Zilliqa, the high-throughput blockchain platform, announced today it has partnered with ChainSecurity, a blockchain security provider, to develop a host of security tools and resources for the Zilliqa ecosystem.
With the project’s existing emphasis on smart contract safety, evidenced by its secure-by-design smart contract language, Scilla, the collaboration looks to address the need for greater security standards and infrastructures in the blockchain industry.
ChainSecurity will be developing an extensible static analysis framework, allowing developers to identify security and correctness issues by automatically analyzing the source code of their programs.
The framework will support control-flow, data-flow, and information-flow analyses, which are important prerequisites to verifying non-trivial security properties.
ChainSecurity is a spin-off from the ICE Centre, a leading R&D lab focused on blockchain security at top-ranking European university ETH Zurich. Helmed by a team of seasoned security researchers, ChainSecurity has become a trusted partner of over 75 clients in the blockchain industry.
Additionally, ChainSecurity’s introduction of a security scanner will enable developers to also identify generic security vulnerabilities as well as design issues arising from poor coding practices.
Having conducted professional security audits of Scilla smart contracts, ChainSecurity will be able to leverage its deep understanding of the language’s semantics in order to identify relevant security properties.
The security scanner will be extensible, allowing the Zilliqa community to easily add more relevant security checks and vulnerability patterns over time in order to establish best practices for smart contract development.
“The collaboration between the ChainSecurity and Zilliqa teams dates back to 2017 when we first conducted a security audit of the Zilliqa token. We look forward to further collaborating with the Zilliqa team and bringing our knowledge in building advanced security tools to the Zilliqa ecosystem.
– Dr. Petar Tsankov, Chief Scientist and Co-Founder of ChainSecurity
Developed by leading programming language researchers and designers in accordance to functional programming language principles, Scilla is amenable to formal verification, allowing developers to leverage mathematical proofs to ensure that their contracts are verifiably correct at the language level.
Scilla addresses certain classes of vulnerabilities such as re-entry attacks and changes to critical state variables, which are present in today’s smart contract languages. Most recently, Scilla was peer-reviewed at OOPSLA 2019, a global academic conference on programming languages and software engineering.
“From Scilla to our mainnet and smart contracts launch, security has underscored all areas of technical development at Zilliqa. For the past two years, ChainSecurity has played a key role in bolstering our network. As we continue to grow, these tools will help us proactively address any potential vulnerabilities along the way. Moving towards developing enterprise-grade solutions, we believe such collaborations will provide support to our growing community and enterprise partners whilst establishing a higher benchmark of security standards across the industry.”
– Amrit Kumar, President and Chief Scientific Officer of Zilliqa
This project marks the first step in the strategic collaboration between ChainSecurity and Zilliqa. Funded by Zilliqa’s Ecosystem Grant Programme. The two teams have already outlined follow-up collaborations which will target the development of additional security tools for the Zilliqa ecosystem.