Parity Technology: previous bugs have become a catalyst for a more secure development of Ethereum.
The developers of Parity Technology announced the complete reorganization of the Process of creating Ethereum smart contracts and creating the most secure development environment. As hopes the company, she learned the appropriate lesson from the past mistakes and will be able to offer new and innovative methods of development.
As stated in the blog Parity Technology, the problems that users experience due to various bugs — an experience that no one wants. That is why the company strives to ensure that all previous errors and bugs have become a catalyst for a more secure development of Ethereum.
Soon, the startup promises to publish its procedures for creating smart contracts and guidelines for their maintenance, but now it is ready to share new standards for analyzing requests for inclusion of code and tools that are used to improve security.
Thus, within the framework of the security initiative, Parity Technology created the position of head of the security service, which was occupied by Kirill Pimenov. In the past, SUSE Linux employee, he, as stressed in the company, has not only an excellent understanding of the code base, but also the need to comply with the highest security standards on all fronts. In Parity Kirill Pimenov will, among other things, oversee audit issues, bounty programs for detected bugs and improve the processes of safe development.
"In most cases, web developers say,' in the worst-case scenario, we will release a patch.' But this is not the case that applies to the development of smart contracts. There is a need for an approach comparable to what we see in the aerospace industry, where any shortcomings should be eliminated,"-said Kirill Pimenov.
Regarding the immediate process of securing smart contracts, Parity Technology has developed a 20-point evaluation system designed to provide a single set of development standards and the necessary documentation. The public release of the cheque will take place shortly.
In addition, at least two peer reviews will now be required to ensure proper analysis of code inclusion requests.
Meanwhile, at the final stage, it finds the security audit process conducted by Trail of Bits, a partnership with which was announced in February this year. To date, Trail of Bits has already provided developers with Slither – a tool that combines a set of proprietary static analysis of the language of Solidity to determine the most common errors.
Slither, as the company notes, is a closed – source software product, but the rest of the tools used-solid, Truffle, Coveralls, Travis and Echidn-are built entirely on the sensor and, as such, according to Parity Technology, serve as a solid Foundation for the safe development of smart contracts.
Additionally, the company States a 100 percent coverage policy, which assumes that each line of the smart contract is executed by the testing tool at least once (in practice, this occurs several times), and a policy of 100 percent external review before launching smart contracts into the main network.
Recall that in November 2017, after the" accidental " deletion of the code in the smart wallet contract with a multi-signature from the Parity Technologies, the funds attracted during the ICO by several blockchain startups, including the GEO project of Gavin wood Polkadot, were frozen.
In April, the developers of Parity Technologies announced that they do not plan to make changes to their client's code, which would open the possibility of unfreezing funds, but could lead to the separation of the Ethereum blockchain.
