56 total views
A complete DeFi = smart contract + front-end page, even after the smart contract security audit, there will still be risks such as new attacks and contract tampering.
Original title: “When we look at contract audits, what are we looking at?丨Witness
Written by: Blocklike
With the increasing number of “Swap series”, the incidents of “Thunder” and “Running” in DeFi projects are also increasing.
Facing the community’s concerns about the risks of DeFi projects, many project parties have chosen to conduct contract audits, either to prove their innocence, or to win the trust of investors. Sometimes, contract audits for DeFi projects are also regarded as a benefit. Come for interpretation.
This approach seems to be effective: after the founder of Sushiswap was exploded and left, and the control of the project was changed, a message about “Sushiswap project smart contract audit work is progressing smoothly”, so Sushi immediately showed a small margin The increase also regained the confidence of some investors; after three consecutive JustSwap projects broke out loopholes and were accused of failing to conduct detailed tests and audits by the project party, Tron’s official mining project SUN passed the report and audit news. Let the popularity of the TRON community increase again.
At the same time, there are also some platforms that have been questioned in audits due to loopholes. Last week, investors raised questions about the emerging “Swap” platform Moonswap about “pre-mining”, “no time lock in contract”, ” Issues such as “multiple bugs” on the platform, and questioned its audit, aroused community attention.
At present, MoonSwap has already added a time lock at more than 18:00 on the day of launch, and the SlowMist security team has issued a formal security audit report.
When we look at the audit report, what are we looking at?
As a DeFi participant, what lessons and references can contract audit really give?
While facing these problems, Blocklike also found that for the role auditing can play, some people have made this summary: “Code can be audited, but human nature cannot be audited.”
The scope of audit is limited and contract risks are hidden
Under the DeFi boom, the status quo of many investors may be as described by Primitive Ventures founding partner Dovey: “Don’t ask me if I can dig. Now one person can help me see new land full-time, and one person can help me see projects full-time. , There are also two traders full-time trading (all kinds, including agricultural products management), and various internal and foreign programmers to help me check the security of the contract. I am a robot that confirms the multi-signature of the wallet. How simple is modern agriculture. ”
Indeed, contract security is a topic of concern to many investors. Recently, in order to remind more investors of risks, the community has summarized such a DeFi ecological mind map and risk points:
1. Contract risks, code vulnerabilities, unaudited, hacking attacks cause asset losses
2. Private key risk. No multi-signed DeFi contract means that those who have the private key of the contract can change the contract or run away at will
3. The risk of impermanent loss, such as the impermanent loss of liquidity mining itself, especially the liquidity of the two risky assets has a high risk of high returns
4. The risk of transaction friction. Now the gas rate of Ethereum transaction is extremely high. It may cost one Ether after a few transactions, and the principal of retail investors may not be enough to go back and forth several times.
5. The risk of operational errors. Errors in the transfer process lead to permanent loss of assets. Recently, there have been several large transfer errors. It is recommended to invest in foreign projects that have undergone open source audits and community democratic autonomy, for reference only.
It can be seen from this that the first among the risk points is “contract risk, code loopholes, unaudited, hacking attacks causing asset losses.” To some extent, contract audit has become the first threshold for grasping contract risks.
When it comes to DeFi, judging from the situation and enthusiasm of investors participating in unaudited projects, many people are not clear about the meaning of security audits. As early as when Yam was launched, the Fomo sentiment in the market had been driven. Although Yam had been declared an “unaudited” contract written within a week, the popularity it received was still staggering.
So, as a DeFi investor, how should you view contract auditing?
Blocklike learned from the SlowMist security team that at present, the basic security audit of smart contracts is mainly divided into the ETH part (the TRON and Binance smart chains are similar, all based on EVM) and the EOS part. Among them, ETH security audit includes 13 categories, and EOS security audit includes 15 categories.
