Diligence Fuzzing is the Latest DeFi Security Weapon in 2023

Changelly
Fuzzing Could Boost DeFi Security After Major Hacks Rattle Industry
Minersgarden

[ad_1]

ConsenSys has released its Diligence Fuzzing tool for smart contract security as DeFi losses accelerate in H2.

While the tool was previously released through a closed Beta requiring approval, it is now part of the smart contract toolchain Foundry.

MetaMask developer ConsenSys says the tool tests how smart contracts respond to semi-random and invalid inputs in specific states. Developers can access fuzzing features of dApp development tool Foundry for free before buying it.

According to the product’s web page, the tool is a “gray box” because it considers the smart contract state when creating test data. In contrast, a black box fuzzing tool would output significantly harder-to-predict data.

bybit

The fuzzer can simulate transaction sequences to examine interactions between functions. Additionally, the tool can create three reports offering different insights into dApp functionality.

Diligence fuzzing tool improves smart contract security through detailed reports.
Fuzzing code coverage report | Source: ConsenSys

Earlier this year, ConsenSys launched the alpha testing phase of its new zero-knowledge rollup, Linea.

ConsenSys’ fuzzing product is the latest addition to a growing arsenal of tools DeFi projects are looking at to improve security. The amount lost to hacks in H1, while 75% lower than in the first half of last year, has steadily risen in H2 with the recent attacks on decentralized exchanges important to their respective chains.

Sunday’s attack on Ethereum DEX Curve rattled many DeFi investors who viewed the project as one of the safest. The attack vector exploited a weakness in the Vyper tool that converts smart contracts into instructions a computer can understand. 

What exactly is a smart contract? Click here to find out more about the building block of decentralized finance.

A recent exploit on Base DEX LeetSwap has reportedly cost liquidity providers at least $600,000. The project team has yet to reveal the details, although security firm Peckshield traced the hack to a single swap function.

Companies whose services are becoming a regular feature of DeFi security strategies include Hacken, SlowMist, and CertiK. Hacken and CertiK have audited code in over 3,700 projects, while SlowMist has onboarded 1,000.

Earlier this year, AnChain.ai announced a new artificial intelligence-based smart contract auditing tool as part of its Web3SOC security framework. 

Got something to say about Diligence Fuzzing, DeFi security, or anything else? Write to us or join the discussion on our Telegram channel. You can also catch us on TikTok, Facebook, or Twitter.

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.

[ad_2]

Source link

Bybit