Is the opportunity for the commercialization of smart contract security analysis tools here?

Authors: Ray Xiao, Sally Gu, IOSG Ventures

Introduction:

At the end of September, Paradigm officially announced its lead investment in the blockchain security project Blowfish, once again drawing widespread attention to the field of smart contract security analysis. However, the Paradigm team had already conducted extensive practices in smart contract security testing prior to this. In March of this year, Paradigm CTO Georgios revealed their development of the Foundry smart contract testing suite (with significant contributions from the Runtime Verification team), and now blockchain security analysis is evolving towards more detailed divisions of labor.

Based on the financing trends and market responses in recent months, primary market capital currently shows strong interest in security monitoring and firewall fields that emphasize the timeliness of security information, risk coverage, and lightweight technology, which is quite different from the majority of past capital investments in the auditing field.

According to reports from CertiK and SlowMist, crypto assets lost as much as $2 billion in the first and second quarters of 2022 due to security attacks. In the second quarter alone, a single flash loan attack resulted in a total asset loss of $300 million. This month has also become the largest month for hacker activities in history, with over 12 attacks targeting DeFi protocols in just two weeks, resulting in stolen amounts exceeding $700 million.

Source: https://twitter.com/chainalysis/status/1580312145451180032?s=20\&t=QfqOMqMKjHd3EtX_0O-QjA

If we consider the lifecycle of on-chain smart contracts as a complete process from development >> deployment to the blockchain network >> operation, the security analysis of smart contracts can be divided into: analysis before contract deployment (before the blockchain network officially goes live) and analysis after contract deployment. This roughly covers three main categories: testing, auditing, and monitoring, each of which has various types of analysis methods and corresponding tools (as shown in the figure below). PS: The coverage of smart contract auditing extends from before contract deployment to after deployment (contract upgrade auditing).

1. Security Analysis Before Smart Contract Deployment: Testing + Auditing

1.1 Testing

Contract testing is the area where developers and auditors need to invest the most effort, which differs from traditional developers. Due to the immutable nature of blockchain, once a smart contract is deployed to the EVM virtual machine, it is difficult to change. Therefore, most of the work on security analysis and addressing security vulnerabilities is spent on "pre-analysis"—security testing before the deployment of smart contracts.

Before undergoing formal auditing, contract developers/auditors need to conduct some basic tests on the contract's code. The higher the coverage of initial tests, the more likely it is to avoid simple bugs entering the formal audit stage (generally, a smart contract achieving 85%-90% code coverage is considered reasonable; coverage for core modules needs to be above 95%).

Common basic tests include unit tests (focusing on testing individual functions) and integration tests (ensuring that the combined parts of the code can run normally). Common tools used at this stage include Hardhat, Truffle test framework, etc. Common test contents include: state checks, event triggers, transaction resets, function calculations, and complete functional testing.

Source: https://betterprogramming.pub/how-to-test-ethereum-smart-contracts-35abc8fa199d

1.2 Auditing

"Testing can effectively discover defects in a program, but it cannot prove that the program is free of defects." ------ Edsger Wybe Dijkstra (Computer Scientist, Turing Award Winner 1972)

According to the definition in the official Ethereum documentation, auditing is a detailed evaluation of every line of source code in a smart contract, mapping possible attack vectors in the smart contract from the perspective of an attacker to identify potential failure points, security vulnerabilities, and poor development practices. The auditing phase generally includes: static analysis, dynamic analysis (fuzzing tests, symbolic execution), manual analysis, and formal verification. As Dijkstra stated in the above image, testing alone cannot fully assure that a program is free of faults; auditing and formal verification aim to get closer to the goal of proving that the program has no defects.

Financial Costs

According to data from the smart contract security company Hacken, the average cost of smart contract auditing services in the industry ranges from $5,000 to $30,000 (for small to medium-sized projects). For large projects, costs can sometimes reach $500,000 or even higher. The cost of smart contract auditing directly depends on the complexity of the code and the agreed scope of work. Other factors affecting the price include urgency, the size of the smart contract (how many lines of code), the number of engineering hours required to complete the process, and the availability of documentation related to the project.

Time Costs

Initial audits typically take an average of 2 to 14 days, depending on the complexity of the project, the scale of the smart contract, and urgency. For large projects or protocols, initial audits may take up to 1 month. After the initial audit is completed, clients will receive recommendations on what modifications to implement.

Human Resource Costs

According to feedback from IOSG's lead investment project in blockchain formal verification, Runtime Verification, the human resource costs for auditing depend on the complexity of the protocol. For most leading security auditing companies with extensive industry and academic experience, understanding the business logic and token economics of crypto client projects is generally not too difficult; typically, two professional engineers can complete the initial steps in about 1 to 2 weeks.

