Ethereum Alliance Launches Rating System for Smart Contracts
Like Moody's, but for blockchain-based smart contracts.
A group of blockchain security companies has come together to launch the Ethereum Trust Alliance.
Verify Your Smart Contract
The group aims to develop a rating system that will provide blockchain users with an easy way to determine whether a smart contract is secure. The founding members of the Alliance are MythX, Quantstamp, Runtime Verification, Sooho, SmartDec, and ConsenSys Diligence.
Currently, there is no way for any layperson using a dApp to know whether the underlying smart contract is secure or if it has undergone a third-party security audit. The Solidity programming language used by Ethereum is Turing-complete, meaning that it’s flexible enough to program any eventuality.
However, this feature also means that a smart contract could produce unforeseen outcomes. The infamous 2016 DAO incident, widely referred to as a “hack,” illustrates this point. The DAO thief simply exploited a vulnerability in the underlying smart contract code, enabling them to steal $50 million.
Smart contract security firms exist to help developers ensure their smart contracts are robust by conducting testing and code audits. Nevertheless, it’s up to an individual developer whether they choose to share whether their code has been tested or audited.
Now, the Ethereum Trust Alliance’s standardized rating system will enable users to check whether a smart contract is secure before they send any tokens to it.
The ultimate aim of the ETA is to establish a registry of smart contracts and their ratings. The next stage of development is to put in place all the infrastructure to support the rating process, including rating definitions and requirements, as well as a way for smart contract owners to apply for ratings’ badges.
The Alliance has set a deadline for Q1 2020 to deliver these specifications.