The innovation signifies a significant step forward in enhancing security within the Ethereum ecosystem.
Wakefield, Mass. — December 18, 2023 — The Enterprise Ethereum Alliance (EEA) has announced today the launch of Version 2.0 of its EthTrust Security Levels Specification.
This specification was developed by a group of security experts from over a dozen organizations, including well-respected names in Ethereum security such as Diligence, OpenZeppelin, Hacken, and CertiK, alongside industry giants like Banco Santander, Microsoft, and EY. It features specialized security firms, their typical clientele, and independent authorities working collaboratively to bolster security protocols.
Chaals Nevile, EEA’s Director of Technical Programs, remarked: “EthTrust marks a crucial enhancement in ensuring security within the Ethereum ecosystem. It acts as a thorough ‘quality control’ mechanism for Ethereum, establishing a standard for security benchmarks.”
A Comprehensive Framework for Smart Contract Security
The core purpose of EthTrust is to create a strong framework for scrutinizing Smart Contract code created in Solidity, the primary language used in Ethereum-based blockchains. This framework is developed to detect and resolve known security flaws, providing a high degree of assurance regarding the safety and integrity of the code.
The newly introduced specification primarily benefits:
- Developers: EthTrust alleviates the burden for security reviewers by addressing fundamental issues. This results in reduced costs and enables a greater focus on identifying complex or uncommon vulnerabilities.
- Clients: It instills confidence in clients that security evaluations adhere to essential quality benchmarks.
- Reviewers: Reviewers gain access to an updated and comprehensive checklist of known issues, simplifying their routine responsibilities and allowing them to dedicate more attention to intricate and innovative analyses of their tasks.
Notable Enhancements
This collaborative endeavor involved a year and a half of collective expertise sharing and meticulous refinements within EEA’s EthTrust Working Group. The result has been significant enhancements over the previous version released last year, demonstrating EEA’s capability for effective ongoing management and updates.
These enhancements include, but are not limited to:
- Clearer handling of read-only re-entrancy issues
- Identification of new bugs found in the Solidity compiler
- Explicit focus on rounding errors
- Streamlining of testing requirements to facilitate the process for most developers without sacrificing coverage of unusual code; in addition to
- Updates to the specification with newly identified vulnerabilities and realignments to reflect evolving attack patterns.
The newly established standard offers reliable, industry-supported guidance for the wider Ethereum/EVM-based blockchain environment. The new standard is freely accessible online from EEA: EEA EthTrust Security Levels Specification.
Contacts
For further details about the standard: Chaals Nevile, EEA Director of Technical Programs, Chaals@entethalliance.org.
For general media inquiries regarding EEA: Tom Lyons, EEA Director of Communications and Content, tom.lyons@entethalliance.org.
About the EEA
The EEA is a member-driven industry organization aiming to promote the use of Enterprise Ethereum and Mainnet Ethereum blockchain technology as an open standard to empower ALL businesses. More at entethalliance.org.
The post EEA Introduces Version 2 of the EthTrust Security Levels Specification appeared first on Enterprise Ethereum Alliance.
