Top 10 Best DeFi Securities

Chainlink预言机 view 31881 2022-1-8 17:23
share to
Scan QR code with WeChat

Whether you are developing a DeFi protocol or other smart contract, there are several security considerations that should be taken into account before going online to the main blockchain network. While many groups don't pay attention to robustness issues when verifying numbers, many still need to do more to ensure that dApp security is sufficient to support the mainnet launch. Knowing about most DeFi security vulnerabilities can save you and your users billions of dollars and prevent future problems like oracle attacks, brute force attacks, and many other threats.

With that in mind, below we learn 10 DeFi security best practices to help protect your app from malicious attacks, avoid conversations with usage, and prevent and improve your behavior. Safe developer.

1,Understanding the reentry of attacks

One type of DeFi security attack is a reentry, a form of DAO dysfunction. This situation occurs when the contract uses an external contract before revising its state.

Quoted from Solidity Information:

“All interactions and ETH changes between one contract (A) and another (B) change control for contract (B). This will allow B to call A back before this intersection is complete. "

Let's look at an example.

// SPDX-License-Identifier: GPL-3.0pragma solidity> = 0.6.2 This contract contains bugs. Do not use promissory notes. The card (address => unit) shows /// remove stock. function cancel () public {(bool succeeded,) = msg.sender.call (""); if (success) share [msg.sender] = 0; }}

In this case, use msg.sender.call to call another account. What we need to keep in mind is that it could be another smart contract!

(bool success,) = msg.sender.call (""); You can recall the move by coding the external contract that was called before the return. This will allow the user to remove all funds from the contract before update events.

Contracts can include special tasks, such as accepting (receiving) and changing (changing) jobs. When you send ETH to another contract, it's called a receipt. When the receiving position returns to the old contract, it can withdraw more money before it has time to reset the balance.

Let's look at the type of contract.

// SPDX-License-Identifier: GPL-3.0pragma solidity> = 0.6.2 This contract is bad. }}

When this activity sends ETH to the flight contract, it invokes the receipt of a referral to the payment contract. At the moment, we haven't finished sharing [msg.

Our bots are tired. Please try later.

There are many ways to use mutexes to easily set up phone calls. Contracts or external functions can only be concluded after the State has changed them. A simple solution is to change the state before calling outside without knowing the contract.

// SPDX-License-Identifier: GPL-3.0pragma solidity> = 0.6.0 / @dev mapping of the ether part of the contract. The card (address => unit) shows /// remove stock. function cancel () public }

Send, call and deliver

For a long time, security experts have argued against using the above procedures. They suggest a non-transport function called this:

payable(msg.sender).transfer(stock[msg.sender]);

We are mentioning this because we may see conflicting information on the outside and their comments do not agree with us. You can hear the submissions. You can send ETH using any position, but there are a few differences.

Disposal: Must contain up to 2300 gases and may result in an incompleteness error.

Delivery: Requires max 2300 oil and incorrect tip return.

Request: Transfer all fuel to the next contract and return it incorrectly due to failure.

Convection and decontamination have long been considered "best" practices, as 2300 gases are actually sufficient to transmit conditions or other malfunctions. Try to do this to run out of gas.

However, this is only a current parameter, and oil prices will shift in the future due to constant changes in ecosystem processes. We have seen the EIP change the prices of oil for different commodities. This means that in the future there will be a time when the load may require less than 2300 fuels, or the event will cost more than 2300 fuels. This means that a receipt that submits an event now will not be processed in the future.

However, it is best to change state before calling on a contract from an external project. Another reduction would be to increase the number of key features such as ReentrancyGuard's non-reentrant modifier. Use this mutex to prevent resumption of contract exchanges. This essentially adds a "lock" so that anyone who requests a contract at the end of the contract cannot "re-enter" the contract.

