Smart Contracts News Thursday, April 26 Insurance provider, Smart contract bugs, Mesh token transaction & more…

[vc_row] [vc_column] [vc_column_text]

What’s new?

[/vc_column_text] [/vc_column][/vc_row] [vc_row el_id=”medium_com__lkngtn_insuring_against_smart_contract_failure_86d0d9206d90_”] [vc_column width=”1/2″] [vc_separator] [vc_column_text]

Insuring Against Smart Contract Failure – Luke Duncan – Medium

curate [/vc_column_text] [vc_column_text el_class=”topfeed-summary-list”]

  • Who is responsible for smart contract security?Do we blame Parity for being negligent and not following best practices, or do we blame the users of the parity multi-sig wallet for choosing to trust unaudited code, or do we say its nobody fault and collectively clean up the mess, again, and…
  • Large number of similar exposure units: There are many instances where users are exposed to the risk of bugs, and their risks depend on the specific contracts they are engaging with.
  • Affordable Premium: If the event is too likely to occur, or the cost of the event so large, that the resulting premium is unaffordable then no one will buy insurance, in this particular case the risk of a carefully developed contract should be 0, so carefully constructed contracts that follow…
  • Auditors as Insurance ProvidersSuccessful Insurance providers will be experts at assessing the risks of smart contract failures, and can monetize an information asymmetry advantage with regard to the security of contracts.
  • If users see that insurance is offered for a contract then they implicitly know that it has been reviewed and that the auditors are reasonably sure that it is safe to use, this means that users can significantly reduce risk simply by interacting only with contracts that insurance is offered…

[/vc_column_text] [vc_column_text el_class=”topfeed-tags”] Tags: insurance provider, smart contract, Smart Contract Bugs, risk, contracts [/vc_column_text] [/vc_column] [vc_column width=”1/2″] [vc_separator] [vc_column_text el_class=”topfeed-tweet”]

[/vc_column_text] [vc_column_text el_class=”topfeed-embedly”] Insuring Against Smart Contract Failure – Luke Duncan – Medium [/vc_column_text] [/vc_column] [/vc_row] [vc_row el_id=”medium_com__peckshield_integer_overflow_i_e_proxyoverflow_bug_found_in_multiple_erc20_smart_contracts_14fecfba2759_”] [vc_column width=”1/2″] [vc_separator] [vc_column_text]

Integer Overflow (i.e., proxyOverflow Bug) Found in Multiple ERC20 Smart Contracts (CVE-2018–10376)

curate [/vc_column_text] [vc_column_text el_class=”topfeed-summary-list”]

  • Integer Overflow (i.e., proxyOverflow Bug) Found in Multiple ERC20 Smart Contracts (CVE-201810376)On 4/24/2018, 01:17:50 p.m. UTC, PeckShield, a blockchain security startup, detected an unusual MESH token transaction (shown in Figure 1).
  • Figure 1: A Suspicious MESH Token Transfer (with huge amount) – Theres another case happened to the SMT token at 07:16:19 UTC with the same attack pattern.
  • Figure 2: A Suspicious SMT Token Transfer (with huge amount) – As we look into the corresponding smart contract, we find out that the proxyTransfer()function has a classic integer overflow problem.
  • It means the attacker could transfer huge amount of tokens to an address (line 214) with zero balance.
  • From our system-wide scanning, we have located quite a few ERC20 tokens affected, including – With the touted code-is-law principle in Ethereum blockchain, there is no traditional well-known security response mechanism in place to remedy these vulnerable contracts!

[/vc_column_text] [vc_column_text el_class=”topfeed-tags”] Tags: MESH token transaction, Suspicious SMT Token, Suspicious MESH Token, Token Transfer, blockchain security startup [/vc_column_text] [/vc_column] [vc_column width=”1/2″] [vc_separator] [vc_column_text el_class=”topfeed-tweet”]

[/vc_column_text] [vc_column_text el_class=”topfeed-embedly”] Integer Overflow (i.e., proxyOverflow Bug) Found in Multiple ERC20 Smart Contracts (CVE-2018–10376) [/vc_column_text] [/vc_column] [/vc_row] [vc_row el_id=”medium_com__smartmesh_smartmesh_announcement_on_ethereum_smart_contract_overflow_vulnerability_f1ded8777720_”] [vc_column width=”1/2″] [vc_separator] [vc_column_text]