However, the subsequent parts will depend on the specific needs of the client. Some clients only require a manual audit of the basic business logic of the audited project (reviewing their code and manually checking if it aligns with the required business logic), which is the cheapest service. Some clients wish to model the business logic and token economics and then manually conduct mathematical proofs to ensure that certain important results hold, such as security, liveness, and consistency. Some large clients, like MakerDAO and the Ethereum Foundation, wish to go further and conduct formal verification of the code.

Regarding formal verification, it is worth mentioning that formal verification uses mathematical methods to verify the correctness of a program—ensuring that the implementation of the program aligns with the programmer's intent, ultimately proving that the system is Bug Free. In other words, formal verification is like a more comprehensive "testing," theoretically encompassing all possible inputs and states, which testing cannot achieve (as illustrated in the example below, where a transfer contract has an overflow bug; testing would require the tester to input a very large value to discover it, while a formal verifier would identify the overflow bug through the mathematical logic of "total amount of the token = sum of the balance of all addresses").

In terms of practical scalability, formal verification is relatively slower in large-scale application compared to traditional testing solutions. For most crypto projects, completing a smart contract audit is usually sufficient; from the perspective of cost investment and potential benefits, it is not yet a necessity for small projects (or the cost of proving the program is bug-free is still relatively high). The core reason is that formal verification requires the involvement of specialized formal talent, as creating formal specifications for project code is a very complex task that needs to cover the properties of the contract code and define the behavior of the contract in different situations, which requires professional talent participation. (Interested readers can refer to our previous article "Why We Led the Investment in Runtime Verification" https://mp.weixin.qq.com/s/VWVgn4k9k0XqbM-O7-TVXg)

Smart contract auditing is still a labor-intensive industry with high technical requirements for talent. Currently, although there are a dozen popular auditing tools on the market (most developed by mainstream security auditing companies or academic researchers), very few have successfully achieved commercialization. The fundamental reason for this will be analyzed later. In short, the industry still relies on security service providers' own automated tools combined with manual reading of each line of code or modeling, and it is basically impossible to achieve scalable commercial revenue solely by selling automated auditing tools.

PS: According to feedback from Hexens, which we recently led an investment in, they commonly use some static analysis testing tools like Slither and MythX, although the results are not always satisfactory. For higher-level testing, they mainly use fuzzers like Echidna and Forge + built-in fuzzer.

2. Security Analysis After Smart Contract Deployment - Monitoring

Currently, among the ten most common blockchain network security attacks, scams occur most frequently and cause the highest direct asset losses to users. According to data from Peckshield, in 2021, on-chain economic losses due to various scams in crypto reached $12 billion, which is 6.7 times higher than losses caused by direct hacker attacks.

Common Scam Attacks:

• Phishing (Common phishing techniques include sending emails/websites asking users to reset passwords/recover their accounts. Once users log into these fake sites, their private keys are stolen.)

  Case: Alice logs into an exchange, connects her MetaMask wallet, and receives a pop-up indicating a wallet failure, requiring recovery with a mnemonic phrase. After recovery, all assets in the wallet are stolen.

• Impersonation (Individuals claiming to be employees or representatives of certain dapps/institutions may contact users via email, phone, or social media. They will steal funds from users by sending fake free minting/airdrop websites. Alternatively, they may manipulate victims to extract funds or sensitive data.)

  Case: The Ukrainian government accepts cryptocurrency donations and announces an NFT airdrop; impersonators disguise themselves as the Ukrainian government to issue fake token airdrops for scams.

• Discord Admin Identity Hijacking (Attackers control bots of trusted community administrators to post false announcements, scam links, or deceive victims into relinquishing their cryptocurrencies or NFTs.)

  Case: Hackers control official Discord servers of blue-chip NFTs like Bored Ape Yacht Club, sending erroneous links to members in bulk; once users click, their assets are irreversibly stolen.

• BGP Hijacking (By falsely claiming to control IP prefixes that they do not actually control and adding them to the routing table of internet BGP routers, attackers can hijack traffic to that IP address. In this case, users will be redirected to a trap address set by the attacker once they attempt to log in.)

  Case: Celer suffered a BGP hijacking attack, affecting 32 users and resulting in a loss of $235,000 (August 2022).

• Code Backdoors & Traps (Attackers hide malicious code with special functions in normal programs, such as backdoors that can destroy and delete files, send passwords, record keystrokes, and conduct DDoS attacks to steal users' personal information.)

  Case: Bob minted an NFT on a certain website, only to find it missing two days later. The attacker had implanted certain features in the NFT code that allowed them to authorize others to trade the NFT or destroy others' NFTs, making it impossible to list, etc.

• Frontend Malicious Code (Attackers implant malicious code into the frontend of websites like exchanges, such as the user's browser's tab management system, generating erroneous approvals through this malicious code, allowing user assets to be transferred to the attacker's address.)