Another version of back to school is back to school. Here is an example of stop rewinding, using a variable for readability.

mapping (address => unit) private userBalances; send function (address_recipient, uint _amount) function thimBalance () pej 

A task can be called before another task is completed. It should be a clear warning. You must update the status before sending ETH. Some rules add a mutex lock to the function so that other functions cannot be called unless they are returned.

Besides having poor reentry, many counterattacks can occur due to some EIP protocols such as ERC777. ERC-777 (EIP-777) is an Ethereum token model based on ERC-20 (EIP-20). It is backward compatible with ERC-20 and adds the ability for "agents" to send tokens on behalf of the token holder. The point is that when the send and receive process is exchanged, a "send / receive hook" can be added so that the token holder can do more work.

In the Uniswap imBTC hack incident, we can see that the fraud happened because Uniswap exchanged the ETH shipment before the balance was exchanged. The use of the Uniswap feature in this strike does not follow the "Check-Effect-Interact" model designed to prevent retaliation against smart contracts. According to this model, the token exchange must take place before the ETH exchange.

2,Using DEX or AMM holding value oracles can pay off.

This is not only a useful way to kill the process, but also an easy to prevent DeFi security shutdown location. If you are using getReserves () as a way to measure a value, this should be a warning sign. This type of trade in the midst of a price oracle attack usually happens using flash libraries when the user controls the order or price of the exchange (DEX) as the market is automated. Then, using the DEX price statement as a contract can make the difference in executing a smart contract in the form of a breach, overdraft, or causing unfair trade. Due to this inconsistency, even popular DEXs like Uniswap do not recommend using their pools purely as valuable Oracle technology.

An oracle can be an external entity that receives external data and sends it to a blockchain, or performs external calculations and sends the results to a smart contract. For Oracle protocols based on DEX or AMM, the data extracted from Oracle is a special value modified by the final commercialization of DEX, which may not be in sync with the general market value of the assets, eg. , fine if there isn't enough sex in the drain. This results in very high (large orders) or very low (large orders) prices relative to the average density of each exchange.

Flash loan worsens this problem as it allows any user to temporarily get large sums of money to do big business without interruption. Users often mock the flash library for the problem and call it "stop flash library". The bottom line, however, is that DEX itself is an unstable oracle price, because the cost of the material is relatively low, which can lead to price inconsistencies depending on the plant. These attacks are more commonly referred to as “Oracle manipulation attacks,” and many of these drawbacks exist in the DeFi ecosystem. All developers need to eliminate oracle effects from their smart contracts.

Looking at the recent strike, this strike cost us $ 30 million and reduced the cost of standard reward tokens.

I've tweaked this feature slightly to make it easier to understand, but in practice the effect is the same.

function valueOfAsset(Address Asset, Unit Amount) Rov qab pej xeem saib override (unit valueInBNB, unit valueInDAI) { (uint reserve0, uint reserve1, ) = IPancakePair(asset).getReserves(); valueInWETH = montant.mul(reserve0.mul(2).div(IprotocolPair(asset).totalSupply()); valueInDAI = valueInWETH.mul(priceOfETH()).div(1e18); }}

The contract contains an oracle configuration to obtain the value of DEX. In DEX, users can deposit a pair of tokens into a liquid contract (like pass A pass B), which allows users to exchange passports at a fixed exchange rate determined by each party's income. xam pool. Since most of the rules are forks of the Uniswap protocol, it is considered a secure process. However, the gift token was added above, so when users deposit money into a special pool, they can get a voucher for the income, and the receipts (LP tokens) are a percentage of the mining pool, including including income. cash extraction gifts. A hacker can control the supply of these freebies by borrowing money and depositing additional money into the pool. This allows you to trade prize tokens at the wrong exchange rate.

You can see that the first thing the opponent does in this job is to find the exchange of assets in the liquid pool based on the capital of the two assets in the water. The bottom line is called to lower one from the tank.

