Virag Mody
Authio
,
CRO
March 16, 2018

What is a Smart Contract Security Audit?

What is a Smart Contract Security Audit?

Purpose

I aim to provide a cursory glance at a fundamental problem of perspective in the crypto-community: The lack of focus on smart contract security — And what developers, dedicated to the successful future of blockchain, are doing about it.

_____________________________________________________________________________________________________________

The development of blockchain technology has been exciting to follow, to say the very least. Over the past decade, the community has evolved from a group of individuals working on a theoretical concept to over 1,500 coins and tokens listed on CoinMarketCap with undoubtedly more in existence. This exciting revolution, jump-started by Bitcoin, hit an inflection point when Vitalik Buterin launched the Ethereum blockchain in mid-2015. Where Bitcoin is the first protocol to leverage the decentralized, trustless, and cryptographically secure blockchain for payments (did I win Buzzword Bingo?), Ethereum is that and so much more. It’s a decentralized platform built to run smart contracts using a Turing-complete scripting language. To put this in more layman’s terms, Ethereum allows for creative and innovative developers to build applications, which enable novel behaviors on existing blockchain infrastructure via smart contracts. This is a huge deal for the crypto community, as any skilled developer can now leverage already-existing blockchain infrastructure in building dApps! Ethereum ushered in an era of exponential growth in crypto-valuation and community engagement. Out came curious developers, as they did during the dot-com bubble, to tinker with this bleeding-edge technology and expand the crypto ecosystem in a hundred different directions.</pre>

However, there is no rose without thorns. The crypto-investment craze around November, 2017 launched cryptocurrency’s market capitalization to astounding heights. With it came a mania of investment, speculation, FUD (fear, uncertainty, and doubt), shilling, and truly “dumb money.” However, these characteristics are not unique to crypto and to some extent should be expected. Periods of speculative and emotional trading, inflated prices, and massive influxes of new market entrants have occured for centuries. We can thank the Dutch for kicking it off. But in the madness, a key element of the ecosystem is being muted — Security.

To understand what I’m getting at, we need to take a quick look at the role of Smart Contracts in a protocol. Technically speaking,

A smart contract is a computer protocol intended to digitally facilitate, verify, or enforce the negotiation or performance of a contract.

To break this down, I like to think of smart contracts as the defined “Rules of Engagement” that dictate how a user can interact with the platform. Let’s take a quick example. Albert wants to participate in a project’s ICO. (He’s done his research, understands the need for the project, sees the value of the coin in the protocol, and is comfortable with the team.) Albert sends 0.1 Ether to the contract address and reserves 500 ABC coins for himself to be distributed once the ICO reaches its hard cap. This is a painless task for Albert, but the true magic is happening on the Ethereum blockchain. The address that Albert is interacting with belongs to a smart contract. One that is able to read Albert’s address, note the amount of Ether sent, and lock 500 coins tied to Albert’s address with a set conversion rate of 5000 ABC coins per 1 ETH. When the smart contract address receives the hard cap limit, it will automatically distribute the locked coins to the appropriate address. All of this is done via the deterministic code in the smart contract, written in Solidity. Smart Contracts can accomplish much more than ICOs, including voting, blind auctions, wallets, etc. In this way, as I mentioned earlier, smart contracts act as rules of engagement as users interact with the address or platform.

Why do I mention this? The important thing to note about smart contracts are their immutability. This means that once they are live and published to an address, the contract code cannot be modified or corrected in any way. This poses a problem, What if there is a flaw in the code? With the amount of Ether flowing through contract addresses, any single flaw could prove disastrous to the unsuspecting, enthusiastic crypto-user. I want to take a moment to think this through by providing some true-to-life vulnerabilities found regarding crowdsales:

  • Crowdsale cannot be refunded and Ether will remain in a locked state, inaccessible to any agent
  • More coins can be minted than the set amount, diluting the value of the asset
  • The entire crowdsale can be refunded by anyone, voiding the sale and destroying the reputability of the project
  • ETH to USD conversion rate can be tampered with during the crowdsale, allowing a malicious contract owner to manipulate conversion rates and dupe participants out of their allocated coins.

(The above are only a few of the threats found by Authio’s auditing team for crowdsales that have summed over 64,000 ETH in funding.)

I hope this begins to give you some idea of the amount of value that can be at risk. Solidity is not an easy language and is filled with quirky behavior that can seem correct at a cursory glance. An open-source blockchain platform revolves around writing smart contracts and dictating how data and value is received and sent, dependent on set criteria and inputs. Most members of the community are not developers. Fewer understand the finer details of Solidity. Even fewer have the time to comb through each contract they interact with to ensure security and identify malicious threats. We are putting our trust in the hands of a minute fraction of people when we send billions of USD in value through transactions, and that is dangerous. If this thought doesn’t give you at least a shiver, I’ve failed to give you the appropriate perspective.

But not all is doom-and-gloom. Blockchain is not destined for failure and you should not anxiously sweat over the thought of sending Ether to a contract address. The crypto-community has not been fully dormant to these issues; they recognize the challenge here. In its niche place, auditing has flourished as a means to facilitate a more secure ecosystem for blockchain. To give a more formal definition of an audit:

An audit is a scanning of a smart contract script for vulnerabilities, exploitative features, and inefficiencies to provide security against malicious actors and oversight, as well as adding a layer of trust and safety between project and community.

Audits are vital to the progression of blockchain implementation and adoption. A second pair of eyes, trained to view code through the lens of an auditor, is absolutely necessary to secure against losses of funds, value, and/or data on behalf of the people that cannot. Auditors are the unsung heroes that will push blockchain to the next level of legitimacy. The fewer hacks, thefts, and malicious acts that propagate through mainstream news spreading FUD, the more legitimate blockchain will seem, and we will see quicker adoption.

However, we have a long way to go. There are few standards in auditing. Auditors need to be even more vigilant than project developers. Both passive community participants and project members need to respect what auditors bring to the table. Community members need to be engaged with auditors and demand security standards of the coins/tokens they purchase. There is much work that needs to be done in this space, and with time, we hope blockchain development will become more standardized and teams will be able to follow established security protocols to ensure the safety of the funds their users entrust them with.

In the next article, I will go into further depth about the necessity of audits, including what is at stake, perspective on its importance for developers as well as community members, notable examples of failures, and more.

Wrapping Up: In this short piece, I aimed to providing an accessible understanding of the precarious nature of interacting with the blockchain. Transactions sent to a contract address are left to the mercy of the underlying code. Malicious threats, unforeseen flaws, poorly written code, unnoticed vulnerabilities, and more lie dormant, waiting for exploitation. This proves problematic as the skeptics of the world watch with bated breath, waiting for millions in USD value to be  stolen again as a reason to denounce blockchain as a whole. Standardized security practices will round out these flaws and add further legitimacy to blockchain solutions in time, but there is much room for improvement.