ETH security audit sample
However, since the entire security model of DeFi will be more complicated, the SlowMist security team divided the DeFi risk points into two parts: the contract layer and the front-end layer:
1. Basic security audit items of smart contracts, among which precision is a point that requires special attention
2. Risk of excessive authority: coin minting, authorized migration
3. Economic model risks: pre-mining, team allocation and usage
4. Same-chain platform migration risk
5. New pool risk: add malicious Token to reward
6. The contract directly receives the coin risk
7. Token compatibility risk: deflationary token, 777 tokens
8. DoS risk: cyclic recursion, malicious contracts refuse to accept Ether
9. Governance contract risk: double spending governance voting, governance monopoly risk
10. Chain platform migration risk: EVM compatibility methods between different chains may be inconsistent
11. Lightning loan attack risk: impact on system stability through lightning loan (tentative)
12. Oracle manipulation risk
13. Loan liquidation risk: full liquidation, partial liquidation, unmanned liquidation, bidding liquidation
1. Accuracy risk
2. Risk of man-in-the-middle attacks, such as replacing contract addresses
3. Contract replacement risk
4. Authorized Phishing Risk
5. Gas Limit limit risk
“These are indeed difficult for ordinary users to understand one by one,” the SlowMist security team further explained: “But ordinary users can simply understand: After DeFi passes the security audit, the principal of the smart contract that the user participates in the security audit is Safe. As for the economic losses caused by participating in DeFi or the losses at the non-contract level, they are not within the scope of the smart contract security audit.”
It should be noted that, according to the interpretation of the security team, a complete DeFi = smart contract + front-end page.
This means that after the smart contract security audit, there are still several risks: first, the security audit may not find vulnerabilities or new attack methods; second, the smart contract can be upgraded or tampered with, how to make it upgradeable Or it may be tampered with and become an impossible or effective and credible community governance behavior; third, as the project party develops, smart contracts will add new ones, such as new pools and new functional modules. You need to pay attention to the smart contract security audit report to clearly audit Which ones.
Since the front-end page is a centralized content, if there is a bug or loophole or evil in the front-end, the harm may actually be more direct and greater. This is not only a matter that the security audit agency can audit (it is actually difficult), but it is also a matter of community supervision.
When it comes to the EOS security audit, the situation is different.
The founder of Hufu Wang Ruixi said publicly: “EOS’s contract features are modifiable. Everyone should see clearly and don’t blindly believe in auditing. Because most of the EOS contracts are not open source. Audited and no open source is the same as no audit. Yes. If there is a problem, the audit will be backed up. The gain is not worth the loss.”
Regarding the smart contract on EOS, the SlowMist security team added: “If the owner authority of the project party has been multi-signed, the project party and at least 2 trusted parties need to jointly multi-sign for contract update or transfer operations, and the active authority has Delete the project party’s private key authority. You can better control the EOS smart contract project party’s excessive authority.”
Therefore, even for DeFi projects that have passed the security audit, investors still need to carefully screen and pay attention to risks.
How should investors refer to it?
Based on work experience, the SlowMist security team also made some suggestions to investors: “Although smart contract security audits are not silver bullets, they are better than streaking. Professional security auditing agencies will greatly reduce the DeFi risk; remember not to enter. Phishing websites and unauthorized authorization will cause the principal to return to zero; even if you invest in DeFi that has been audited by a number of security auditing agencies, you should be prepared for the possibility of black swan outbreaks and do not indulge; use a reliable environment to play reliable DeFi , Reliable environment refers to (the computer is safe, the browser is safe, the mobile phone is safe, the wallet used is well-known, the network used is safe, etc.); don’t put all funds in one basket and decentralize security management Very important.”
The person in charge of the smart contract security of Chengdu Lian’an concluded to Blocklike: “From the experience of Chengdu Lian’an, the purpose of contract auditing is mainly to check code standardization and regular vulnerabilities (mainly refer to general bugs, such as data display errors, etc.), Security vulnerabilities (such as regular security vulnerabilities such as overflow and reentry), business logic vulnerabilities. The main risks excluded are mainly in two points, reducing the possibility of hacker attacks and reducing the business failure due to code caused by the code (such as Yam event).”
“The audit report will point out business logic and function descriptions, etc. You can compare whether the project party’s publicity and functions are correct; the audit report will also describe permissions related. Ordinary investors can check whether the project party has run according to the described permissions. The ability of the road, for example, the project party has the right to transfer all the money in the contract, etc., or it can control certain key parameters and control user funds in disguise,” Chengdu Lian’an made a proposal.
The current situation that can be seen is that the DeFi boom has caused many project parties to be too eager. Now it is clear that the security audit agency is far from busy. This is not a good thing for users. Because many users lack security awareness, even if a DeFi fails the security audit, there may be a large number of users directly influx.
Blocklike reminds investors to pay attention to the security of smart contracts while participating in DeFi projects. When investing, the security of principal is regarded as the first important evaluation parameter. In the face of huge participation funds, hackers can be better than ordinary investors. fanaticism.
After all, as early as mid-August, there were already community voices asking the souls of enthusiastic investors: “Have you ever thought that these various DeFi projects are really wrong. Whose name do you want to print on the rights protection banner?”