Before the formal deployment of the DeFi project, through the security audit of the contract, not only can the project’s code specifications, vulnerabilities and business logic be checked globally. At the same time, project audits also play a role in shaping the project party’s image in the investment market.
When market investors select projects, if the project party supports contract audit experience and publicly discloses information such as the auditor and audit report, the investment credibility will undoubtedly be greatly improved. In addition, the project’s comprehensive awareness of safety stand construction will invisibly endow the project with additional value.
At the same time, the DeFi project party maintains long-term business cooperation with the security audit company during the operation process, which will be of great benefit to both security management and business expansion. After all, in the long-term development of the project, the periodic safety audit mechanism can promptly discover and effectively help solve overall and partial risk problems.
So, what are the main processes, content and characteristics of DeFi contract auditing, and what are the “routines”?
Routine 1: Early “Pulse”
After the contract audit cooperation relationship with the DeFi project party is reached, on the basis of understanding the overall situation of the project, including the structure, business design, etc., a security testing team with relevant project audit experience is assigned to provide special services. At the same time, the scope of project testing and Focus on corresponding needs. Do a good job in the early stage of “pulse”, the main contents include:
1. The DeFi project party provides true, effective, and various technologies, codes, documents and other materials required for auditing.
2. Before officially entering the testing process, the security team will conduct a comprehensive evaluation of the provided materials to determine the cycle.
3. Determine the scope of testing services, including targeted modules, partial codes, comprehensive security audits, etc.
4. Complete the connection of related requirements, that is, the final confirmation of source code, applications, file information, and test environment.
In order to conduct strict security audits on the code standardization, security and business logic of the DeFi project contract, after the test is clear, the conventional ways to deal with contract audits are:
·Formal verification
·Static analysis
·Dynamic Analysis
·Typical Case
·Manual review
Routine 2: Formal Verification
The formal method is the most reliable means to realize safe and reliable software. It uses a mathematical-based symbol system to give a strict definition and formal proof of the correctness and safety of the software. Among them, strict definition is called formal specification, which is a logical expression that uses clear and concise means to describe software functions or characteristics.
In contract auditing, the formal method adopts qualitative demand attributes to prove that the program does not have certain types of security vulnerabilities. On the other hand, the traditional testing method is to check whether the code runs as expected on a set of selected inputs to indicate whether the program has security vulnerabilities, but this cannot prove that the same type of security vulnerabilities do not exist.
In addition, traditional testing methods are easy to miss errors triggered in rare or malicious construction scenarios, and errors caused by the continuous occurrence of a large number of “impossible events”. However, the formal method can discover the above-mentioned subtle errors by clarifying the code intent and providing a complete coverage of the input space, thereby enhancing the safety and reliability of the program.
Professor Yang Xia, the founder of Chengdu Lianan and an expert in formal verification research for many years, said,
“Traditional verification methods cannot exhaust as many situations as possible, while formal verification can be exhaustive. For smart contract vulnerability detection, this method is the most credible and effective.
As a customized tool developed for the security detection of Ethereum smart contracts, Chengdu Lianan’s Beosin-VaaS one-click smart contract automatic formal verification tool can accurately locate the risky code location and point out the cause of the risk, effectively detecting smart contracts The accuracy of conventional security vulnerabilities is as high as 97%, providing’military-grade’ security verification for smart contract code. ”
Routine 3: Code Standard Audit
In the code specification audit, the main test items are:
Compiler version issues may cause various known security issues. Developers should specify in the code that the contract code uses the latest compiler version and eliminate compiler warnings.
At the same time, the Solidity smart contract development language is in rapid iteration. Some keywords have been abandoned by the new version of the compiler, such as throw, years, etc. In order to eliminate the hidden dangers that may be caused, the keywords that have been abandoned in the current compiler version should Disabled.
In smart contracts, redundant code will reduce code readability and may require more gas to be used for contract deployment. Therefore, redundant code must be found and eliminated. In addition, the correct use of functions in the SafeMath library for mathematical operations in the contract requires strict inspection.
