Enterprise Ethereum Alliance Launches EthTrust Security Initiative to Advance Confidence in Ethereum as a Global Settlement Layer for Transactions of All Types
The EEA EthTrust Security Levels Working Group Advances Work Initiated by the Ethereum Trust Alliance and Enables Broader Collaboration within the EEA
WAKEFIELD, Mass. – November 19, 2020 – The Enterprise Ethereum Alliance (EEA) today announced the formation of the EEA EthTrust Security Levels Working Group. The Working Group’s mission will be to continue the advances begun by the Ethereum Trust Alliance (ETA), now part of the EEA, on the EthTrust project, that will set standards for secure, smart contract transactions that are conducted within the Ethereum ecosystem. Given that it only takes one small flaw in smart contract code to instantly lock up or lose tens of millions of dollars, the EthTrust project’s standard and registry aim to make it quick and easy for organizations and individuals to tell if a smart contract has been through a full security audit by a professional team.
- Learn more about EthTrust project and Working Group on December 3, 2020 at the Ethereum in the Enterprise – Asia Pacific 2020 virtual event session led by EthTrust Security Levels Working Group Chair Tom Lindeman. Register free of charge at https://bit.ly/EntEthAPAC.
- RSVP to attend the EEA “EthTrust Security Levels,” webinar hosted by the EthTrust Security Levels Working Group leaders on December 15, 2020, at 4:00 p.m. Eastern.
- Learn more about the speaker line-up and agenda for Ethereum in the Enterprise – Asia Pacific 2020 virtual event on December 3 and 4, 2020, running 9:00 a.m. to 2:00 p.m. JST (UTC+9) each day.
During the ICO boom of 2017, many were uninformed about the fundamental security risks of smart contacts. In other financial industries, credit rating agencies, such as Moody’s, are designed to inform the public about the relative risk associated with a particular financial asset. Yet, within the Ethereum ecosystem, there is no similar registry or rating system for smart contracts. The EEA’s new Working Group will address this issue by focusing on the development of definitions and requirements for different levels of security risks, and a registry system that records which smart contracts have been rigorously tested for security vulnerabilities.
Leading the EthTrust Security Levels Working Group are the newly appointed co-chairs: Tom Lindeman, the former managing director of ETA, chair of the EEA Security Special Interest Group, co-founder of ConsenSys Diligence, and director of Strategic Initiatives, ConsenSys Software Inc.; and EEA member Pierre-Alain Mouy, former ETA product owner and managing director at NVISO Security in Germany.
“We are pleased to announce the formation of the EEA EthTrust Security Levels Working Group. With the EthTrust project, the EEA aims to raise the level of confidence and trust in Ethereum as a global settlement layer for all types of transactions across all industry sectors,” said Executive Director Daniel Burnett. “We are thrilled to have EthTrust leaders Tom Lindeman and Pierre-Alain Mouy as co-chairs to advance this initiative with EEA members – some of Ethereum’s most influential global businesses – for the benefit of Ethereum as a whole.”
Creating a standard and registry system for smart contracts will help users gain greater awareness of how to differentiate which contracts have gone through rigorous security checks. The Working Group will coordinate with the Smart Contract Security Alliance on security recommendations, vulnerabilities, and best practices. In addition, the group will use vulnerability definitions from the Smart Contract Weaknesses Registry for automated tool analysis requirements.
“The smart contracts that power Ethereum have been fraught with security issues. Today, there is still no good way to identify if a smart contract is secure before initiating a transaction. The DeFi space, in particular, has exploded with a flurry of activity that has individuals and organizations approving token contracts, swapping tokens, and adding liquidity to pools in quick succession without being able to easily check contract security,” said EEA EthTrust Security Levels Working Group Co-Chair Lindeman. “By creating an EthTrust standard, specification and registry of certified smart contracts, a variety of trust use cases will be enabled, allowing for Ethereum users to see a contract’s security rating before they interact with it. A special thanks to developers Cory Dickson and Jonathan Prince as well as ConsenSys, NVISO, Runtime Verification, Quantstamp, and Sooho, which helped get this initiative off the ground.”
The Initiative’s registry system will enable exchanges to request a specific rating level before new tokens are listed or a multi-member consortium with smart contracts to require a rating before smart contracts are published.
“As a global organization with Ethereum domain experts of all kinds, the EEA is clearly the place to create a broad-reaching EthTrust Security Levels standard and registry system that will affect anyone interacting with Ethereum smart contracts,” said EEA EthTrust Security Levels Working Group Co-Chair Mouy. “We welcome all companies interested in EthTrust security to join the EEA and the working group.”
About the EEA
The Enterprise Ethereum Alliance (EEA) enables organizations to adopt and use Ethereum technology in their daily business operations. The EEA empowers the Ethereum ecosystem to develop new business opportunities, drive industry adoption, and learn and collaborate with one another. For additional information about joining the EEA, please reach out to [email protected] or visit https://entethalliance.org/become-a-member/.