By Josselin Feist, Blockchain Engineering Director
Holistic safety evaluations ought to reveal way over easy bugs. Usually, these bugs point out deeper points that may be difficult to know and handle. Given the time-boxed nature of evaluations, safety engineers might not have the chance to establish all bugs attributable to these issues—and so they might proceed to trigger points sooner or later, even after preliminary bugs are mounted.
That’s why it’s vital to consider safety extra holistically when growing a safe product. This angle requires consideration of the software program improvement lifecycle and the structure and design of the software program. We’ve developed a set of codebase maturity criteria for assessing a codebase’s compliance with {industry} requirements and greatest practices. Our ensuing suggestions have facilitated substantial enhancements to our purchasers’ codebases. As an example, Balancer developed higher arithmetic primitives based mostly on our recommendations on arithmetic rounding (Appendix H), whereas different purchasers, together with Optimism, Uniswap, and Primitive, strengthened their codebases by way of the implementation of Echidna properties.
We’re sharing these pointers to assist everybody assess and improve the maturity of their very own sensible contract codebases.
How we consider maturity
Drawing from our expertise performing a whole bunch of safety audits over greater than a decade, we’ve recognized a number of vital management households. They’re the place we generally establish safety flaws, and the place enhancements are continuously wanted to boost a product’s safety posture. Attaining higher maturity in these areas ends in fewer bugs over the product’s lifecycle (and happier safety engineers).
We rank every of those classes as weak, reasonable, passable, or sturdy:
- Arithmetic
- Auditing
- Authentication/entry controls
- Complexity administration
- Decentralization
- Documentation
- Low-level manipulation
- Transaction ordering dangers
- Testing and verification
(Be aware that we apply this management family-based method for all of our purchasers, blockchain or in any other case, and alter the controls based mostly on the goal of our evaluation. Our cryptography and software safety groups have their very own really helpful controls.)
Most groups should exert substantial effort to attain passable maturity. For instance, if a codebase doesn’t embrace an automatic testing methodology focusing on arithmetic, it may be thought of reasonable at greatest. This may increasingly appear strict, however the actuality is that in case you haven’t integrated fuzzing into your improvement course of in 2023, you’ve fallen behind. Likewise, in case your system stories occasions, but lacks a technique for monitoring them or responding to reported failures, you must rethink your incident response technique.
Though we formulated these greatest practices based mostly on intensive expertise, we’re open to suggestions. We periodically replace this listing as we work with extra purchasers and because the controls required to ship safe blockchain options change over time.
Utilizing the code maturity analysis
Assessing a venture towards these particular pointers facilitates an in-depth and knowledgeable dialog about software program safety dangers for blockchain initiatives. In an surroundings the place new threats come out day by day and infosec Twitter can’t keep on one subject for greater than an hour, this helps groups deal with elementary requirements. It additionally helps reveal optimistic progress towards security somewhat than simply detection of bugs (a destructive indicator).
Our pointers can be utilized as a self-evaluation protocol for varied roles concerned in software program improvement:
- Builders ought to comply with the rules. Incorporating them all through improvement will assist establish potential blind spots. A venture striving to attain passable or greater scores throughout all classes on day one will place itself for achievement and scale back the chance of safety points.
- Safety engineers ought to measure their goal towards the rules. They need to use the data gathered from a code evaluation to complement their analysis and supply steerage to builders on enhancing maturity. Nonetheless, they need to do not forget that these standards are meant to information self-reflection and should not a complete guidelines that addresses all dangers. A key accountability of safety engineers is to contextualize the maturity analysis.
- Firm leaders ought to allocate sources to handle deficiencies. They need to evaluation the maturity analysis to know the standing of their venture safety. This can help them in prioritizing and figuring out methods to enhance the group’s safety posture and allocate sources to weak spots.
Towards an industry-wide greatest follow
We encourage safety {industry} professionals to undertake these pointers as a greatest follow. We are going to periodically replace them as greatest practices evolve and new dangers emerge. If you wish to improve your complete safety posture—and transcend merely discovering bugs—please contact us by way of our website or email.
