Blockchain consists of various technical elements, and security standpoints differ for each element.
- Smart Contracts
- Blockchain Platform Connection
- DApps and Proprietary Apps
- Blockchain Platform Settings (Consortium-type)
In the Blockchain Assessment, multiple security assessments are performed, including evaluations and recommendations, for each element.
Security for Smart Contracts
Smart contracts is common technology in the blockchain system. It also means smart contracts are always facing danger from attackers. If vulnerabilities exist in a smart contract, it would cause a risk of illegal manipulation of transactions. In addition, smart contracts cannot be modified once they are released to blockchain. It is critical to develop smart contract securely before the releasing it to blockchain platform.
Security practices for smart contracts differ from the secure coding practices applied to conventional web and smartphone apps. Our Blockchain Assessment is based on our proprietary security criteria to check if smart contracts have vulnerabilities inside.
Smart Contract Assessments
This service combines static (main) and dynamic (secondary) analyses of smart contract source code. We use static analyses as triggers to detect issues and perform checks via dynamic analyses on our private net for a high-accuracy assessment. Expert blockchain and smart contract pentesters with GSSP certification, a qualification certifying GIAC-certified secure software programmers, are engaged in this service.
Proprietary Security Criteria
Smart contract assessment is performed based on our own security criteria. This criteria was created by integrating smart contract security practices all over the world. This criteria enables this service to reveal unique vulnerabilities which is inherent in smart contract technology. In addition, this service detect general security flaws as well, such as a buffer overflow.
Clients can use the NRI Secure Bockchain Assessment Service accross multiple different blockchain platforms and programming languages including:
- Hyperledger Fabric