Smart Contract Security

Total Cardano noob here, focus mainly on application security but am trying to transfer those skills over to some projects on the blockchain. I have recently been doing some research into smart contracts and the way bugs/logic errors can obviously lead to exploitation.

With the pending release of Cardano smart contracts, are there pre-established best practices to follow? Are there companies/consultants ready to audit?

I know that there is already a fairly well-established ecosystem around ethereum smart contracts when it comes to 3rd parties companies, bug bounties, and tooling. I am curious as to if that ecosystem will naturally bleed over into the Cardano space, if it already exists as a part of the launch, or if we are entering mostly uncharted territories that will be pathed as we go?

1 Like

I remember that March’s Cardano 360 had an interview with someone from a company called Runtime Verification that uses formal methods and a semantic framework DSL for verification/audits. There have also been a couple of proposals on Cardano IdeaScale related to auditing.

I will have to go back and rewatch some of the Cardano 360 event and see specifically where that is mentioned, thank you!

I think it is a really interesting domain to explore. I am looking for some way to get involved in the community, and security is truly one of my passions so it seems this may be a good place to potentially start.

It looks like it’s about 26 minutes into the video: Cardano360 - March 2021 - YouTube.

I’m interested in smart-contract auditing, too, and would appreciate links to useful resources.

Thank you! And I will shoot you a PM, would love to bounce some ideas around if you are interested

1 Like