A group of researchers from ETH/Zurich have managed to create a smart contract scanner. This is all based on ETH and it is certainly a move forward in terms of cryptocurrency. The checks are done to try and make sure that smart contracts do not contain any errors and they are also done to make sure that they do not contain any potential problems as well. The researchers included Dr. Petar Tsankov and even Professor. Martin Vechev as well. Among the team you also had Dr. Arthur Gervais. The team as a whole have a really extensive level of experience and they are more than knowledgeable about the world of security as well. It is their job to make sure that the system stays secure and it is also their job to try and prove that blockchain does have a place among smart contracts. The team have worked to join a brand new company and they are known as being Chain Security. They are now launching projects that will try and help programmers and even ICO builders to try and launch their very own tokens. So that brings about the question, what is Chain Security able to offer? The main challenge of them trying to build a security scanner for contracts is to try and find a way that is able to explore all of the contact behaviours. The idea of this is to try and exceed the number of atoms in the universe. It isn’t hard to see how incredible this could be. There is an automated security check in place right now for smart contracts. They work to avoid this problem by inspecting a subset of every contract behaviour. The problem here is that because not all problems are covered, and not all behaviours are analysed, it is more than possible that some security vulnerabilities are being overlooked.
The ETH based scanner will be able to consider every single contract behaviours and it will also be able to solve the various challenges that are in place as well. If it is able to do this then it would help to avoid the situation in general. In fact, when you look at the ETH open source contracts that are in place right now, you would quickly see that solutions can lose up to 60% of vulnerabilities and this is because they are not able to cover everything enough.
So who are they? At the moment the project is being completely self-financed and the team were clear at the time that they have no plans to try and launch an ICO. You can see the beta version of the scanner by doing a simple Google search. The team themselves have a significant interest in their own products and they also have the plan to try and launch a product very, very soon. The idea of Securify is that it is able to launch 100 contracts per day. This is way higher, 50 times higher in fact, when compared to the alternatives that are available. If you want to get an example of what contracts are available then Quantstamp is one of them. As it stands right now this is actually the best option if you were to trade smart contracts or even if you wanted to get them audited. It is also used by security auditors as well. The new ETH system is expected to have a greater traction and this is all because of the increased coverage. The team started out very organically and they are now very interested in working in the area of automated analysis projects. When you look at the major security problems that are present in ETH contracts you will soon see that they come with a huge level of financial consequence. You will also see that the automated system that is in place right now just isn’t effective enough, but this could easily provide a fantastic solution.
The objective of the team is to try and automate smart contracts and audits. When you look at Chain Security you will see that this is based on the Chain Code and the Securify team want to be seen as being the gold standard when compared. They have said themselves that they want to try and build the very first automated verifier when it comes to smart contracts and that this is all going to start in their very own research lab. They are going to release it to the public and at this point, it is certainly not an academic project. There was so much commercial interest at the time that this completely changed the scope of the whole thing around. The project quickly grew in terms of its own scope and the quick tests of the new features really did show how quickly the whole thing could find the exploits and then put an end to them. This is interesting to say the least because since these contracts are able to manage millions of dollars, it’s best to get a solution implemented early on.