Fun

News Feed - 2023-08-01 09:08:00

Tom Blackstone12 hours agoConsenSys releases ‘fuzzing’ tool to test smart contract vulnerabilitiesDiligence Fuzzing lets developers introduce random and invalid data points to find security flaws.5722 Total views3 Total sharesListen to article 0:00NewsJoin us on social networksBlockchain technology firm ConsenSys publicly released its “Diligence Fuzzing” tool for smart contract testing, according to an Aug. 1 announcement. The new tool produces “random and invalid data points” to find vulnerabilities in contracts before they are launched.


Over $2.8 billion was lost in decentralized finance hacks in 2022. According to ConsenSys, these losses are leading developers to embrace more sophisticated testing tools to help find vulnerabilities before attackers do.


The new tool used to be available in a closed beta version, where developers needed to get approval for access. This approval process is no longer necessary as of Aug. 1. Diligence Fuzzing is also now integrated with smart contract toolkit Foundry and features a free version for developers who want to test it out before spending any money.Diligence Fuzzing tutorials. Source: Consensys


Related:Crypto payment gateway CoinsPaid suspects Lazarus Group in $37M hack


In a conversation with Cointelegraph, ConsenSys security services lead Liz Daldalian explained how the tool works in more detail. Developers can annotate their contracts using a machine language called “Scribble,” also developed by ConsenSys. Once they do this, the annotations will be understood by the fuzzing tool. The tool produces “unexpected” inputs so as to test whether the contract can be forced to produce unintended actions.


ConsenSys security researcher Gonçalo Sá said the tool is not a “black box fuzzer.” It does not produce completely random data. Instead, it is a “grey-box fuzzer” that employs an understanding of the program’s current state to reduce the types of data produced, increasing the tool"s efficiency.


Sá has seen developers becoming more interested in fuzzing recently. As Foundry has become more popular, developers have started to use its default black-box fuzzer and have grown accustomed to using it. On the other hand, some users want a more sophisticated fuzzer than the default one, which he argued Diligence Fuzzer could provide. He said:“People are now trying to harness the power of the different types of security tools that they have in their hands. And Foundry [has] a black box fuzzer that is really easy to use. [...] So people now are starting to understand the power of fuzzing. [...] And they are looking for more powerful tools.”


Smart contract hacks have continued to pose a problem for users. Excluding rug pulls and phishing scams, over $471.43 million was lost from Web3 security vulnerabilities in the first half of 2023. Daldalian cautioned that Diligence Fuzzing is not a “silver bullet” that would eliminate all smart contract hacks. However, she argued that it is “one tool in an arsenal that developers can use in order to write more secure smart contracts,” which can at least set the Web3 community on a path to minimize losses from these attacks.# Blockchain# Adoption# Cybersecurity# ConsenSys# Developers# Hacks# DeFiAdd reactionAdd reactionRelated NewsHow to actually spend your Bitcoin, ExplainedAI can be a ‘creative amplifier’ — Grammy chief exec Harvey Mason Jr.Crypto hacks and exploits snatch over $300M in Q2 2023: ReportBug bounties can help secure blockchain networks, but have mixed resultsEra Lend on zkSync exploited for $3.4M in reentrancy attackBNB Smart Chain hit with copycat Vyper attack, $73K exploited

News Feed

ZOIDS WILD NFT ARENA Launches Frontier Test Today
ZOIDS WILD NFT ARENA Launches Frontier Test Today press release PRESS RELEASE.ZOIDS WILD NFT ARENA, a blockchain trading card game presented by Z SPOT and developed by ACT Games, la
Coinbase finds flawed analysis in SEC's proposed exchange definition
Derek Andersen2 hours agoCoinbase finds flawed analysis in SEC"s proposed exchange definitionIn its third letter to the SEC, the crypto exchange said it would withdraw the proposal, which was first released in 2022, and
Amaka Nwaokocha38 minutes agoXRP lawyer John Deaton joins LBRY case as amicus curiaeDeaton is known for his active engagements in legal proceedings and discussions surrounding cryptocurrency regulations and legal actions
Bitcoin miner bankruptcies will be less common this cycle — Hut8 CEO
Brayden Lindrea3 hours agoBitcoin miner bankruptcies will be less common this cycle — Hut8 CEOA slew of Bitcoin miners filed for bankruptcy in the crypto winter of 2022 but Hut 8 CEO Asher Genoot is adamant that things
ATM Coin Founders Ordered to Pay $4.25 Million for Fraud
In a U.S. Commodity Futures Trading Commission-led case, a court has fined another cryptocurrency investment scheme for fraud and misappropriating client funds. According to a CFTC
First Bitcoin Cash Developers Meeting of 2020 to Be Held Today
First Bitcoin Cash Developers Meeting of 2020 to Be Held Today Developers from Bitcoin ABC, Bitcoin Unlimited, BCHD, Bitcoin Verde and other teams, are meeting today to continue
Tristan Greene6 hours agoFailure to tax the metaverse ‘will create a tax haven’ — Harvard legal expertHarvard scholar Christine Kim writes that income and wealth in the metaverse should be subject to immediate taxa
David Attlee13 hours agoTurkey plans to craft crypto framework in 2024Crypto asset providers, such as crypto exchanges, will also be given a legal definition.1902 Total views20 Total sharesListen to article 0:00NewsJoin
Bitcoin Live: How to Watch the Next Price Run or Crash in Real-Time
Bitcoin Live: How to Watch the Next Price Run or Crash in Real-Time Watching the bitcoin price move can be exhilarating, or at times soul-crushing, depending on the market. The u
Spain Approves Bill Requiring Cryptocurrency Owners to Disclose Crypto Holdings
Spain Approves Bill Requiring Cryptocurrency Owners to Disclose Crypto Holdings Spain’s government has reportedly approved a bill that requires cryptocurre
US Senator Says Defi Is the Most Dangerous Part of Crypto – Urges Regulators to Clamp Down Before It’s Too Late
US Senator Says Defi Is the Most Dangerous Part of Crypto – Urges Regulators to Clamp Down Before It"s Too Late U.S. Senator Elizabeth Warren has called on regulators to clamp do
Kraken files to dismiss SEC suit — ‘Dangerous precedent’ for overreach
Jesse Coghlan7 hours agoKraken files to dismiss SEC suit — ‘Dangerous precedent’ for overreachThe SEC’s suit against Kraken has “has no limiting principle” and gives the agency too wide of an authority, the c