Trail of Bits selected to audit Nervos’ smart contract security Nervos Network – Medium

Nervos and Trail of Bits logos

If you’ve been following Nervos since our founding in early 2018, you’ve seen our team grow from a small group of developers to a community with more than 90 team members and 40,000+ community members. The past year and half has been especially eventful, with the announcement of several key partnerships, as well as the launch of our mainnet Lina, the Grants Program, and the CKLabs incubator.

Now, after reaching many of our key milestones, we’re pleased to announce that Nervos will be audited by Trail of Bits.

The importance of smart contracts in the Nervos ecosystem

While the Nervos team will continue to focus on CKB protocol and on-chain development in 2020, the team is also prioritizing the developer experience and building out Layer 2 — and smart contracts play a big role in both of those areas.

A smart contract is a computer protocol that permits a trusted transaction to take place among separate entities without the need for a third party. Layer 2 of the Nervos blockchain is designed to facilitate smart contracts, which play a vital role in maintaining trust and transparency in a decentralized environment. Right now, the Nervos team is working on Mandrake, a smart contract interface for drag-and-drop smart contract creation, as well as providing more programming language options for building smart contracts.

The risks associated with smart contracts

While smart contracts are necessary to Nervos’ burgeoning ecosystem, they do present risks — and the DeFi space is particularly susceptible. As Nervos co-founder Jan Xie points out,“The risk of crypto-assets consists of external risks such as regulation changes, and internal risks such as design flaws and implementation bugs.”

Hackers are another major concern. While blockchain by nature is less susceptible to malicious attacks, it’s become an increasingly popular target for hackers. For example, in 2017 smart contract coding company Parity suffered a data breach, resulting in the loss of $105 million dollars worth of ether.

At Nervos, we realize it’s not enough to consider reactive defenses when it comes to smart contracts; we have to stay proactive. That’s why we’re enlisting the help of Trail of Bits to audit our smart contract solutions.

Why we chose Trail of Bits to audit Nervos

Trail of Bits is a full-service security firm, with specialized expertise in blockchain, cryptographic, and application security reviews. Launched in 2012, the company has helped secure several top projects in the blockchain and cryptocurrency industries, including Western Digital, Compound, Random X, and Loom.

Over the next few weeks, security engineers from Trail of Bits will provide an extensive review of Nervos smart contract, which will entail:

  • Applying a comprehensive suite of tools to uncover bugs.
  • Reviewing the Nervos architecture for design flaws.
  • Performing a detailed manual code review.
  • Documenting and programmatically testing security properties in the code.
  • Reviewing possible weaknesses and exposure to cryptographic attacks.

Other ad-hoc services will include security reviews of grant projects and other critical Nervos projects, guidance on development practices, and writing detailed test cases for areas of the codebase the Nervos team should continue to explore.

We are excited to provide our community with continued transparency regarding the security and safety of our infrastructure and the Nervos blockchain ecosystem.

Have questions about the audit? Join the conversation on Discord!

To stay updated on all things Nervos:

Join our community: Discord — Github — Nervos Talk Forum — Twitter

For discussions or questions join the conversation on Discord or check out one of our community Telegram channels: English, Korean, Russian, Japanese, Spanish, Vietnamese and Chinese

Trail of Bits selected to audit Nervos’ smart contract security was originally published in Nervos Network on Medium, where people are continuing the conversation by highlighting and responding to this story.

—Source link—

What do you think?

Our Network: Issue #36 Our Network

Executive Vote: Activate Liquidations 1.2, Multiple Other Changes The Maker Blog