Enterprise Ethereum Alliance Advances Smart Contract Security With EthTrust Exclusivity | Ethereum News

The EEA EthTrust Security Level Specification defines smart contract security certification requirements for the Ethereum ecosystem

Wakefield, Mass. – August 22, 2022 – Enterprise Ethereum Alliance (EEA) Announces Today’s Publication EthTrust Security Level Specification V1. Developed by the EEA EthTrust Security Level Working Group, the new specification aims to define for auditors how to certify that a smart contract has been executed through a thorough security audit by a professional team.

The blockchain space has exploded with a flurry of activity in which individuals and organizations have deployed tokenized contracts, smart contracts to add liquidity to pools and support a wide range of business models and critical services. While there are many established firms that offer to test the security of smart contracts in the Ethereum ecosystem, there is no standard test set nor a common rating system as of now.

“EthTrust Security Level Specification V1 provides the first quality framework with extensive industry support and guidance on the requirements that organizations need to certify to the level of assurance, not only by the reputation of the auditor issuing the certification but Supported by the collective reputation of the many security experts from many competing organizations who have contributed to this work,” said EEA Executive Director Dan Burnett. “I would like to thank the EthTrust Security Level Working Group for collaborating to ensure that this specification defines protection against a real and significant set of known vulnerabilities.”

Chris Cordy is the chairman of the EEA EthTrust Security Level Working Group. splunk, The Working Group brings together EEA member representatives who are primarily known for their audit and security expertise, including: ConsenSys Diligence, Depository Trust and Clearing Corporation (DTCC), hacken, openzeppelin, banco santander And trail of bitsas well as security experts from broad-based members such as EY, J. P. Morgan, Microsoft, sae, splunkeven more.

“As the Ethereum blockchain industry grows, so does the need for a mature framework for assessing the security of smart contracts,” Cordy said. “Notably, the DeFi platforms have grown explosively over the past few years to collectively hold billions of dollars in assets, and they are the target of frequent exploitation. This specification is designed to improve the security of these platforms and reduce security risks. can help reduce that.”

“This work is intended for organizations deploying smart contracts on the Ethereum blockchain. This specification allows new auditors to establish that they are operating at the same quality level as their established peers. It enables developers to know builds what the industry knows, builds better and manages security risks in its own work more effectively,” said EEA Technical Program Director Chales Neville. “EEA EVM-based Blockchain, enables users, partners and We are pleased to complete this important first step in the development of security standards to increase trust in the provider’s ecosystem, especially as the need for effective security assessment only continues to grow.”

EEA EthTrust Security Level Working Group Supporting Quotes

ConsenSys Diligence

“The EEA EthTrust Specification has been years in the making and it is exciting to see the release of the first specification. One of the main challenges with the creation of such a standard is the rapid pace of changes to smart contract systems and the discovery of new vulnerabilities, which are becoming increasingly mature and complex. The increase in complexity has increased the potential for security issues to be hidden in the system’s code base. In the wider Ethereum ecosystem, it is difficult to quantify the security properties of a smart contract system in this way The EEA EthTrust Security Level Specification is the first cross-industry effort to formalize requirements for the security of such systems and a certification scheme that offers different levels of trust. Having this information will increase investor and personal confidence in the contracts they invest in and interact with. As a long-time contributor to the EEA’s EthTrust Working Group and Specification, we sincerely hope that this specification soft The ware development will contribute to the lifecycle and prominence of security measures in the Ethereum ecosystem,” said Dominic Muhs, Senior Security Engineer, ConsenSys Diligence, an EEA and EEA EthTrust Security Level Working Group member.

DTCC

“Smart contracts have proven vulnerable to exploitation due to inadequate coding practices and a lack of standards around the measurement of their maturity and reliability. The EthTrust Security Level Specification will introduce much-needed standards that will bring increased security and confidence to this space as blockchains emerge. The ecosystem continues to grow. We are proud to be a part of the EEA and look forward to supporting the exclusivity roll-out and its advancement,” said Bill Izzo, Director, Information Technology Security (DTCC), an EEA and EthTrust Security Level member of the working group said.

hacken

“EEA EthTrust Security Level Specification is the foremost effort to level the playing field for all crypto auditors and ultimately bring unparalleled levels of security, ethics and trust to the Ethereum blockchain technology. Contributing to exclusivity in collaboration with major security players Hacken’s mission to make web3 secure How secure the contract or address is. With specificity, leading crypto auditors, including Hacken, provide a baseline level of protection against known and resulting smart contract vulnerabilities,” said Yevheny Bezuhali, Head of Smart Contracts Audit Department, Hacken, a A member of the EEA and Ethtrust Security Level Working Group said.

openzeppelin

“We are incredibly excited about the EthTrust exclusivity as it is the first step toward a more robust Web 3 ecosystem. Bringing security industry leaders and competitors together under one roof is essential to the adoption of security standards that support the adoption of security standards. But we can all trust,” said Michael Llewellyn, Head of Solutions Architecture, OpenZeppelin, an EEA and EthTrust Security Level Working Group member.

About the EEA’s EthTrust Security Level Working Group

The mission of the Working Group is to develop standards for Ethereum and EVM smart contract security audits to benefit the ecosystem. EthTrust Security Level Working Group invites companies interested in participating in its ongoing work [email protected] To become an EEA member. Current EEA members can access the EthTrust Working Group through EEA Membership Support Portal,

About the EEA

The Enterprise Ethereum Alliance (EEA) enables organizations to adopt and use Ethereum technology in their daily business operations. EEA empowers the Ethereum ecosystem to grow new business opportunities, embrace the industry, and learn and collaborate. EEA Community Projects Provides a center for open source development of code, APIs, standards and reference implementations. To learn more about joining the EEA, access [email protected] Or visit https://entethalliance.org/become-a-member/.

Follow the EEA Facebook, Twitter, linkedinAnd youtube,

Leave a Comment