A unique risk verification of smart contract developed by Fujitsu

Smart contracts can be automatically checked for vulnerabilities and point to the piece of the corresponding source code
07 March 2018   497

Fujitsu Laboratories Ltd. and Fujitsu Research and Development Center Co., Ltd. today announced the result of its development process. The technology aims to identify vulnerabilities in smart contracts. The precursor of such technology is a special set of algorithms that identify risk-affected transaction sequences on Ethereum. With the aid of the algorithms 6 kinds of risks can be detected and neutralized thus greatly enhancing the development experience.

Those 6 threats go as follows: re-entrancy, authenticating the source of the transaction call, transaction uncertainty due to reliance on timestamp, transaction order transparency, divide by zero and call stack restrictions. Notably, authenticating the source of the transaction call and divide by zero were added as the direct result of the technology. The technology of detection includes virtual execution of transactions under different circumstances, comparison with code patterns of Ethereum that have fraudulent behaviour and checking whether access to transaction records of blockchain is granted or not.

Regarding the performance results, it is reported that while existing verification tools have 67% detection rate, Fujitsu technology had around 88~100%. The technology should contribute to the efficient application of blockchain technology into different areas. Lastly, Fujitsu plans to develop similar verification toolset for Hyperledger Fabric and methods of building secure systems via blockchain.

7 Accounts blocked by EOS BP without Going an Arbitration

EOS is facing another issue just days after its mainnet activation, as the newly elected block producers have frozen 7 EOS accounts on suspicion of being stolen
19 June 2018   49

The backlash began as the block producers did go over arbitration, an integral part of the EOS’s governance system. The critics are certainly questioning the credibility of the project. Jackson Palmer, the creator of Dogecoin and a well-known person in the blockchain industry, questioned the very governance process constructed by EOS and the role of EOS Core Arbitration Forum (ECAF).

The structure of EOS’s governance has been parted into 3 distinct groups - block producers, arbiters, and token holders. This separation resembles the executive, constituency, and judicial, of any governed system respectively. 

On 17 June 2018, the top 21 Block Producers unanimously agreed to protect property that may have been compromised through phishing attacks or other scams where member’s private keys were compromised. The EOS911 initiative was created by EOS42 as a way to prevent victims of private key theft from having their tokens lost once the 72-hour unstacking period ended following the EOS Mainnet Launch. Once that period ended, the thieves would be free to transfer the tokens wherever they’d like, rendering futile any recourse available to the community at this time.
EOS New York, in their recent post

So, in this case, the block producers did not go with the arbitration, rather they only conferred with them. Then the post added:

Foreseeing the process that would be required to act, EOS New York, on a call with BPs and BPCs, requested an expedited review of the merits of the case from ECAF (EOS Core Arbitration Forum) who was also on the call. The idea was that if ECAF found merit in the evidence provided, a formal ruling from ECAF would ask the BPs to “freeze” the accounts in question until such time that a thorough and formal review of the claims could be completed.
EOS New York, in their recent post

This is not the first problem EOS is facing amid its mainnet activation, as within 48 hours of that, the network suspended because of some bug. Though the error only led to a 5-hour network blackout, that is surely not something the team would have expected.