In a move aimed at bolstering the security of Ethereum decentralized applications (dapps), a new standard proposal has emerged within the Ethereum community. Known as Ethereum Request for Comments (ERC)-7512, this proposal seeks to revolutionize the way smart contract audit information is handled by enabling on-chain verification, rather than relying on off-chain methods.
Developers Unite for ERC-7512 Security
The driving force behind ERC-7512 consists of a consortium of Ethereum developers hailing from prominent projects such as Safe, Ackee Blockchain, OtterSec, ChainSecurity, OpenZeppelin, and Hats Finance. Their collective goal is to address a pressing concern within the Ethereum ecosystem: the need for a more robust and transparent mechanism for verifying the authenticity of smart contract audits.
Presently, audit details, including audit conductors and findings, are typically presented manually by development teams, leaving room for ambiguity and uncertainty regarding their legitimacy. This lack of on-chain representation has been a growing concern, especially considering the substantial losses incurred due to vulnerabilities in smart contracts.
In the first half of 2023 alone, DeFi-related scams and hacks have cost users more than $650 million, highlighting the urgency of enhancing security measures surrounding smart contracts. Smart contracts play a pivotal role in dapp functionality but are also susceptible to exploits and vulnerabilities. While audits serve as a crucial component of maintaining their integrity, the Ethereum community acknowledges the necessity of introducing stronger on-chain audit visibility.
Richard Meissner, co-founder of Safe and one of the authors behind ERC-7512, emphasized the importance of creating a layer for verifying contract security. “While permissionless innovation allows anyone to build anything, for actual use cases to emerge, we need to create a layer that will enable us to verify the security of contracts that interact. This visibility is currently missing,” stated Meissner.
If adopted, ERC-7512 could bridge this verification gap, enabling developers to conduct more comprehensive audit checks and establish reputation systems centered around audits. Moreover, this proposed standard could simplify the process for users and dapps to verify audits performed by trusted auditors and create an on-chain reputation system for dapps.
Read More: Tether’s CTO Launches Moria Bitcoin Mining
While the proposal is promising, its acceptance and implementation by core Ethereum developers remain uncertain. It joins previous initiatives like ERC-7265, a “circuit breaker” proposal, which aims to insert protective measures into smart contracts to halt token transfers in the event of a hack, still in development. ERC-7512, however, represents a significant step forward in fortifying Ethereum’s ecosystem against vulnerabilities and improving the overall security of dapps.