Ethereum (ETH) developers have introduced a novel smart contract standard, ERC-7512, to enhance transparency and accessibility to smart contract audits, particularly for decentralized finance (DeFi) protocols. The proposal was initiated by Richard Meissner, co-founder of Safe, and has garnered considerable attention and discussion within the Ethereum community.
ERC-7512 aims to create an on-chain representation of audit reports that can be easily interpreted by smart contracts. This standardization will enable users to extract pertinent information about conducted audits, including details about auditors and verified standards.
The proposal states, “The proposal aims to create a standard for an on-chain representation of audit reports that can be parsed by contracts to extract relevant information about the audits, such as who performed the audits and what standards have been verified.”
The intention is to provide robust security guarantees and facilitate better composability by allowing on-chain verification of whether a contract has undergone auditing.
Diverse Contributions to the Proposal
Several notable contributors have participated in the development of ERC-7512, including individuals from OtterSec, ChainSecurity, OpenZeppelin, Ackee Blockchain, and Hats Finance. This diverse collaboration has enriched the proposal with insights from various corners of the Ethereum ecosystem.
While the proposal has gained significant support, community members are actively engaged in discussions concerning the practical implementation of ERC-7512. Dexara, the founder of Callisto Network, suggested an alternative approach involving a registry that organizes audits through non-transferable Soulbound Tokens rather than introducing a new Ethereum standard.
However, Richard Meissner emphasized that the ERC can be effectively utilized within the context of a registry without necessitating an overly centralized approach.
Shay Zluf clarified that the primary focus of ERC-7512 is to standardize the information that auditors should sign, rather than defining the registry itself. The ultimate goal is to ensure consistent verification procedures across the DeFi ecosystem.
Meissner further highlighted the importance of understanding that while security audits are invaluable, they do not guarantee flawless code for DeFi protocols. He cited the example of BANANA, a token associated with a Telegram trading bot, which encountered a smart contract bug shortly after deployment despite claims of having undergone two audits.
Challenges Faced by Ethereum Developers
In other Ethereum-related developments, the launch of the Holesky testnet was recently delayed due to a parameter mismatch issue. Ethereum developers had to postpone the launch, and it is expected to take place either on September 24 or September 28, depending on various factors. These challenges underscore the continuous efforts and dedication required to enhance the Ethereum network’s functionality and security.
