In an effort to promote safe smart contract use, a group of Ethereum startups has founded a new initiative. The Ethereum Trust Alliance (ETA) will provide smart contract ratings, informing users of an application’s reliability.
Previous examples of smart contract vulnerabilities have resulted in millions of dollars of missing funds. The ETA hopes to prevent similar occurring again. Good information about the trustworthiness of a smart contract may well drive Ethereum adoption going forward.
ETA Understands Not Everyone Can Audit Their Own Ethereum Smart Contract
Public blockchain projects, like Bitcoin and Ethereum, are open source. That means that any individual can inspect the code for flaws, vulnerabilities, or back doors.
Whilst it’s true that anyone can look at the code itself, not everyone can actually understand it. Furthermore, those that can understand the purpose of an application from the code alone still might not fully grasp the implications of the different lines of code.
— Ethereum Trust Alliance (@ethtrustorg) February 3, 2020
With major smart contract flaws, such as the DAO, still fresh in memory, unknown vulnerabilities in smart contracts may well be putting potential users off adopting Ethereum-based applications. Aiming to address that is the Ethereum Trust Alliance.
Forming the ETA are various blockchain startups. These include MythX, Runtime Verification, Quantstamp, ConsenSys Diligence, SooHoo, and SmartDec. According to a post to the group’s website from earlier today, the ETA is committed to developing a security rating system to quickly reference if an auditor has inspected a specific smart contract.
Such a system would allow Ethereum users to quickly tell if a smart contract had known flaws making its use potentially risky. The authors of the post liken the new system to existing credit ratings agencies, such as Moody’s.
According to the post, the Ethereum Trust Alliance hopes to create a registry of smart contracts with these security ratings. This will allow a potential user that lacks a technical background to make a more informed decision about whether to use the contract in question.
The ETA writes:
“If only we had these ratings during the ICO boom of 2017, we believe that many of us who were woefully uninformed about fundamental risk indicators would have had the information required to make better decisions.”
ETA Starts Work on Improving Smart Contact Safety
The post states that the group has already been working towards its stated goals. Today’s announcement reportedly concludes the first phase of its plans.
Going forward, the Ethereum Trust Alliance will start working on its first specification. This will include definitions and requirements of ratings levels, requirements for security tools and auditors, an application process for those developers wanting the ETA to look at smart contracts, and API/registry specifications.
Featured Image from Shutterstock.