Fantom, a layer-1 blockchain platform, wants to improve the security of its businesses and has an innovative way to do this. Today, it announced the deployment and analysis of Watchdog, a smart-contract security analyzer that will automatically inspect decentralised apps (dApps), launched on Fantom Mainnet to find vulnerabilities.
Audits are necessary, but the associated costs can be expensive. Companies that provide smart contract audit services can charge thousands. Fees can rise up to $500K depending upon the complexity and size of the code. A growing number of projects are now faced with the decision whether to invest in smart contract audits or other financial options.
This is what Watchdog aims to target. The tool monitors the blockchain’s smart contracts and provides continuous monitoring. Watchdog, which has been deploying Ethereum since its inception, has made nine public disclosures.
Fantom’s announcement of the Watchdog partnership was an interesting development that caught my attention. To get Fantom CEO Michael Kong’s thoughts on some of my questions, I also interviewed him on the CoinJournal Podcast.
CJ: It is vital that cryptocurrency be audited and transparent in order to maintain its position on the financial market.
Michael Kong: Smart contract security should be a top priority for every developer. Both should be considered mission-critical software. Bugs and errors are unacceptable. Smart contracts can store millions or even billions of dollars of crypto. A single error could result in funds being stolen or lost. According to ImmuneFi (a smart contract auditing company), exploits in Decentralized Financing (DeFi) applications exceeded $1.8 Billion between January and July 2022. These securities issues must be resolved before cryptocurrencies can become mainstream. There are many new developments that will reduce the number exploits.
CJ Do You think that auditing can be so costly because of the technical knowledge required?
MK: Yes. Smart contract security is a complex field. As such, there is not enough people who have the technical knowledge necessary to review smart contracts properly. However, the number and complexity of smart contracts that need to be reviewed is increasing. Audits can take weeks, or even longer, to complete and they are expensive.
Was this decision to deploy Watchdog driven by Fantom users or by management?
MK: Both. There has been a great demand for tools that increase smart contract security. However, the foundation recognizes the importance of these tools as we have a history in the development of tools to analyze smart contracts. Watchdog automatically reviews smart contract contracts. This can reduce the likelihood of exploits and also save time and money when analyzing each contract. Watchdog is therefore an additional layer of security for the Fantom platform.
CJ: Watchdog is monitoring all contracts of total value locked (TVL), $10 million or more. Will there still be vulnerabilities for smaller contracts? Would it be worthwhile for a bad actor to pursue this?
MKIt’s impossible to prove that smart contracts will not exploit any vulnerabilities. Watchdog will be an important part of contract monitoring for potential exploits. We encourage all projects to contact the Foundation if they wish to use Watchdog. This includes contracts that do not necessarily have a TVL below $10 million. The Foundation has primarily focused on projects with high TVLs, since these contracts have the most to lose.
CJ: Many people paint crypto as a wild-west business with little transparency. Are you sure that these people are correct? Or is the industry moving in the right direction with innovative solutions such as this to reduce security risks such hacks?
MK One of the benefits of public blockchains, they provide a complete audit trail starting with the initial transaction and ending with the most recent. Developers can easily verify the source code of any deployed smart contract. This makes it transparent and available for everyone to see. There are still many smart contracts that are exploited. This could be because people fail to do their due diligence or because the exploit is complex and subtle but devastating. Watchdog is a tool that developers can use to help them create smart contracts.
What advice would you give to crypto users considering Fantom?
MK Building on Fantom can be very similar to Ethereum. However, transactions are much quicker and cheaper. While a smart contract transaction on Ethereum may cost $50, it could cost $0.50 on Fantom. Fantom’s unique consensus protocol allows transactions to be confirmed simultaneously (i.e. multiple transactions are confirmed simultaneously), and only one block confirmation is necessary for finality. Please go to docs.fantom.foundation to get started.