Bitcoin Forum
December 15, 2024, 02:27:28 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [2018-08-29] 25% of All Smart Contracts Contain Critical Bugs  (Read 124 times)
Terraformer (OP)
Sr. Member
****
Offline Offline

Activity: 574
Merit: 251



View Profile
August 29, 2018, 04:40:27 PM
 #1

For every problem that smart contracts solve, they seem to introduce another. In a week in which EOS has made news for all the wrong reasons over a RAM vulnerability, a code auditor has revealed the prevalence of smart contract bugs. Security firm Hosho, which has forged a new partnership with community managers Amazix, has found that one in four projects contains critical vulnerabilities.

$1 Billion Is No Guarantee Against Bugs

$1 billion. That’s the amount raised by the projects whose smart contracts Hosho has audited. The security company claims to have audited more smart contracts than any other industry player. Despite the significant human and financial resources at their disposal, many of these projects would have been crippled had they neglected to have their code thoroughly scrutinized. A quarter of the projects Hosho has audited were found to have critical bugs, and some 60% of all projects they saw had at least one security issue.

Ethereum, the ICO economy’s go-to launchpad, has been the worst affected, with stories abounding of exploitable code that’s led to hundreds of millions of dollars of ether being stolen or locked up. While smart contract platforms such as Stratis are pushing the availability of debugging deployment suites and professional decompilers that come with using C#, Ethereum’s Turing-complete system leaves greater margin for error. Identifying and eliminating all potential security holes is a Sisyphean task, and one which even experienced Solidity developers struggle with. Enlisting the support of a third party specializing in smart contract audits, while not foolproof, is the best bet against shipping bug-filled code.

Continue reading >> https://news.bitcoin.com/25-of-all-smart-contracts-contain-critical-bugs/
hardip567
Newbie
*
Offline Offline

Activity: 53
Merit: 0


View Profile
August 29, 2018, 04:55:19 PM
 #2

I agree with your point Programmers make mistakes somewhere The benefit of which the hackers raise I think it needs a lot of improvement
buwaytress
Legendary
*
Online Online

Activity: 3024
Merit: 3727


Join the world-leading crypto sportsbook NOW!


View Profile
August 29, 2018, 05:54:58 PM
 #3

Ah, EOS. I don't know how developers of alt projects can live with themselves, exposing all their tech shortcomings despite raising so much to create vapourware.

I'm not a fan of smart contracts just yet, even if the possibilities for me are exciting for very practical uses (like for example, how about a simple escrow smart contract for Bitcoin!), but as long as the guys out there are mass producing smart contracts without proper peer review and maturity testing, it's simply too unfeasible for mainstream use.

Would be particularly useful if Hosho actually spent some of their time helping validate/examine open source contracts out there.

██
██
██
██
██
██
██
██
██
██
██
██
██
... LIVECASINO.io    Play Live Games with up to 20% cashback!...██
██
██
██
██
██
██
██
██
██
██
██
██
dreamhouse
Hero Member
*****
Offline Offline

Activity: 1073
Merit: 666



View Profile
August 30, 2018, 03:47:18 AM
 #4

These coins for testing ideas are good, but not to hold like bitcoins, they will never go to the status like bitcoin.
redrose8226
Newbie
*
Offline Offline

Activity: 112
Merit: 0


View Profile
September 01, 2018, 08:12:44 PM
 #5

This is really an impressive and valuable finding. Actually many and many projects are coming to this market daily. Most of these do not focus on quality and so such programming mistake is expected. This is also the reasons for hacking as the hackers takes this as advantage to hack.
btcmaster999
Newbie
*
Offline Offline

Activity: 112
Merit: 0


View Profile
September 01, 2018, 09:01:38 PM
 #6

The over all coin testing idea is a good one. It will even make us aware of coins which got all the attention due to the hype such as EOS. But it will be futile to put a test on BTC because we all know that this is the bet coin in the market.
SoliDCoiNs777
Newbie
*
Offline Offline

Activity: 112
Merit: 0


View Profile
September 01, 2018, 09:50:04 PM
 #7

Your finding is really helpful and it has focused on very important issues of the recent projects. It should be taken in the consideration by the programmer as such weakness and fault open the door for the scammer to do scam.
listoncrypto
Newbie
*
Offline Offline

Activity: 252
Merit: 0


View Profile
September 01, 2018, 10:26:23 PM
 #8

I haven't been really fascinated with the smart contracts to say the least. So, these smart contracts having critical faults in them won't really matter to me. However, I had high hopes with EOS and thought that they are here to stay once I saw their bull run during mid August. But now, it looks like just another faulty project that people are abandoning.
StephKram
Member
**
Offline Offline

Activity: 95
Merit: 10

Most Advanced Crypto Exchange on the Blockchain


View Profile
September 01, 2018, 10:45:22 PM
 #9

Hell I would say over 25% of the Smart Contracts are scams.  25% seems like a lot on the surface but probably is really damn good considering what we are up against.  It seems to me there is a very talented bunch of programmers working in crypto. 

