Can we get a thread of all the random things DeFi builders should do before their contract holds $25M? As in, if you are a person considering putting your money in a DeFi thing and they haven't done this, it's a big red flag?
Show this thread
-
What about formal verification?
This is a buzzword that's lost most of its meaning in the blockchain community. You can see some of my comments about it on @defiprime: https://defiprime.com/defi-smart-contract-audits ….
Verification does not preclude project owners from other requirements:https://twitter.com/dguido/status/1251961198062469120 …
-
-
That's definitely true, formal verification has become a buzzword. I still believe tools for static/dynamic analysis have a role prior to deployment (at least 50% of the times
), and should be a requirement before a contract holds $25M. -
Your 50% estimate is on the mark. In an empirical review last year, we found it was only theoretically possible for an automated tool to catch about 50% of the bugs we've reported in smart contracts.https://blog.trailofbits.com/2019/08/08/246-findings-from-our-smart-contract-audits-an-executive-summary/ …
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.