Solidity uses state recovery exceptions to handle errors. This mechanism will undo all changes made to the state in the current call and all its sub-calls, and flag the error to the caller.
The functions assert and require can be used to check conditions and throw exceptions when the conditions are not met. The assert function can only be used to test internal errors and check non-variables. The require function is used to confirm the validity of conditions, such as whether input variables or contract state variables meet the conditions, or to verify the return value of external contract calls.
The Ethereum virtual machine needs gas to execute the contract code. When the gas is insufficient, the code execution will throw an out of gas exception and revoke all state changes. Contract developers need to control the gas consumption of the code to avoid function execution failures due to insufficient gas.
In addition, whether the visibility of the contract function meets the design requirements and whether the fallback function is used correctly in the current contract needs to be strictly checked.
Routine 4: DeFi security vulnerability audit
Currently, business logic vulnerabilities are the most common in DeFi projects. Due to the imprecise design of the business logic of the project, it is very likely that the project will have an internal imbalance under certain circumstances.
It should be noted that the DeFi project is based on blockchain smart contract development and has many features outside the traditional financial system, such as:
·A single transaction can initiate multiple internal transactions, and it can be rolled back if it fails
Tokens with deflationary properties
·The contract code cannot be modified
At the same time, contract permission errors are common in audits, that is, the visibility modification errors of functions in the contract. Usually, this is because the caller and the parameters have not been effectively verified, resulting in the function being called by a malicious user, causing huge losses.
Similar to traditional security issues, incorrect permission configuration and invalid security checks will bring huge risks to the system. But the difference is that the immutability of smart contracts makes such problems may not be effectively repaired even if they are discovered.
In addition, re-entry vulnerabilities are also the focus of the audit. Specifically, after the contract initiates a call call, the attacker can use the feature of the contract call to repeatedly call the function, causing the expected execution sequence of the contract to be wrong, thereby stealing the assets of the target account.
In the audit, the frequency of code errors is also very high. This is mainly due to some coding errors caused by developer errors. Common ones include unit errors, forgetting to multiply by precision, & using errors. In the event of the YAM vulnerability, when the code was flexibly adjusted and rebase, the code just forgot to multiply the accuracy.
While ensuring the in-depth detection of code and vulnerabilities, the project business has also set up related audits of business logic and implementation, including the inspection of basic information related to tokens in the DeFi project, and the confirmation of functions related to token standards, especially Review and risk analysis on minting, destroying tokens, changing owner and other special permissions.
Many projects have the logic of proxy transfer. When processing such logic, many project parties will directly require users to authorize the maximum tokens to the contract of the project party.
In this way, the contract has the right to transfer all user funds. In addition, there is the problem of dual authorization. When the project party’s website is authorizing, it initiates two authorizations, one for the contract address and one for the external address. If the user is not wary of this, he will face great Capital risk.
Routine Five: Audit Report
Contract auditing ultimately serves the financial security of DeFi projects, and many problems in this area are related to improper functions and algorithms. Therefore, contract auditing is to point out the content that may cause capital risks, that is, hidden dangers and code, loopholes, logic and other issues that need to be corrected.
In the audit report, in addition to basic information such as the audit time, duration, and auditor, it will also reflect the investment warning reminder of the project. The core content of the audit report is to reflect the multi-dimensional and multi-dimensional audit results of the inspected smart contract in design and code implementation. At the same time, the report will point out the various risk problems found and inform the project party to repair them.
Through the audit report, the risk components of the contract, including potential attacks, and vulnerabilities at different levels and levels will be detailed. However, the eye-catching “pass” in the security audit report should not be used as the only investment judgment basis for investors.
Conclusion
Contract audit is not good news for the project itself, but a necessary safety work before going live, which is of great significance to both the project party and the investors.
The speculative market may be violent or sluggish. If you don’t follow the routine during the walk, you will eventually be subject to the “routine.” Slightly glancing at it, there is only the peak of safety that can prevent problems before they happen.
