Due to the so-called batchOverflow and proxyOverflow bugs in at least a dozen poorly-implemented ERC20 tokens, several exchanges temporarily paused the trading of all ERC20 projects this week as they worked to understand the scope and isolation of the bugs. Now, per due diligence, powerhouse crypto exchange Binance has had all its listed ERC20 tokens checked for the bugs by smart contract auditing play Quantstamp, a move that suggests the future of best practices in the industry.
As word initially broke about the bugs, crypto exchanges like Poloniex temporarily paused ERC20 trading on their platforms. The measure was a wise one as the breadth of the bugs were still not understood. Hours later, after the unnecessary flaws were isolated to a dozen or so projects, things went back to normal in the space.
Deposits and withdrawals for ERC-20 tokens have now been re-enabled.
— Poloniex Exchange (@Poloniex) April 25, 2018
Upstart heavyweight exchange Binance decided to go the extra mile for the sake of resoluteness, however, in contracting smart contract auditing play Quantstamp to vet all of their listed ERC20 projects for the vulnerabilities.
#Binance has verified all listed ERC20 tokens are not affected by the Batch or Proxy Overflow Bugs. Thank you @Quantstamp for your assistance in keeping Binance the most secure exchange by efficiently auditing all ERC20 tokens listed.
Read more on Medium: https://t.co/ikfuwYWtI8
— Binance (@binance) April 30, 2018
Binance tweeted to a Medium post from Quantstamp’s Head of Security Jonathan Haas, where Haas declared:
“Quantstamp’s automatic and manual audits allowed us to swiftly audit and secure all presently-listed ERC20 tokens on Binance. We have determined that they are unaffected by the recently-identified vulnerabilities.”
Auditing … It’s Going to Be Big
If Nick Szabo’s research tells us anything, it’s that one of the biggest promises of the cryptocurrency space is its ability to give life to smart contract facilitation.
Legal agreements, real estate deals, deeds, titles … you name it, smart contracts can streamline it. And there’s no shortage of projects that have cropped up to facilitate these contracts, like Ethereum, Cardano, NEO, EOS, RSK, and others.
But what there is a shortage of in the cryptoverse is auditing plays and an auditing culture, though look for that to change quickly in the months ahead as smart contracts are increasingly probed by attackers and as these contracts facilitate more and more value in real-world commerce.
Quantstamp is one of the firsts. And there are others. And more will come. It doesn’t matter who wins the auditing rat race in the cryptoverse, or if several projects “win” together – it only matters that some teams are successful in helping the space defend against needless exploits and if such defenses lead to best practices.
What’s your take? Do you think this is the first of many audits to come for Binance? Sound off in the comments below.
Images via ByteLab, e27