be the most suitable platform for DeFi projects, the network\u2019s vulnerabilities have played a large role in hacks and fraudulent activities. <\/p>\n<h3><span class=\"ez-toc-section\" id=\"Smart_contract_transactions_on_Ethereum_require_security\"><\/span>Smart contract transactions on Ethereum require security <span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Specifically speaking, the smart contracts that power Ethereum are known for being <a rel=\"nofollow noopener noreferrer\" target=\"_blank\" href=\"https:\/\/cybernews.com\/security\/ethereum-smart-contract-vulnerabilities\/\">fraught<\/a> with security issues, which, in turn, have greatly impacted DeFi projects. In addition, smart contracts being applied to DeFi projects worth billions of dollars are often not audited beforehand. <\/p>\n<p>Tom Lindeman, a previous veteran researcher at Microsoft and the former managing director of the Ethereum Trust Alliance \u2014 a group of blockchain companies working on a security system for smart contracts \u2014 told Cointelegraph that there is currently no good ways to identify whether a smart contract is secure before initiating a transaction:<\/p>\n<blockquote><p>\u201cThe DeFi space is worth billions of dollars now, but so many of those smart contracts being used are never audited. As such, the DeFi sector continues to see a flurry of activity that has individuals and organizations approving token contracts, swapping tokens, and adding liquidity to pools in quick succession without being able to easily check contract security.\u201d<\/p><\/blockquote>\n<p>In an attempt to solve the security challenges related to smart contracts, Lindeman has joined the Enterprise Ethereum Alliance\u2019s newly formed \u201cEthTrust Security Levels Working Group\u201d as its co-chair. According to Lindeman, the working group\u2019s mission will be to continue the advances initially started by the Ethereum Trust Alliance, or ETA, which are aimed to set standards for secure, smart contract transactions conducted on the Ethereum blockchain. <\/p>\n<h3><span class=\"ez-toc-section\" id=\"A_registry_system_for_rated_smart_contracts\"><\/span>A registry system for rated smart contracts<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>Lindeman explained that the ETA has been working on its EthTrust project for close to a year, even before the DeFi space started to expose the vulnerabilities of Ethereum smart contracts. Coincidentally, the EthTrust project joined forces with the Enterprise Ethereum Alliance just as the DeFi space was gaining traction. <\/p>\n<p>Daniel Burnett, executive director of the Enterprise Ethereum Alliance, told Cointelegraph that the timing for the new working group has been purely coincidental in regards to the rise of DeFi. According to Burnett, the new EthTrust project further demonstrates that the Ethereum network is maturing. \u201cWe want to help solve the problems many of our members have expressed in regards to Ethereum,\u201d he said. <\/p>\n<p>Specifically, the new working group plans to address security vulnerabilities in smart contracts by creating a standard and registry system to help users gain greater awareness of how to differentiate which contracts have gone through rigorous security checks. While the project is still a work in progress, the goal is to define certain requirements that smart contracts must exhibit in order to be deemed secure.<\/p>\n<p>For example, Pierre-Alain Mouy, an Enterprise Ethereum Alliance member, former ETA product owner and managing director at NVISO Security in Germany, told Cointelegraph that there are three levels of validation that a smart contract can achieve to help individuals understand its level of trust:<\/p>\n<blockquote><p>\u201cWe started the project by including three different levels of badges that smart contracts can earn to prove its level of trust. Level one consists of a smart contract undergoing work through automation. Levels two and three are manual audits by humans to ensure that contracts are safe and secure.\u201d<\/p><\/blockquote>\n<p>Mouy shared that in order for a smart contract to achieve a level one badge, an automated security scanning tool will be run against the contract. The AI-powered tool is designed to check for a specific set of requirements that the working group is currently defining. <\/p>\n<p>If a smart contract continues to level two, individuals will perform a security audit. \u201cThere will be definitions for audit companies, explaining how long they need to dig into these smart contracts,\u201d said Mouy, adding further: \u201cEventually, an audit report will be created for the working group to manually review. We are not auditors, however. The working group serves as a router to verify that these steps are taken.\u201d<\/p>\n<p>Finally, if a smart contract makes it to level three, additional specifications and test cases written to verify properties in the contract will be performed. According to Mouy, this is called the \u201cformal verification process.\u201d<\/p>\n<p>Once a smart contract has undergone this step-by-step verification process, the initiative\u2019s registry system will enable exchanges, for example, to request a specific rating level before new tokens are listed. This system could also be applied to a multi-member consortium that relies on smart contracts for business purposes. <\/p>\n<h3><span class=\"ez-toc-section\" id=\"Growing_interest_for_secure_smart_contracts\"><\/span>Growing interest for secure smart contracts<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p>According to Lindeman, the EthTrust project has already sparked interest from daily Ethereum users who want to see new things, such as\u00a0yield farming. He further shared that Big Four firm PricewaterhouseCoopers has expressed interest in using this system to provide smart contract ratings for companies interested in the blockchain space. <\/p>\n<p>The growing interest in secure smart contracts is especially important as the Ethereum infrastructure progresses and the promised benefits of Ethereum 2.0 come to fruition. Burnett believes the Ethereum ecosystem will see increased trust moving forward, which will be exhibited by new projects being used by businesses, such as the work being done by the Baseline Protocol. <\/p>\n<p>While innovative, it\u2019s important to point out that the Enterprise Ethereum Alliance\u2019s new working group and the EthTrust project are not the first to tackle challenges related to the security of smart contracts. For example, blockchain security firm Quantstamp has been performing smart contract audits and security checks for blockchain companies since 2017. The firm\u2019s clients include major players in the space such as Binance and eToro. Quantstamp recently announced that it will audit a new DeFi project on the Polkadot blockchain.<\/p>\n<p>In addition to security firms performing audits, companies are also finding ways to ensure secure smart contracts. For example, Vaiot, a blockchain company that uses artificial intelligence to create digital services for enterprises, leverages AI to provide software security and performance in smart contracts. Jakub Kobeldys, the lead developer at Vaiot, told Cointelegraph that while no amount of AI can fully protect against flaws in code, the <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/technology\/\" data-internallinksmanager029f6b8e52c=\"4\" title=\"Technology\" target=\"_blank\" rel=\"noopener\">technology<\/a> can aid developers significantly: <\/p>\n<blockquote><p>\u201cUnsupervised learning techniques could track down new flaws in an automated way, or at least narrow down the search area and give some hints for human experts. It could also lead to the more dynamic development of frameworks that help developers code in a secure manner.\u201d<\/p><\/blockquote>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener noreferrer\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener noreferrer\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/smart-contract-standards-making-defi-transactions-on-ethereum-more-secure\" target=\"_blank\" rel=\"noopener noreferrer\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;# Smart contract standards: Making DeFi transactions on Ethereum more secure &#8221; Decentralized finance continues to make its impact on the crypto market, and with over $13 billion of total value of assets\u00a0locked,\u00a0DeFi projects are clearly resonating with eager crypto investors. Yet while the DeFi space has been progressing over the last year, a number&#8230;<\/p>\n","protected":false},"author":1,"featured_media":117028,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/s3.cointelegraph.com\/uploads\/2020-11\/3d91e19e-34c0-467e-97ac-cfb4afbf0b8c.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74894,74868,74891,75434,117,70944,71101,72287],"class_list":["post-117027","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-blockchain","tag-defi","tag-ethereum","tag-smart-contracts","tag-business","tag-hackers","tag-scams","tag-security"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/117027","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=117027"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/117027\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/117028"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=117027"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=117027"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=117027"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}