The developers of Ontology (ONT), a leading “distributed trust” network for building and deploying decentralized applications (dApps), have claimed that smart contract security is among the “hottest topics” in the evolving blockchain ecosystem.
According to Ontology’s team, the current smart contract systems contain various types of security vulnerabilities - including those “backed by” the Ethereum Virtual Machine (EVM) and the EOS Wasm Virtual Machine.
“The Security Of Blockchains” Has Been “Called Into Question”
Indeed, these security loopholes have resulted in substantial losses for cryptocurrency projects and their users, Ontology’s development team confirmed. The distributed trust network’s management also believes vulnerabilities in smart contract code have “called into question the security of blockchain technology.”
Last year, the KickICO crowdfunding platform suffered a damaging security breach due to a smart contract vulnerability. Over $7 million in KickICO tokens were reportedly stolen during the hack.
Best Practices for Writing Secure Smart Contracts
In order to improve platform security, the developers of Ethereum (ETH) have provided an extensive set of resources - which outline industry best practices for writing and issuing secure smart contracts.
While the guidelines for smart contracts are specific to Ethereum development, the recommended best practices can, for the most part, be broadly applied when developing software on other leading blockchain networks - including Ontology, Tron (TRX), EOS, among others.
Vaas-ONT: An “Automatic Smart Contract Verification Platform”
As mentioned in Ontology's blog post, published on May 23, 2019, smart contract developers can use VaaS-ONT, an “automatic smart contract formal verification platform” to find potential vulnerabilities in source code. Integrated into SmartX, Ontology’s smart contract development environment (IDE), the VaaS-ONT platform can locate “common security loopholes” in “one click”, Ontology’s developers noted.
Moreover, the proprietary smart contract IDE can be used to verify fundamental “security properties” and the “function correctness” of smart contract-enabled blockchain-based applications, Ontology’s development team explained.
On April 11, 2019, the Ontology team announced a new “strategic partnership” with Beosin, a Chengdu-based technology firm focused on enhancing blockchain security. The partnership involved the deployment of VaaS-ONT, the first ever “customized formal verification platform” (after Ethereum).
Working to Improve Security of Smart Contracts and Blockchain Platforms
In July 2018, Beosin’s developers joined Ontology’s “Co-Builder Plan” and they also began working with Ontology’s developers to formulate best practices for writing smart contracts. This involved improving and implementing the relevant processes for “security auditing, and formal verification,” in order to improve the “security of smart contracts and blockchain platforms.”