SmartMesh Announcement on Ethereum Smart Contract Overflow Vulnerability

curate [/vc_column_text] [vc_column_text el_class=”topfeed-summary-list”]

  • SmartMesh Announcement on Ethereum Smart Contract Overflow VulnerabilityIn the early morning of April 25th, the SmartMesh Team discovered an Ethereum smart contract overflow vulnerability and immediately contacted the major exchanges where SMT is listed such as Huobi, Gate, OKEX, CEX, etc.
  • The total number of counterfeit tokens generated by the ETH smart contract vulnerability: Total number of counterfeit tokens transferred from the hacker address to the exchanges: 65,300,289 – 3.
  • Reopening exchange trade – The SmartMesh team has already communicated and coordinated with several exchanges including Huobi and OKEX and conducted in-depth communications with them regarding the specific timing for re-opening SMT transactions and other related measures.
  • The SmartMesh Team would like to apologize to all community users and partners for the Ethereum Smart Contract Overflow Vulnerability incident and thank you all for your concern and continued support!
  • In addition, SmartMesh would like to thank Huobi, OKEx, Gate, CEX, and the other exchanges for their great support and assistance in resolving this incident!

[/vc_column_text] [vc_column_text el_class=”topfeed-tags”] Tags: contract overflow vulnerability, smart contract overflow, ethereum smart contract, counterfeit tokens, exchanges [/vc_column_text] [/vc_column] [vc_column width=”1/2″] [vc_separator] [vc_column_text el_class=”topfeed-tweet”]

[/vc_column_text] [vc_column_text el_class=”topfeed-embedly”] SmartMesh Announcement on Ethereum Smart Contract Overflow Vulnerability [/vc_column_text] [/vc_column] [/vc_row] [vc_row el_id=”steemit_com_devs__eos_asia_eos_smart_contracts_part_1_getting_started_ping_equivalent_in_eos_”] [vc_column width=”1/2″] [vc_separator] [vc_column_text]

Steemit logo

curate [/vc_column_text] [vc_column_text el_class=”topfeed-summary-list”]

  • EOS smart contracts are written in C++ and compile into Web Assembly.
  • A smart contract is composed of a few things: C++ code, an ABI (Application Binary Interface), and a WAST (Web Assembly Text file) based on the C++ code.
  • Lets break down whats going on here: – – The EOS block producers dont run C++ code when executing smart contracts, they expect web-assembly.
  • Let’s create a tester account with the same keys to run the transaction: – – Now we can test it out on the command line: – – This is exciting for us programmers, but most of your users wont setup their command line to interact with your smart contract.
  • This is the core idea of interacting with our ping smart contract from the frontend.

[/vc_column_text] [vc_column_text el_class=”topfeed-tags”] Tags: smart contract, EOS smart contracts, Web Assembly Text, smart contracts developers, C++ code [/vc_column_text] [/vc_column] [vc_column width=”1/2″] [vc_separator] [vc_column_text el_class=”topfeed-tweet”]

[/vc_column_text] [vc_column_text el_class=”topfeed-embedly”] Steemit logo [/vc_column_text] [/vc_column] [/vc_row] [vc_row el_id=”yourblock_io__”] [vc_column width=”1/2″] [vc_separator] [vc_column_text]

Home – YourBlock

curate [/vc_column_text] [vc_column_text el_class=”topfeed-summary-list”]

  • YourBlock is a private eco-system, anchored to the traditional Ethereum Blockchain, using smart-contracts to allow for the secure storage of personal data.
  • Smart-contracts and the nature of the Blockchain technology will also allow Service Providers to upload information of available services.
  • Both parties will meet on the eco-system, to manage their policies (the consumer) or to provide quotes (the service provider).

[/vc_column_text] [vc_column_text el_class=”topfeed-tags”] Tags: service providers, consumer secure access, consumer data quality, public Ethereum Blockchain, Service Provider benefits [/vc_column_text] [/vc_column] [vc_column width=”1/2″] [vc_separator] [vc_column_text el_class=”topfeed-tweet”]

[/vc_column_text] [vc_column_text el_class=”topfeed-embedly”] Home – YourBlock [/vc_column_text] [/vc_column] [/vc_row]