Security would be the blind spot in the development of smart contracts (or “smart contracts”) stored in the blockchain.
Security would be the weak point of the developers behind the lines of code for smart contracts (or “smart contracts”) of the blockchain.
This emerges from a document published by researchers in information science and technology at the University of Illinois (UIUC), a document whose The Register echoed.
According to academics, $680 million controlled by smart contracts were hacked or stolen due to security vulnerabilities in 2021. How, in this context, smart contract developers approach the security challenge?
An exploratory qualitative study was conducted.
Source code review
Respondents were asked about their priorities for developing smart contracts. Safety is not the priority for 83% of them.
Expectations for speed of application deployments prevail. In addition, the projects can be an offshoot (“fork”) of a project already validated by the community (for example Uniswap, decentralized exchange protocol).
In addition, an internal or external security audit may have been carried out. After all a programmer is not responsible for the security of information systems.
Everyone has their job?
Technical documents and dedicated software are not enough to identify security issues, it seems.
A handful of smart contract developers have been called upon to identify vulnerabilities in smart contract code.
Not surprisingly, developers new to this field had a much lower success rate (15%) than more experienced ones (55%) in identifying security vulnerabilities during initial code review.
(photo credit © Shutterstock)
