- Web3 Security Firm Quantstamp Launches Novel Economic Vulnerability Scanning Service to Combat Flash Loan Attacks
SAN FRANCISCO, Aug. 23, 2023/PRNewswire/ -- Quantstamp, a global leader in blockchain security, is pleased to announce the launch of its new service called Economic Exploitation Analysis. This exclusive and one-of-a-kind offering allows Quantstamp to discover flash lending attack vectors in smart contracts through automated tools before the protocols are hacked. The Economic Holdings Analysis service is based on research from the University of Toronto that Quantstamp advanced and turned into a production-level tool.
In the first half of 2023 alone, an estimated $207 million was stolen through quick loan attacks. A quick loan is an unsecured loan granted through a smart contract that can be obtained with just a single transaction. In these attacks, hackers take advantage of quick loans to borrow substantial funds and manipulate DeFi protocols into unexpected states that developers may not have anticipated. Flash lending attacks can exhaust the entire TVL (total value locked) of a DeFi protocol, and their complicated nature combined with DeFi's composability means that these attack vectors often evade conventional audits.
Given the dire need to prevent these attacks, Quantstamp collaborated with researchers at the University of Toronto to further their research on a production-level automated tool. With the tool now fully developed, Quantstamp is introducing a new service for DeFi clients called Economic Exploitation Analysis, where the Quantstamp team uses the tool to detect flash loan attack vulnerabilities in a client's code. Available for both deployed and unimplemented protocols, this innovative service will greatly benefit the entire DeFi ecosystem by reducing the number of flash lending attacks and the amount of funds lost from those attacks.
Quantstamp believes that the Economic Holdings Analysis service will have a lasting impact on the DeFi ecosystem. Alongside Quantstamp's core business offering, smart contract audits, services like Economic Holdings Analysis will foster a more secure environment for both DeFi companies and their users, further driving the industry towards mainstream adoption.
"DeFi has the potential to improve the global financial infrastructure, but its success requires staying ahead of threats such as flash loan attacks. We developed this tool to provide DeFi protocols with an additional layer of security on top of audits," said Martin Derka, Director of New Initiatives at Quantstamp. "As DeFi evolves, security measures must evolve with it. Services like Economic Exploitation Analysis give us an edge against hackers."
Although the tool search process is automated, some manual guidance and protocol-specific adaptations are required. In addition to verifying client contracts, the auditors also incorporate contracts from embedded DeFi protocols and other relevant protocols, enhancing Quantstamp's ability to discover flash lending attack vectors that involve multiple protocols. While the search tool is not exhaustive, which means that attacks may exist even if the automated tool does not detect them, its practical success rate is remarkably high. Currently available on all EVM-supported chains, the Economic Exploitation Analysis service has the potential to adapt the tool to other blockchains and VMs (virtual machines) suffering from similar attack vectors.
Quantstamp also offers security services including smart contract audits, ZK cumulative audits, and more. Quantstamp is blockchain agnostic and performs audits for several other blockchains besides Ethereum, including Solana, Flow, Cardano, Avalanche, Binance Smart Chain, Near, Hedera Hashgraph, Tezos, Aptos, and Sui.
To learn more about Quantstamp's economic exploitation analysis service, visit quantstamp.com/economic-exploits
Quantstamp is a world leader in blockchain security, with a mission to secure the future of web3. Founded in 2017, the team has honed its expertise through hundreds of audits and has worked with some of the industry's top projects, including Maker, Compound, Polygon, Arbitrum, Sandbox, and many more. To date, Quantstamp has performed more than 600 audits and has secured more than $200 billion in digital asset risk from hackers. In addition to providing a variety of security services, Quantstamp facilitates the growth and longevity of the web3 space through strategic investments and acting as a trusted advisor to help projects grow. For more information, visit our website Quantstamp.com or follow us on Twitter @Quantstamp
Logo - https://mma.prnewswire.com/media/728052/Quantstamp_Logo.jpg
View original content: https://www.prnewswire.com/news-releases/quantstamp-lanza-un-servicio-de-analisis-de-vulnerabilidades-economicas-301908129.html