News

Blast’s reliance on MakerDAO could lead to ‘significant financial problems’

Published

7 months ago

on

Cybersecurity experts warn that if the pools or protocols generating yield on Lido or MakerDAO are compromised, the tokens associated with Blast users in those pools “will also be compromised.”

Cybersecurity experts at web3 Resonance Security are raising concerns about the security implications of Gustthe reliance on third-party decentralized financial protocols.

In a blog post on Thursday, Grace Dees, cybersecurity business analyst at Resonance Security, warned that Blast’s reliance on external protocols to generate yield carries inherent risks, noting that MakerDAO, which generates a 5% yield for USDB (Blast’s stable currency) “has not published a security audit of its smart contracts in the last three years.”

“If the pools or protocols that generate yield on Lido or MakerDAO are compromised, the associated tokens of Blast users in those pools will also be compromised,” Dees warned. The analyst noted that while relying on third-party integrations “is not a bad thing,” he noted that some of the most recent public audits of MakerDAO “are as old as five years ago.”

“This concerned me because smart contracts can be susceptible to newly discovered vulnerabilities and should be checked periodically to protect against these new discoveries,” Dees said.

Blast’s security concerns extend beyond third-party dependencies. Dees outlined issues with Blast’s LaunchBridge contract, describing it as a “3/5 multisig address-secured custodial contract,” rather than a rollup bridge.

Experts stress the importance of robust security measures, including regular audits and bug bounty programs. While MakerDAO hasn’t released a recent security audit, its bug bounty program through ImmuneFi helps “cover security gaps in their contracts,” Dees acknowledged.

To mitigate third-party risks, Resonance Security advises Blast to prioritize working closely with its partners to develop and maintain “rigorous security standards” that can save projects many headaches in the long term.

Source

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version