News

Blast’s reliance on MakerDAO could lead to ‘significant financial problems’

Published

7 months ago

on

Cybersecurity experts warn that if the yield-generating pools or protocols on Lido or MakerDAO are compromised, the tokens associated with Blast users in those pools “will also be compromised.”

Cybersecurity experts at web3 company Resonance Security express concerns about the security implications of BlastThe use of third-party decentralized financial protocols.

In a blog post published Thursday, Grace Dees, cybersecurity business analyst at Resonance Security, warned that Blast’s reliance on external protocols to generate yield carries inherent risks, noting that MakerDAO, which generates yield 5% for USDB (Blast’s company stable coin), “has not published a security audit of their smart contracts in three years”.

“If yield-generating pools or protocols on Lido or MakerDAO are compromised, Blast users’ associated tokens in those pools will also be compromised,” Dees warned. The analyst noted that while relying on third-party integrations “isn’t a bad thing,” she pointed out that some of MakerDAO’s most recent public audits “are even five years old.”

“This concerned me because smart contracts can be susceptible to newly discovered vulnerabilities and should be audited periodically to protect against these new discoveries,” Dees said.

Concerns about Blast’s security extend beyond third-party dependencies. Dees highlighted issues with Blast’s LaunchBridge contract, describing it as a “custodial contract protected by a 3/5 multisig address” rather than a rollup bridge.

Experts emphasize the importance of robust security measures, including regular audits and bug bounty programs. Although MakerDAO has not released a recent security audit, its bug bounty program through ImmuneFi helps “close security holes in their contracts,” Dees acknowledged.

To mitigate third-party risks, Resonance Security recommends that Blast prioritize working closely with partners to develop and maintain “strict security standards” that can save projects a lot of headaches in the long run.

Fuente

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version