(unit reserve0, unit reserve1,) = IProtocolPair (asset) .getReserves ();

You can think of a liquid pool with 5 WETH and 10 DAI as 0 to 5 and save 1 to 10. WETH stands for the “encapsulated ETH” version, ERC20 of ETH. The exchange rate between ETH and WETH is 1: 1.

When a contract has reserves, an easy way to get the value of two assets is to divide the two securities to get the exchange rate. For example, if you have 5 WETH and 10 DAI in your pool, the exchange rate is 1 WETH for 2 DAI because 10 is divided by 5.

Decentralized exchanges allow you to trade assets with excellent instant liquidity, but position value oracles are not very good, especially since prices can be easily manipulated on flash loans and only with DEX. Treasure. When used to provide reward tokens, the completion of a smart contract might be wrong (tweaked slightly to make it more understandable).

Paiement externe // ProtocolMinterV2.sol 0x819eea71d3f93bb604816f1797d4828c90219b5dfunction mintReward (/ * attaquant * /, address as property / * LP token * /, UINT _withdrawal_function * / address * / * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * / * = _performanceFee.add (_withdrawalFee); _transferAsset (property) , value of value); // Convertir les jetons LP de VaultFlipToFlip en unité de protocole ETHAmount .is ( protocolETHAmount == 0) return IEIP20 (PROTOCOL_ETH) .safeTransfer (PROTOCOL_POOL, protocolETHAmount); IStakingOCewOOOO (PR) notifyRewardAmount (protocolETHAmount); (unit valueInETH,) = priceCalculator.valueOfAsset (PROTOCOL_ETH); // return valueETHA contribution inflated = valueInETH.mul (_performanceFee) .div (feeSum); uint mintRew; _mint (mintReward, for); // Annoncer les fournisseurs de services financiers et de cadeaux tu protestes}

In this example, the primary function for billing the user is _mint (mintReward, for); These lines. You can see that this function is based on the value that the user locks in the pool. So, if the immediate user has a large set of assets in the pool (due to loan resistance), the user can easily announce multiple rewards for themselves. token.

But it hasn't given them the benefits they want. Token Prices When the oracle machine is controlled, the number of tokens that can be received can increase dramatically. For example, the contract assumes that it will reward users with $ 5, but in reality it will offer a reward of $ 5,000. This is what happens with this particular drawback.

In this setup, users can create a simple loan, deposit a temporary deposit in the pool to activate, offer more freebies, and then enjoy the benefits of Paying back loans from other activity providers.

A common solution to avoid problems in the mortgage market is to adopt a Time Weighted Average Price (TWAP) in the DEX market (for example, the average price of assets in one hour). This will prevent Lightning Loan from skewing Oracle costs, but it is not a solution as Lightning Loans are only available in one sector / block and TWAP released its own sector because TWAP is the average of a few blocks. When the schedule does not change, TWAP predicts that the schedule will be inaccurate, which could lead to a decrease in risk factors such as defaulting on low interest loans over a period of time. In addition, TWAP oracles cannot provide sufficient market capacity because only one DEX can be tracked, which is convenient for commodity / volume trading in different exchanges resulting in value change by TWAP oracles.

Solution: Use the decentralized Oracle network

One of the best practices for DeFi security is not to use a central oracle (like a single exchange oracle) to determine exchange rates, but to use a decentralized network of oracles to find value. exchange rates that affect different markets. area of ​​use. DEX is decentralized on an exchange basis, but centralized on a cost basis.

Instead, it collects the prices of each exchange rate and distribution, measures them by volume, and removes the raw materials to provide a graph of the global asset exchange rate, to create a large business. It doesn't matter whether the flash loan uses the assets of a stock exchange, given the value of the asset which represents the overall volume-to-weight average of each company.

Also, since Lightning Libraries are only available in one mode (synchronous), it does not affect the free value that creates the Oracle update (asynchronous update) with a variety of costs from market in a particular sector. The decentralized architecture and wide commercial range of the Oracle Chainlink network protect the DeFi protocol of regulated companies funded by flash loans. That's why more and more DeFi projects have partnered with Chainlink Price Feed to protect valuable oracles. Sudden changes in the volume of transactions to ensure value.

