Standard represents a major step forward in ensuring security within the Ethereum ecosystem.
Wakefield, MA — December 18, 2023 — that much Enterprise Ethereum Alliance (EEA) announced the launch today. EthTrust Security Level Specification Version 2.0.
The specification was created by security experts from more than a dozen companies, including big names in Ethereum security such as Diligence, OpenZeppelin, Hacken, and CertiK, as well as major companies such as Banco Santander, Microsoft, and EY. In particular, this involves professional security companies, regular customers and independent experts all working together to improve security measures.
Chaals Nevile, Director of Technical Programs at the EEA, said: “EthTrust represents a pivotal advancement in ensuring security within the Ethereum ecosystem. This acts as a comprehensive ‘quality check’ for Ethereum and sets a benchmark for security standards.”
A powerful framework for smart contract security
EthTrust’s primary function is to provide a powerful framework for reviewing smart contract code written in Solidity, the primary language of Ethereum-based blockchains. This framework is designed to identify and fix known security vulnerabilities, providing a high level of assurance that your code is safe and secure.
The main beneficiaries of the new specifications are:
- developer: EthTrust reduces the workload of security reviewers by solving fundamental problems. This means lowering costs and focusing on uncovering complex or new vulnerabilities.
- customer: This provides customers with confidence that their security review meets fundamental quality standards.
- Reviewed by: Reviewers benefit from a comprehensive, up-to-date checklist of known issues. This simplifies routine tasks so you can focus on the more complex and creative analytical aspects of your role.
Great improvement
This joint effort involved knowledge sharing and systematic revision within the EEA over a year and a half. EthTrust Working Group. This approach represents a significant improvement over the original version released last year and demonstrates the EEA’s capacity for effective ongoing maintenance and updates.
Improvements include:
- More explicit handling of read-only reentrancy
- Several new bugs have been discovered in the Solidity compiler.
- Explicit handling of rounding errors
- Additionally, simplifying testing requirements to streamline the process for most developers without compromising their ability to handle unusual code.
- We update specifications around newly discovered vulnerabilities and adjustments to reflect changing trends in attacks.
The new standard provides trusted, industry-backed guidance for the broader Ethereum/EVM-based blockchain ecosystem. The new standard is available free of charge online in the EEA. EEA EthTrust Security Level Specification.
contact lens
For more information about the standard, please contact: charles nevilleEEA Technical Program Director; (email protected).
For general EEA media inquiries contact: tom lionsEEA Director of Communications and Content; (email protected).
About EEA
The EEA is a member-led industry organization that aims to promote the use of Enterprise Ethereum and Mainnet Ethereum blockchain technologies with open standards to empower all enterprises. For more information entethalliance.org.