The markets are a bit on the red this morning. Bitcoin (BTC) looks like it is destined for levels below $9,000 and is currently trading at $9,186. Ethereum (ETH) has been steady at its current value of $678. Ripple (XRP) on the other hand is having a hard time reaching the much anticipated $1 value that many were hoping would happen by now. XRP is currently trading at $0.84.
However, today’s discussion is not about market analysis. It is about the recent bugs that have been discovered in Ethereum smart contracts characterized in ERC20 tokens that use the prominent platform for creation of the tokens during Initial Coin Offerings (ICOs).
The first reported news about issues with Ethereum smart contracts was when there was a discovery in vulnerabilities in over 34,000 of them out of a tested batch of almost 1 Million. In the research paper by the students from the National University of Singapore and the University College of London, the researchers were able to categorize the vulnerable contracts into four categories: prodigal contracts, suicidal contracts, greedy contracts and posthumous contracts. The research papers goes on to suggest that if any user were malicious enough, then he’d do a lot of damage to existing smart contracts and even hold them hostage for a ransom.
In an event less than a week ago, multiple crypto-exchanges suspended the trading of all ERC20 tokens on their platforms when it was discovered there was a bug in them that can allow malicious users to possess a huge amount of tokens by exploiting the vulnerable contracts. The bug has been dubbed the batchOverflow bug. The researchers who discovered the bugs were able to alert the crypto-verse to the point of having trading suspended until further investigations were done.
It is therefore with this two examples of Ethereum smart contract vulnerabilities, that it is safe to conclude that the bug discoveries are actually a good thing for Ethereum and its platform. What happens whenever a bug is found in code, is that the developers figure out what causes it and solve it.
Ethereum has been around much longer than any other platform that claims to solve issues of security. Zilliqa, which uses Scilla programming language, is itself in the Beta phase of releasing the complete platform as only the TestNet is currently active. EOS on the other hand also released a TestNet version of the final EOSIO 1.0. The release of EOSIO Dawn 3.0 has been a precursor to the final product which has not been scrutinized as much as Ethereum’s.
In a nutshell, Ethereum is getting stronger with each vulnerability that has been discovered. This can be compared to the advice given by Sun Tzu in the Art of War. In the small, yet dense book, Sun Tzu always emphasizes that a wise general first know his weaknesses before going into battle.
By the time EOS, Tron or Zilliqa produce a working product, Ethereum would be eons ahead in terms of knowing and solving security bugs in its platform. This will in turn make it the preferred choice for future ICOs and tokens.
[Photo source, hacked.com]