CRYPTOCIRCLEX | THE MOST ADVANCED CRYPTO EXCHANGE ON THE BLOCKCHAIN
✪╠════════════════════════════════════════════════════════════╣✪
EveningGull
Newbie
*
Offline Offline

Activity: 29
Merit: 0


View Profile
September 02, 2018, 10:37:08 AM
 #10

Good to see that someone has really come up with the solution of testing the smart contracts before they get released or even after they are already released in the market. This will not only help the existing users to be more sure about where they are investing but also build the trust of a lot of newcomers who have perceived the crypto space to be filled with bugs and scams.
Brutea
Newbie
*
Offline Offline

Activity: 38
Merit: 0


View Profile
September 02, 2018, 11:20:01 AM
 #11

Kudos to Amazix, really great initiative they have brought here. After the recent bugs whichs were found in EOS, a lot of investors lost their interest in the smart contracts. But, Amazix emerging at such a time will surely give them more hope of receiving bug free smart contracts in the future.
StormHunter
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
September 02, 2018, 11:58:07 AM
 #12

Ok, EOS. I don't know how engineers of Alt tasks can live with themselves, uncovering all their tech deficiencies regardless of raising such a great amount to make vapourware. As long as the folks out there are mass creating savvy contracts without appropriate associate audit and development testing, it's just excessively unfeasible for standard utilize.
StormHunter
Newbie
*
Offline Offline

Activity: 28
Merit: 0


View Profile
September 02, 2018, 12:12:15 PM
 #13

These coins for testing thoughts are great, however not to hold like bitcoins, they will never go to the status like bitcoin. Because is far higher than all of this, it is updating itself according to the market situation and I believe it is on the right track.
HiddenPrincess
Newbie
*
Offline Offline

Activity: 25
Merit: 0


View Profile
September 02, 2018, 12:22:14 PM
 #14

I concur with your point Programmers commit errors some place The advantage of which the programmers raise I think it needs a ton of change to have some sort of courage to stay in this market. They should focus on their work of doing and make these things feasible enough to compete in this market.
mariomerula
Jr. Member
*
Offline Offline

Activity: 252
Merit: 4


View Profile
September 02, 2018, 12:26:12 PM
 #15

this is a very interesting article that have scared me a little bit... if there are so many bugs potentially noone is safe. I hope that major bugs will be fixed even if I know that programmers always do mistakes.

▰▰▰▰▰ CRYPKART ▰▰▰▰▰ (https://crypkart.com)
▰ Quick buy and sell bitcoins online. Fast and secure. ▰
SladderyNewS
Newbie
*
Offline Offline

Activity: 54
Merit: 0


View Profile
September 03, 2018, 09:14:33 AM
 #16

As I know that these types of coins for challenging ideas are good. On the other hand  not to grip like bitcoins. It will never set its position as like as bitcoin.
kolonel_x
Sr. Member
****
Offline Offline

Activity: 1092
Merit: 250


View Profile
September 03, 2018, 09:19:43 AM
 #17

well, as we all know, now more coin spammers and even the ethereum platform are already filled with junk coins just like waves. Hopefully in the future the smart contract platform is even better

INVALID BBCODE: close of unopened tag in table (1)
Red-Apple
Hero Member
*****
Offline Offline

Activity: 1470
Merit: 655


View Profile
September 03, 2018, 10:09:30 AM
 #18

well, as we all know, now more coin spammers and even the ethereum platform are already filled with junk coins just like waves. Hopefully in the future the smart contract platform is even better

i also have the same hopes but sadly enough i don't think it is going to happen anytime soon.
so far the only thing that people have cared about has been to create something as fast as possible with spending as little resources as possible. aka ICOs. and since people care about pump and dumps and money making nobody really cares about the security of these coins. they don't even care about the security of their ETH tokens otherwise they wouldn't have been using web wallets to store them!!!

--signature space for rent; sent PM--
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!