Tokyo-based NRI SecureTechnologies has launched a new tool to detect security problems in blockchain-powered applications.
The new tool, dubbed the Blockchain Security Monitoring Service, is designed to detect and report security vulnerabilities in information systems and services that use blockchain technology. The first use will be as a monitoring service for smart contracts on Ethereum.
Blockchain Security Monitoring Tool
The blockchain security monitoring tool is implemented by introducing multiple scan tools in the security log monitoring service NeoSOC, which monitors the behavior of targeted smart contracts and notifies the company using the service when new vulnerabilities are detected. The company receiving such a notification can avoid an attack by stopping the use of the corresponding programs and system processes.
One of the introduced tools is Mythril, a smart contract security diagnosis and analysis tool that is offered by blockchain security company ConsenSys Diligence. Mythril can automatically diagnose the behavior of a smart contract and discover hidden vulnerabilities.
NRI Secure has become the first development partner of ConsenSys in Japan. In the future, the company plans to work with ConsenSys and other finance technology companies within Japan and elsewhere to widen the range of application of the Blockchain Security Monitoring Tool and to make contributions in the area of security in the development of blockchain technology and for the businesses that use it.
Smart Contract Vulnerabilities
A smart contract is a mechanism by which a certain contract is automatically executed by a program when a transaction request is generated that matches previously set conditions. Applications are being explored in various fields, such as for securities settlements, real estate transactions, and sharing economies.
With the increase in illegal invasions into virtual currency exchanges and cyber-attacks that exploit blockchain vulnerabilities, cases of attacks that target smart contracts have been reported. Therefore, it is necessary for the developers of smart contracts and companies to always be aware of information about security vulnerabilities and check whether a developed program could be the target of an attack.