Instead of using getReserves to calculate the cost, you can get the exchange rate from Chainlink Information Feed. This is an integrated Oracle network that provides a Volume Weighted Average Price (VWAP) that describes all CEXs and DEXs in the chain.

strength of pragma ^ 0.6.7; import "@ chainlink / contracts / src / v0.6 / interfaces / AggregatorV3Interface.sol"; contract PriceConsumerV3 / ** * Returns the real value. * / function getThePrice () public look back (int). return cost} nqi

The above rule is to access all content from the Chainlink price oracle. You can read the information and start using it in your application. If you're new to smart contracts or oracles, there are some beginner tips to help you get started and protect your contracts and users from lightning scavenging and oracle manipulation attacks.

If you want to learn more and try it out in action, you can play OpenZeppelin's DEX Ethernaut level, which shows how easy it is to control the value of DEX.

Three,Do not use Keccak256 or Blockhash for anything.

If you introduce a random number into your app using block.difficulty, block.timestamp, blockhash, or something block related, your number will be compromised. The inconsistency of smart contracts is beneficial for many applications, such as determining the winner of a prize without compromising or distributing less NFT to users. However, since the blockchain is a proxy and cannot provide tamper-proofing for a single number, trying to get a random number from a chain can still be problematic and lead to abuse. Random number vulnerabilities are not the same as oracle manipulation or reentry attacks, but their frequency in the Solidity book is shocking. A lot of content will teach blockchain developers how to get different numbers using the following numbers:

uint randomNumber = uint(keccak256(abi.encodePacked(nonce, msg.sender, block.difficulty, block.timestamp))) % totalSize;

The idea here is to create a "random" number by combining the nonce, the block difficulty and the execution time. However, this has negative implications.

In fact, you can use delete to "save" over and over again until you get the random number you want. It is very simple that anyone can do.

When using hash values ​​of items like block.difficity (or any other item in the string) based on different numbers, miners have a significant impact on the result. Similar to the "rollback" strategy, miners can use the ability to identify changes to rule out certain changes in the block if the outcome is not good for them. If this is the database of strings used for randomness, miners can choose to keep blocks with block hashes against them.

No randomization when using something like block.timestamp as timestamps can be predicted by anyone.

The use of a random number generator string thus allows users and / or minors to intercept and control “random” numbers. If you want to be honest, the randomness of this approach is only good for the bad guys. This problem is exacerbated because the higher the value of stability by random work, the higher the resistance.

Solution: Use Chainlink VRF based on a real random oracle

To prevent this from happening, developers need a way to establish true randomness and prevent interference from miners and reusers. What is needed is the off-chain randomness of oracle. However, many oracles that provide sources of chance have no way of proving that the numbers they provide are in fact generated randomly (manipulated chance is similar to chance, so it is indistinguishable). Developers should be able to get the randomness off-chain, while still having the ability to prove with precision and cryptography that the randomness is unrelated.

The Chainlink Verifiable Random Function (VRF) does just that. It uses the Oracle node to generate an off-chain random number and provides encrypted proof of the integrity of the phone. The VRF operator then analyzes the cryptographic evidence in the chain to ensure that the integrity of the VRF is deterministic and irreversible. The working position is as follows:

User requests a random number from the Chainlink node and assigns the seed result (user does not need to provide seed value if using the new VRF). This will send an event to the channel.

Off-chain Chainlink oracles read logs and use Real-Time Random Processing (VRF) to generate random numbers and cryptographic data based on node key hash, user genes and block data was unknown at the time. please. The second variable then returns a random number to the string and identifies the random number of strings through the VRF contract manager using the certificate.

How does Chainlink VRF fix the above issues?

The strike cannot be reversed.

Since this process requires two changes, the second change is where the random number is created and you cannot see the random number or remove the change.

