EEA Releases Version 2 of the EthTrust Security Levels Specification

The standard represents a major step forward in ensuring security within the Ethereum ecosystem.

Wakefield, MA — December 18, 2023 of Enterprise Ethereum Alliance (EEA) today, EthTrust Security Level Specification Version 2.0.

The specification was written by security experts from more than a dozen companies, including big names in Ethereum security such as Diligence, OpenZeppelin, Hacken, and CertiK, as well as leading companies such as Banco Santander, Microsoft, and EY. Notably, professional security companies, their typical customers, and independent experts are all working together to strengthen security measures.

Chaals Nevile, Director of Technology Programs for the EEA, said: “EthTrust represents a pivotal advancement in ensuring security within the Ethereum ecosystem. It serves as a comprehensive ‘quality check’ for Ethereum and sets a benchmark for security standards. ”

A robust framework for smart contract security

EthTrust’s main feature is to provide a robust framework for reviewing smart contract code written in Solidity, the mainstream language for Ethereum-based blockchains. This framework is designed to identify and fix known security vulnerabilities, providing a high level of assurance in the safety and security of your code.

The main beneficiaries of the new specifications are:

  1. Developer: EthTrust reduces the workload of security reviewers by addressing fundamental issues. This reduces costs and focuses on finding complex and new vulnerabilities.
  2. customer: This provides customers with confidence that security reviews meet basic quality standards.
  3. Reviewer: Reviewers benefit from a comprehensive and up-to-date checklist of known issues. This streamlines your day-to-day work and allows you to focus on the more complex and creative analytical aspects of your role.

significant improvement

This collaboration involved 1.5 years of knowledge sharing and systematic revision within the EEA. EthTrust Working Group. This approach has led to significant improvements over the original version released last year and demonstrates the EEA’s ability for effective ongoing maintenance and updates.

Improvements include:

  • More explicit handling of read-only reentrancy
  • Several new bugs have been discovered in the Solidity compiler
  • Explicit handling of rounding errors
  • It simplifies testing requirements and streamlines the process for most developers without compromising their ability to cover unusual code.similarly
  • We focus on updating specifications to include newly discovered vulnerabilities and adjusting them to reflect changing attack trends.

The new standard provides reliable, industry-backed guidance for the broader Ethereum/EVM-based blockchain ecosystem. The new standard is available free of charge online from the EEA. EEA EthTrust Security Level Specification.

contact address

For more information about the standards, please contact us below. charles nevilleEEA Technical Program Director, [email protected].

General EEA media inquiries: tom lyonsDirector of EEA Communications and Content; [email protected].

About EEA

The EEA is a member-driven industry association whose purpose is to advance the use of Enterprise Ethereum and Mainnet Ethereum blockchain technology as an open standard to empower all businesses. For more information,

Related Article


Leave a Comment