Telos EVM Audit Finds Ethereum EVM Code Flaw

Telos, a high-capacity blockchain network, recently announced that an audit of Telos EVM, its new Ethereum Virtual Machine, performed by the code auditing firm Sentnl has resulted in the discovery of a high severity security issue in Ethereum’s core code that demanded an emergency hot patch of the Go Ethereum code. That patch was released on August 24th.

The Telos Core Developers selected Sentnl as the outside auditor for Telos EVM runtime and RPC server code because of Sentnl’s excellent reputation and innovative testing methods such as “fuzzing” which have resulted in discovering numerous previous exploits including several in the eos.io protocol. In the process of testing the code, a flaw in the Telos EVM code was ultimately traced back to go-ethereum code and acknowledged by their team.

“In order to find vulnerabilities in the Telos EVM, I engaged in deep and rigorous fuzzing, and verified that its behavior matched that of go-ethereum exactly,” said Guido Vranken, crypto-fuzzing-expert and Sentnl’s auditor who found the code flaw. “Despite go-ethereum having an outstanding track record when it comes to security, the procedure was so effective that it wasn’t just instrumental in asserting the correctness of the Telos EVM, but also found a high severity issue in go-ethereum.”

Telos provides a third-generation blockchain governance system that includes advanced governance features and smart contracts. Its EVM includes Ethereum feature parity and the ability to run Solidity-based smart contracts that is not a fork of the go-ethereum code base, but instead a smart contract emulating Ethereum within a Telos smart contract. As such, Telos EVM presents a completely separate decentralized Layer 1 environment that offers a new option for DeFi and other dApps seeking significantly lower cost, faster performance, higher capacity and the elimination of front-running or MEV compared to existing EVMs.

“We were diligent in our selection process in picking Sentnl to audit the Telos EVM code. We wanted the best around and it’s gratifying to see such a clear demonstration that we made the right choice,” said Telos chief architect Douglas Horn. “Telos intends to make a major contribution to the EVM space and we’re glad that our project is already leading to meaningful improvements to the Ethereum and DeFi worlds. Users and developers should also feel confident that the most thorough standard of code review has gone into Telos EVM, thanks to Sentnl and Guido.”



Sponsored Links by DQ Promote

 

 

Send this to a friend