Minors do not interfere.

Chainlink VRF does not have a random number check because it does not use miner controllable values ​​such as estimate values ​​such as block.difficulty or block.timestamp.

No user, oracle node or dApp developer can control the random rate provided by Chainlink VRF, which makes it very secure on the network connection which can be used in the smart contract.

You can start using Chainlink VRF in numbers as needed for data, or you can follow our instructions to get started with Chainlink VRF with Video Tutorial.

4,Avoid failure

This is an extension of the collaboration, but the security contract takes all DeFi security considerations into account during the design. To write Real Solidity code, you need to know how it works under the hood. Otherwise, you will be affected by:

overflow / overflow

In Solidity, uint256 and int256 are "wrapped". That is, uint256 has the largest number it can represent, and add 1 to it to give it the smallest number it can represent. You really have to watch this. The front strength 0.8 is used for something like security.

In Solidity 0.8.x, math values ​​are checked by default. This means that it will throw an exception when x y overflows. So check which version you are using!

oil cycle limit

When writing dynamically sized loops, pay close attention to the size of the loop. The cycle may be simpler than blocking the maximum oil limit, rendering the contract unusable on return.

Do not use tx.origin

tx.origin should not be used to authorize smart contracts as it can cause phishing attacks.

Proxy store conflict

For operations that have received standard agent accreditation, the completed contract can be changed by changing the address in the agent contract.

In most cases, the contract name contains an exception that keeps the address in the contract. If the benchmark for this difference is corrected and there is another difference with the same flag / offset in the contract's benchmark, an argument will occur.

solidité du pragma 0,8,1 ; engagement use npe nom du contrat pej adresse publique otherContractAddress; Constructeur (Address _otherContract) fonction setOtherAddress (adresse _otherContract) public default }}

To crash the storage, Remix can perform the following steps:

Use the contract.

Provide the license agreement and use the shipping address of the agreement as designed.

Comply with the contract used by the contract agent's distributor.

Call the myAddress () function. Returns a non-zero address that is the distribution address stored in anotherContractAddress change of the contract name.

So what happened in step 4 above?

First, a valid contract is sent and the address contract is created.

The contract delivery address used is used when submitting the contract, the contract creator is named and another ContractAddress is also provided to the contract use address.

In step 3, the contract works with the name of the repository. In other words, the contract usage difference can read the multiple hash collision values ​​in the export contract.

十大DeFi安全最佳实践

myAddress can read other applications by default.

4. The return value of myAddress () works only as the modified myAddress value in the contract, which can interact with another different ContractAddress in the export and receive contract. The cost of the other ContractAddress varies.

To avoid inconsistencies between repositories, developers are encouraged to use unsecured personnel by selecting pseudo-random locations for the exchange.

One practice is to adopt a trustworthy organization for your project. The most popular are the Universal Upgradable Proxy Standard (UUPS) and the transparent name format. Both contract and contract usage have a special storage offset to avoid using the same storage location.

Here is an example of using arbitrary storage in transparent proxy mode.

bytes32 own constant source function = bytes32 (uint256 (keccak256 (eip1967.proxy.implementation)) - 1));

The accuracy of the token transfer calculation

In general, for regular ERC20 tokens, the number of tokens received should equal the number of the old dial, for example, operations below retrieveTokens ().

function retrieveTokens (sender's address, money uint256) public 

However, if the tokens are deflationary, i.e. there is a value for each exchange, the number of tokens received will be less than the number of requested tokens to convert.

In the exchange below, give the Tokens (sender's address, value uint256), the refund of the balance before and after the exchange. Even though the token is converted, it can count the number of tokens sent to the address (in this case).

retrieveTokens function (sender's address, account uint256) public 

Delete the correct information

There are many situations where you need to remove unwanted items or benefits from the contract. Tasks like Java have garbage collection system which can safely solve this problem. However, Solidity wants manufacturers to get rid of the "trash". Hence, illegal disposal can create security concerns for smart contracts.

