Use Humans for Code Audits, Don’t Rely on Machines: Hartej Sawhney of Hosho
Are Ethereum fans too impatient about delayed upgrades to the protocol? Not really, says Hartej Sawhney, president of security auditing firm Hosho.io. The Ethereum codebase, plus the ICOs and smart contracts running on it, are incredibly complicated and need thorough examination… by humans. “In this space we’re talking about actual money–it’s ever more important to get not one, but maybe two, maybe three professional third parties to audit the code,” he told Bitsonline‘s George Levy at the North American Bitcoin Conference (TNABC) last week.
Subscribe to the Bitsonline YouTube channel for great videos featuring industry insiders & experts
How Many People in the World Can Audit Ethereum Code?
Levy asks Sawhney about Ethereum’s “Constantinople” upgrade, scheduled for mid-January 2019 but postponed at the last minute to February. “I’m glad they’re taking their time,” Sawhney says, stressing the importance of human audits over automated, while noting that there’s a very limited pool of talent available at present to do this.
“There’s a small subset of human beings on this earth that have the QA mindset, and have the incentive to really master Solidity and be in the blockchain ecosystem,” he says. Since there’s a very limited number of people available to audit Constantinople’s code, have reviews been thorough enough?
Only Humans Can Catch Some Bugs
Sawhney reiterates that its important to leverage both automated tooling and manual tooling techniques when examining the code. Human teams need to read through the whitepaper and “marry” it to the actual code, to make sure it’s doing what it’s supposed to.
In the interview above, he describes examples of errors in logic (which automated code-checkers would have missed) like the wrong number of tokens being created, or some participants being included. It’s like when your spellchecker says you’ve spelled a word correctly… but doesn’t notice you used the wrong word. That’s where humans are necessary.
For the record, Ethereum’s Constantinople upgrade was delayed after a report from third-party auditors ChainSecurity described a hypothetical “reentrancy attack”. This could exploit the lower data storage fees for some functions post-upgrade to drain smart contract wallets. ChainSecurity said more time was needed to examine complicated contracts for vulnerabilities. You can read the details of that report here.
How many human code audits are necessary before a major upgrade? Let’s hear your thoughts in the comments section.
Images and video via Bitsonline, George Levy