paint-brush
Smart Contract Security is Complicated, but Totally Worth itby@alexa.eth
366 reads
366 reads

Smart Contract Security is Complicated, but Totally Worth it

by Alexa KarpNovember 6th, 2021
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

In 2021 alone, there have been over $1.2 billion of DeFi hacks. Forta is a new decentralized security network boasting a growing community of developers that are collectively monitoring the smart contracts powering the ecosystem. The vehicles for monitoring smart contracts on Forta are called agents - virtual security cameras that broadcast a public feed. Over 100 developers have published agents on the Forta network, and anyone can subscribe to an agent and receive its alerts. The more agents running on the network, the more visibility the ecosystem has of threats and other risks.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - Smart Contract Security is Complicated, but Totally Worth it
Alexa Karp HackerNoon profile picture

​​Photo by Rahul Pugazhendi on Unsplash

Smart contracts are the building blocks of crypto, DeFi, and NFTs.

If these ecosystems were lego sets you could buy at a toy store, smart contracts would be the individual pieces in the box.

Just like other types of software, smart contracts can have bugs, be manipulated, and get hacked.

In 2021 alone, there have been over $1.2 billion of DeFi hacks. Some of these were due to negligence. Some fraud. Others were just honest mistakes. In every case though, people lose money. 

It’s a big problem, and unfortunately, a really hard problem to solve.

Developers in the crypto industry have adopted best practices like using code libraries (aka templates) and getting one or more third-party audits prior to deploying contracts on the blockchain.

These measures are helpful and have -- no doubt -- prevented many more losses, but they aren’t enough.

In addition to these pre-deployment measures, developers should be equally diligent about monitoring their contracts for threats once they are deployed to a blockchain.

There are a handful of tools out there, but nothing that has been able to scale with the pace of innovation in crypto and the novelty of attacks, until now (allegedly). 

One of the most exciting projects tackling smart contract monitoring and threat detection is Forta.

Forta is a new decentralized security network boasting a growing community of developers that are collectively monitoring the smart contracts powering the ecosystem. 

As the world’s economy transitions to public blockchains and Web3, Forta’s mission is to protect every economic transaction in the world. Forta does this by enabling a global community of developers to monitor the smart contracts powering the ecosystem.

The vehicles for monitoring smart contracts on Forta are called agents - virtual security cameras that broadcast a public feed.

Any developer can write and publish an agent on the Forta network, and anyone can subscribe to an agent and receive its alerts. The more agents running on Forta, the more visibility the ecosystem has of threats and other risks.

Since launching in July, Forta announced a $23M fundraise led by a16z and has enjoyed impressive growth. Over 100 developers have published agents on the network, and some of the largest DeFi projects are working with devs in the Forta community to monitor their systems for a variety of risks.

To support continued growth, Forta recently launched Forta Connect and Forta Explorer, two applications that will improve the experience for both developers and users. 

Forta Explorer

Forta Explorer is GivBa application allowing users to browse and subscribe to agents. Users have the option to receive alerts via Slack or email, with more integrations coming soon.

These integrations are critical for users, who rely on real-time alerts for visibility over protocol activity, and at times, threats. 

By making it easier to consume alerts, Explorer will help onboard new users, and make Forta alerts more valuable and actionable.  

Forta Connect 

Forta Connect is a self-service platform for developers to publish and manage their agents. To encourage developers to use Connect, Forta is subsidizing the transaction fees associated with publishing an agent.

Profiles currently showcase a developer’s published agents, but could eventually feature additional experience and reputation components. 

By making the agent development process easier, Connect should increase the number of developers building on Forta, as well as the number and quality of agents running on the network. 

The Importance of Good Security

Smart contract security remains one of the toughest challenges in crypto.

It’s also one of the keys to unlocking widespread adoption of DeFi and other Web3 applications. In the spirit of decentralization - Forta is empowering a community of security-minded developers that can collectively monitor and detect risks across the ecosystem. 

It’s a novel approach, but one that feels natural in an ecosystem full of decentralized applications. 

If you’re interested in learning more about Forta or participating in the community, visit Forta.org.