Smart Contract Automated Security Monitoring Tool Created By Amberdatabr>
Amberdata, a company specializing in blockchain monitoring and operational intelligence, has added automated security audits at scale for ethereum smart contracts to its platform.
The new offering is available to Amberdata platform users and incorporates smart contract static and byte code security analysis to detect security vulnerabilities. A vulnerability score helps developers understand the attack surface of their smart contracts, while the metrics and console provide insight into the state and health of their applications.
Over recent months, an average of 8,000 smart contracts have been deployed daily onto ethereum. Amberdata has already conducted audits on over 280,000 smart contracts — including the top 2,000 on mainnet ethereum – and all smart contracts that have been deployed over the past 90 days. As the list of audited smart contracts continues to rapidly grow, users will able to search for any smart contract and better understand its security posture.
“Today’s security audits are expensive, and it is almost impossible to find and hire qualified teams to conduct them,” said Shawn Douglass, CEO of Amberdata. “Even after paying professionals your results may vary. Amberdata is helping developers easily identify vulnerabilities and mitigate risk as they build and maintain their applications. Our data shows that over 16% of the smart contracts that we audited have some level of vulnerability warnings which warrant a second look. Our automated process provides greater access and enhanced visibility into smart contracts. We hope that by providing these tools to the community, we can reduce outside dependencies and enable the community to develop faster more safely.”
In addition to the security audit, Amberdata has also added real-time smart contact activity streaming and historical event logs. The real-time activity stream provides a live look at transactions, events, function calls and contract internals, while the automated historical event logs offers a time-series view into past contract activity.
BLOCK TRIBUNE: The 16% of smart contracts that have a security flaw – is there a common problem that developers are ignoring?
TONGTONG GONG:The top three common issues are: integer overflow, exception state, and message call to external contract.
BLOCK TRIBUNE: Will this automated check of security be something that a non-technical person can use to audit a smart contract?
TONGTONG GONG: Yes, our platform automatically performs the security audits when the smart contract is deployed on ethereum mainnet. Anyone can use Amberdata.io to search and navigate to the contract details page and view the audit results.
BLOCK TRIBUNE: Are there any sectors of smart contract activity – real estate, health, gambling – that are more prone to security issues?
TONGTONG GONG: It’s pretty industry agnostic and more about best coding practice and hygiene. It’s noticeable that newer contracts are getting better as people started to adopt good core practices.
BLOCK TRIBUNE: Are you planning on extending beyond the ethereum blockchain with these audits in the future?
TONGTONG GONG: Yes, absolutely. We plan to support all smart contract platforms like ethereum.