For example, if you use delete to delete the contents of an array, for example, delete array [member] still exists, but revert to the default type array [the member]. Developers should always ignore this concept or redesign the array and reduce its length. For example:

array [member] = array [array.length - 1]; array.pop ()

These are some of the drawbacks that need to be addressed, but a thorough understanding of Solidity will help you avoid these “problems”. You can read an article reviewing Sigma Prime expert on the negative effects of Solidity.

https://blog.sigmaprime.io/solidity-security.html

5,Visibility and functionality restrictions

There are four main types of functions found in the development of Solidity terms:

private: These features are only visible on the current contract.

Internal: The responsibilities are in the current contract and the contract can be obtained.

External: these features are only visible on external calls.

public: This function is visible for internal and external calls.

Feature visibility refers to one of four types of visibility used to restrict access to specific groups of users. Regarding restrictions, it refers to a customs section specifically written for access restrictions.

By combining visual and restrictive features, you can define access to unique features. For example, in the _mint () function used by ERC20:

function _mint (account address, value uint256) virtual internal 

The visibility of the _mint () function is set inside to effectively prevent it from being called from outside. You can use the following instructions to configure access to the mint function.

mint function (account address, uint256 value) public onlyOwner 

The mint () function only allows the owner to exit the contract, and the statement () prevents the owner from announcing multiple tokens.

Proper use of visibility and limitations makes it easier to maintain engagement. In other words, in the absence of these parameters, the attacker could call on the management to set up plan control operations, on the other hand, too many restrictions could result. still questions for the community.

6,Perform an external check before sending it to the main network

Consider checking the numbers as a safety check for your friends. The inspector examines all code baselines per line and uses the proof method to identify smart contract instability. Sending numbers without inspection or replacement and redistributing numbers after inspection is a threat that expands the contract in the event of a potential malfunction.

There are several ways to make sure that your assessment policies are as comprehensive as possible.

Record everything to make it easier to keep track of what happened.

Please keep our communications open if you have any questions.

Add comments to your code to make it easy for you and your team.

But don't rely on inspectors to identify problems. First you need to have a mental health model. Because even if your rights are stolen one day, you will always be a top team. Security audits do not solve all problems, but provide additional diagnostics that can help find invisible vulnerabilities.

Tincho has a great tweet on how best to work with research experts.

If you would like to seek specialist advice, please contact our experts.

sept,Experimentation and use of static analysis tools

You need to test your application. People are good, but they can't set the rules that good equipment can provide. Chainlink's Starter Kit Warehouse offers a wide range of test kits as a starting point. Principles like Aave and Synthetix also have good tests, and it's a good idea to look at the rules to understand best practices in experimentation (with more practice). .

Static testing tools can help find the error early. It is designed to fulfill contracts and uncover bad ones. One of the most original screen monitors is Slither. CertiK is currently developing the next generation of static inspection, diagnostic and validation tools with a wealth of experience in testing smart, valid and maintained contracts.

8,Thinking about security is hard work.

There is no doubt that efforts should be made to establish a secure and reliable smart contract before shipments, but the point is that the rapid development of blockchain and DeFi protocol and the continued development of new attacks cannot be stopped. here. Instead, you should be receiving and tracking updates and alerts. Where possible, identify future features of smart contracts to acquire and benefit from the rapid development of security skills.

At the same time, additional information will be provided. CertiK Skynet is a 24/7 security intelligence engine that provides a variety of different, transparent and real-time security oversight for smart contract delivery. It includes community thinking, governance, business sustainability, security measures, and more, and provides insight into the security of blockchain consumers, communities, and merchant tokens. The CertiK Safety Ranking provides transparency and insight into safety, easy access, new employment opportunities, and community accountability that rewards improvement.

