Errors in code that lead to bugs are an issue, everyone knows that. Often these ‘bugs’ can be left untouched and unexploited, meaning no issues arise, however it’s still a problem that these sorts of bugs exist. We could compare this to a chip in your car windscreen. If the chip is there, it’ll probably remain in one place and cause no further damage. It’s position and existence however is a risk, because there’s always a chance the chip could become a bigger and more dangerous crack, if it’s not fixed at an early stage.
Likewise, if bugs are left unaddressed, they can cause problems at a later date.
Within Ethereum projects specifically, research has found that as many as 59% of the projects are infected with bugs. Of course, the majority of these will never be exploited, but their presence should be a worry, especially for those working on the technical side of the projects. According to ZyCrypto, Hosho, a world leading technology audit firm has revealed these findings after carrying out a sweep on Ethereum projects. According to the research, 59% of them could be destroyed as a result of bugs within the smart contract code and that overall, this is now a big of a security epidemic.
According to ZyCrypto:
“The firm stressed that over 59% of the projects were affected in one way or the other and that despite the huge amount of money that is involved in these projects, it’s still not safe. Though effort have been made by experts on how to fight the threat, as it is feared that, if not managed properly, it may destroy projects that are worth billions of dollars and raise another question on the security level of the industry and give crypto haters the bragging right to cast more aspersions on the growing industry.”
The risk though, does not have to be there
Of course, cryptocurrency projects are working to ensure that they can address these bugs in a timely manner. Many even pay ‘hackers’ to locate these bugs for them in programmes known as ‘bug bounties’. Within this, hackers can be paid in cryptocurrency to locate and report bugs, it’s a nice way of keeping those risky people on the right side of the law I suppose.
The real solution though, can only be found when more people are ‘qualified’ to build and maintain smart contracts. It seems that education is the key to ironing out these bugs and that one day, developers will be able to spot them and combat them more easily, first though, these developers need to start working along a framework of industry standards. According to ZyCrypto, the CMO of Amazix, a management and consultancy firm, Keneth Berthelsen has said:
“In the absence of industry standards, we see smart contracts auditing and penetration testing to be essential components of good security in blockchain systems.”
Get these standards outlined, get developers working on the same page and soon enough, bugs should become a thing of the past.
Is this really the way forward?
We are in favour of cryptocurrency education and believe that this is a part of that. By having better informed developers working alongside a set of standards, bugs will be easier to locate and importantly, they will be easier to avoid. Once we know what causes the bugs to exist, we can alter our approach to ensure bugs aren’t left to flourish within smart contracts and other blockchain projects.
It’s a long drawn out approach, but eventually it will pay dividends.