  Case: KyberSwap lost $2.56 million due to frontend malicious code implanted by hackers (September 2022).

Common Tools:

Compared to smart contract security auditing, the business content involved in providing monitoring & firewall services is more extensive and intricate.

Focus on security auditing of smart contract code before deployment and after contract upgrades, often through various types of testing (static analysis, dynamic analysis) to input a series of values to see if the contract's output values and states operate normally. For example, for a common on-chain transfer logic (as shown in the figure below), common tests include: transferring zero ether, transferring all the ether, transferring slightly more than all the ether, transferring the largest possible amount of ether, transferring an account's value to itself, etc., to see if the contract can perform as the programmer intended.

Focus on in-process security analysis through monitoring/firewall services, which deal with more complex issues. Currently, it appears that the security services provided by such projects emphasize breadth (covering as many problematic on-chain asset contracts, the latest suspected scam addresses, phishing websites, etc. as possible), making them relatively lighter than security services for contract auditing. This involves many security risks beyond checking code correctness, such as various scams and phishing-related attacks. Monitoring these vulnerabilities requires not only contract parsing capabilities but also continuously updating risk databases with suspicious addresses, suspicious contract logic, and suspicious asset lists.

Through our discussions with industry professionals, we found that different monitoring services have different focuses. For example, GoPlus places more emphasis on providing data API services to project parties or even some front-end focused firewalls; Harpie and Blowfish focus more on providing front-end services, simulating transactions before users execute a transaction or complete an authorization to identify issues and prevent users from engaging in risky transactions; Tenderly focuses more on developer needs, providing runtime monitoring services for smart contract developers. Of course, this field is still relatively new; although large trading platforms like Opensea have already engaged in substantial commercial cooperation with some projects, we believe that the future commercialization path remains unclear and that there will be significant competition in the industry (as the technical threshold for code auditing is somewhat lower).

3. Business Development Opportunities and Challenges for Smart Contract Security Analysis Tools

1) Currently, many in the industry believe that the commercial boundary between monitoring & firewall and security auditing is still relatively vague (both are currently 2B services, with most clients being various crypto project parties). Theoretically, it would be more in line with commercial development logic for professional security auditing companies that have been deeply engaged in the blockchain security field for many years to directly provide monitoring services, even developing B2C products that directly benefit end users. However, since the monitoring sector is just starting, the charging model and profit model are still unclear (currently observed as 2B service fees or project transaction fee sharing). If the market rebounds, the security auditing market may remain in a state of supply > demand, with unfulfilled orders, potentially neglecting this emerging market. This time window presents a great opportunity for newly emerging companies specializing in monitoring/firewall services.

2) There are already many automated tools for smart contract auditing on the market, with a common dozen or so, most of which are open source. The business model of charging for tools in this direction has yet to be proven, primarily because:

• The relationship between hackers and security defenders is an arms race, and the attack is always a moving target; as the saying goes, "the higher the magic, the higher the countermeasure." Once security tools are released, hackers will attempt to bypass them and develop new forms of attacks. Therefore, security tools can only continuously iterate and update to raise the attack threshold;
• Most tools have a high usage threshold, and few people can use professional security analysis tool products, thus limiting market scale (although Runtime Verification has pushed Firefly for general developers, and ConsenSys Diligence has MythX);
• Security analysis tools can only cover mainstream vulnerabilities, while clients subjectively prefer auditing teams to provide customized services based on the economic models of their protocol business logic.

The team also hopes for a market-authorized auditing company to provide deeper customized auditing services and stamp approval. Therefore, providing monitoring services would be a great opportunity for professional security teams to enter scalable products.

3) Insurance services for DeFi project parties, DAOs, or individuals may become the next blue ocean. Considering that there are currently no good prevention or solutions for attacks such as hackers directly stealing private keys, insurance services aimed at risk avoidance and asset protection are likely to receive more attention in the future.

Of course, considering the complexity of crypto assets themselves and the multiple uncertainties regarding compliance, underwriters often bear greater risks. Therefore, before addressing this issue, the development of the insurance industry will foreseeably still face certain bottlenecks. We look forward to the overall increase in the scale of crypto assets and the entry of more traditional institutional users, enabling the insurance business to achieve more systematic improvements before the next cycle arrives.

Reference:

https://www.paradigm.xyz/2022/03/foundry-02

https://www.coindesk.com/business/2022/09/30/paradigm-leads-118m-funding-round-into-web3-firewall-blowfish/

https://ethereum.org/en/developers/docs/smart-contracts/testing/

https://docs.openzeppelin.com/learn/writing-automated-tests

https://iamdefinitelyahuman.medium.com/an-in-depth-guide-to-testing-ethereum-smart-contracts-2e41b2770297

https://betterprogramming.pub/how-to-test-ethereum-smart-contracts-35abc8fa199d