9,Develop a disaster recovery plan

It's a good idea to have a bailout in case you've been robbed by consent. Some popular procedures are:

buy insurance

Addition of the emergency "pause" function

I have a review plan in place

Insurance contracts have become popular and it is one of the best ways to recover from a loss. They add some financial security without affecting distribution. Even if you have other disaster plans, you must purchase insurance. One solution is CertiK's ShentuShield, an insurance product that promotes fairness and transparency.

Establishing a “break” in an emergency is an idea that has its advantages and disadvantages. If there is any negative, this function will eliminate any interference with the smart contract. When configuring this feature, you need to make sure that the user knows who can work best. If only one user is allowed, it is not a distributed protocol and the user knows the search rules. In practice, be careful with your implementation, as you might end up with a compromise in the middle of a decentralized platform.

Editing the plan has the same problem. Smartly switching to an error-free contract can be a good thing, but you need to modify your contract carefully to avoid sacrificing decentralization. Some security companies agree to oppose the use of smart contract changes. You can read more about smart contracts in the "Smart Contract Upgrade Status" talk or in Patrick Collins' YouTube video on this topic.

If you are looking for insurance advice, you can join Chainlink Discord.

dix,Avoid business immediately

In blockchain, all changes are visible in mempool. This means that everyone has the opportunity to see your business and the business can be completed before the business can profit from it.

For example, suppose you are using DEX to trade 5 ETH for DAI at the current market price. By sending an exchange to mempool for the job, the trader can pre-order the exchange and buy more ETH to increase the price. They can then sell the purchase of ETH at a higher price and benefit from your debt. In today's blockchain world, fast bots are becoming more and more popular among the same users. Times of the financial world have always existed when traders seek to do the same, including commodities, commodities, commodities and other financial instruments and only them tools.

As another example, the features listed below have a high risk of being preempted. At first, this function is only called once. If a modification called function start-up () is handled by an attacker in mempool, the attacker can print the exchange with a custom set of tokens. , distributor and factory settings and finally manage all contracts. The start () function can only be called once, so the contract owner has no way to prevent or mitigate this attack.

Initialization function (IERC20 _token, IDistributor _distributor, IFactory _factory) public initialization 

This often applies to the Extractable Value of Miners (MEV). MEV refers to a series of changes so that the miner or robot can benefit from the command in one way or another. Just as miners pay more for fuel to get their trades ahead of you, miners can directly rearrange their trades to put trades ahead of you. Across the blockchain ecosystem, MEV steals millions of dollars from ordinary users every day.

Fortunately, a group of global smart contract and crypto scientists, including Ari Juels Research Director at Chainlink Labs, have been working hard to fix this problem, and they The solution is called "Fair Sorting Service" (FSS).

Améliorer la solution : Chainlink Fair Sequencing Service (FSS)

The Chainlink 2.0 white paper describes the main features of integrated services, security services provided by Chainlink DON (Decentralized Oracle Network). Select dApps (as they first appeared in mempool). FSS aims to reduce the impact of pre- and post-MEV transactions and lower exchange rates for users across the blockchain ecosystem. You can learn more about FSS in this tutorial and talk about it in Chapter 5 of the free Chainlink 2.0 document.

In addition to FSS, one of the best ways to reduce congestion issues is to minimize the importance of decision making, limiting the role of exchange rates and VPDs in the process.

Content and next steps

There are many important aspects of DeFi security that need to be considered when securing security contracts. We have seen numerous vulnerabilities and attacks that have cost users billions of dollars. Knowing the tips above will help you avoid this inconvenience when creating smart contracts. However, not all names of all special names are bad. We will continue to see difficult new developments in the real estate market surrounding the medium to long term financial markets for the unprofitable financial benefits of mortgages. . The DeFi community must work together to identify and mitigate risks in ecosystems.

btcfans公众号

Scan QR code with WeChat

Link
Disclaimer:

Previous: UK to tighten cryptocurrency regulations in 2022 Next: Baidu explores the meta-world in many places

Related