Blockchain technology, as a young business, is still undergoing a lot of research and development. In the past, projects have run into issues that could have been avoided in retrospect. ChronoBank have employed security researcher Mikko Ohtamaa to conduct a thorough audit of their smart contract development practices and deployment model to ensure that the process builds upon a secure foundation.
‘We’re big fans of the Ethereum project,’ comments ChronoBank CEO Sergei Sergienko. ‘But security is our biggest priority, as it should be for any blockchain project. We are absolutely committed to ensuring that the same kind of exploit that brought down The DAO will not compromise ChronoBank’s Labour Hour tokens or LaborX exchange.’
Layers of security
Mikko Ohtamaa was chosen to conduct the audit due to his extensive experience in the smart contracts and wider blockchain ecosystem. He is CTO of TokenMarket.net, a digital asset crowdfunding and secondary market service. Previously, he acted as CTO for peer-to-peer exchange service LocalBitcoins, and has written a book about Operations Security (OPSEC). Ohtamaa has been developing smart contracts since 2015 and regularly speaks at conferences on running security-critical development operations.
‘The ChronoBank team has planned for different risks,’ summarises Ohtamaa in his report of the audit. ‘Instead of trying to create a perfect smart contract, ChronoBank builds upon several layers of security and corrective actions. Issues can be mitigated and resolved without needing blockchain forks. In the end, despite how careful you are, human errors and external factors always find their way in. If it happens for space crafts, it may happen for your project too.’
Measured approach
In particular, Ohtamaa praises the team’s measured attitude towards development and launch of the core ChronoBank software. ‘The Ethereum community is young. In the past, teams have rushed forward to make name for themselves. ChronoBank values investor protection and acts over longer, stabler, development and testing paths.’
‘This is precisely what we want investors to understand,’ adds Sergienko. ‘We are pressing forward and making fast progress, but that progress will not come at any cost. We will not release software until we are confident of its security, and that investors’ funds are protected to the fullest extent possible. We will not rush our deployment out of a misguided desire to get to market quickly. We do things fast, but more importantly, we do them right.’
You can read Security FAQ where Mikko team answers to different security related questions and what kind of resolutions Chronobank team have taken to mitigate and avoid issues.
https://blog.chronobank.io/chronobank-security-faq-1fcece6ed126
The initial and partial code audit of smart contracts is available on Github.
https://github.com/ChronoBank/SmartContracts/issues/13
To find out more about ChronoBank or to participate in the ICO, visit www.ChronoBank.io.