Formal Verification of Ethereum Smart Contracts

New automated security verifier for Ethereum has been released
07 July 2017   1666
Blockchain

Distributed database that is used to maintain a continuously growing list of records, called blocks

Switzerland based Software Reliability Lab developing automated analysis and synthesis techniques for smart contracts has launched the first automated system for formal verification of smart contracts - Securify.

Securify verifier for Ethereum Securify verifier for Ethereum

The main advantages of Securify over other solutions is that it provides:

  • Automation, to enable all users to verify contracts
  • Guarantees, to avoid reporting vulnerable contracts are safe
  • Extensibility, to capture new security vulnerability that are regularly discovered

Securify is capable to pinpoint the instructions that may cause security issues and therefore provides practical and useful guidelines to contract developers.

Ethereum

Is an open-source blockchain-based distributed computing platform featuring smart contract functionality, which facilitates online contractual agreements 

As the developers argue, existing solutions based on executing the contract "check only a subset of the possible paths and can therefore miss critical security problems. Further, approaches based on interactive-theorem provers can provide strong guarantees, for all paths, but they cannot be easily automated or easily extended. In contrast, Securify combines the best of both worlds: it analyzes all paths while being fully automated".

Securify verifier for Ethereum in working process  Securify verifier in working process 

The brand new verifier has already received positive feedback in social media. Sergio Demian Lerner, cryptocurrency security consultant from the first open-source smart contract platform RSK, shared on Twitter:

Pilot customer access to Securify has been already offered to users. It's also possible to sign up for the full release of Securify and future updates

Chinese Miners to Fall Victims of Ransomware

Looks like ransomware came together with "improved" firmware, that should "overclock" device
21 January 2019   79

In China, a ransomware spreads, victims of which are Bitcoin miners. The damage from its activities is measured in tens of thousands of dollars. This is reported by Trustnodes.

The virus infects miners, released by Bitmain, and requires you to send 10 bitcoins, otherwise threatening to cause overheating of the device.

The problem is solved by formatting the SD card of the infected device, however, as Trustnodes notes, the whole process can take up to four days, while malicious software rapidly spreads to the other miners.

Compromised device
Compromised device

Probably, the virus comes with an "improved" firmware for miners. Some owners install such firmware to “overclock” their ASIC devices and improve their performance.

The first messages about the virus refer to August last year. In particular, Antminer S9, T9 and even L3 + for Litecoin were attacked. Over time, the malware has been improved. Now its distributor himself can decide when to display a message requesting a ransom. One miner also said that one night the address to which the 4,000 devices belonging to him sent the mined cryptocurrency was changed to the address of the hacker, which brought him $ 8,000.