None of us needs a reminder of how important security is in crypto. Both on the things we can control like the type of wallet we use and things we can’t control like smart contract vulnerabilities. Quantstamp, a global leader in blockchain security, is pleased to announce the launch of its new service called Economic Exploit Analysis. This first-of-its-kind offering allows Quantstamp to uncover flash loan attack vectors in smart contracts through automated tooling before protocols get hacked.
Introducing Economic Exploit Analysis
The Economic Exploit Analysis service started with research from the University of Toronto that Quantstamp advanced and turned into a production-level tool.
In the first half of 2023 alone, an estimated $207M was stolen through flash loan attacks.
Let’s refresh on what flash loans are. A flash loan is an uncollateralized loan done through a smart contract that can be taken out for as short as a single transaction. In these attacks, hackers leverage flash loans to borrow substantial funds and manipulate DeFi protocols. Hackers can introduce new uncertainty into the protocol that the developers may not have thought through before. Or protected against. Flash loan attacks can drain the entire TVL (total value locked) of a DeFi protocol. The complicated nature of these attacks combined with DeFi’s composability means these attack vectors often evade conventional audits.
Public-Private Collaboration to Bring EEA to the Market
Seeing the dire need to prevent these attacks, Quantstamp collaborated with researchers from the University of Toronto. The University already does advanced tech research. Together, the collaboration advances their research into an automated tool ready for the market. With the tool now fully developed, Quantstamp is unveiling a new service for DeFi clients called Economic Exploit Analysis. Here the Quantstamp team uses the tool to detect flash loan attack vulnerabilities in a client’s code. It will be available for both deployed and undeployed protocols. This innovative service will vastly benefit the entire DeFi ecosystem by reducing the number of flash loan attacks and the amount of funds lost to those hacks.
Quantstamp believes that the Economic Exploit Analysis service will have a lasting impact on the DeFi ecosystem. Quantstamp’s core business offering is smart contract audits. This plus Economic Exploit Analysis will foster a safer and more secure environment for both DeFi companies and their users. And we know we need this safety to move the industry further toward mainstream adoption.
“DeFi has the potential to change the global financial infrastructure for the better, but its success requires preempting threats like flash loan attacks. We developed this tool to provide DeFi protocols an extra layer of security on top of audits,” said Martin Derka, Head of New Initiatives at Quantstamp. “As DeFi evolves, security measures need to evolve with it. Services like Economic Exploit Analysis give us an edge against hackers.”
EEA Makes Audits More Effective And Practical
While this is an automated tool for search, projects will need some manual guidance and protocol-specific adaptations. In addition to checking clients’ contracts, auditors also incorporate contracts from the integrated and other relevant DeFi protocols, which enhances Quantstamp’s ability to discover flash loan attack vectors that involve multiple protocols.
While the search tool is non-exhaustive, meaning that attacks may still exist even if the automated tool doesn’t detect them, its practical success rate is remarkably high. Currently available across all EVM-compatible chains, the Economic Exploit Analysis service will adapt the tool to other blockchains and VMs (virtual machines) suffering from similar attack vectors.
Conclusion
Quantstamp also offers security services including smart contract audits, ZK rollup audits, and more. Quantstamp is blockchain-agnostic, conducting audits for several other blockchains beyond Ethereum including Solana, Flow, Cardano, Avalanche, Binance Smart Chain, Near, Hedera Hashgraph, Tezos, Aptos, and Sui.
To learn more about Quantstamp’s Economic Exploit Analysis service, visit quantstamp.com/economic-
⬆️ For more cryptocurrency news, check out the Altcoin Buzz YouTube channel.
⬆️ Our popular Altcoin Buzz Access group generates tons of alpha for our subscribers. And for a limited time, it’s Free. Click the link and join the conversation today.
Disclaimer
The information discussed by Altcoin Buzz is not financial advice. This is for educational, entertainment, and informational purposes only. Any information or strategies are thoughts and opinions relevant to the accepted levels of risk tolerance of the writer/reviewers. And their risk tolerance may be different than yours. We are not responsible for any losses that you may incur as a result of any investments directly or indirectly related to the information provided. Bitcoin and other cryptocurrencies are high-risk investments so please do your due diligence.
Copyright Altcoin Buzz Pte Ltd.
