Cybersecurity experts warn that if yield-generating pools or protocols on Lido or MakerDAO are compromised, Blast users’ associated tokens in those pools will be compromised as well.
Cybersecurity experts at web3 firm Resonance Security are raising concerns related to the security implications of Blast’s reliance on third-party decentralized finance protocols.
In a blog post, Grace Dees, a cybersecurity business analyst at Resonance Security, warned that Blast’s dependence on external protocols for generating yield brings inherent risks. She noted that MakerDAO, which generates 5% yield for USDB (Blast’s stablecoin) holders, has not published a security audit of their smart contracts in three years.
“If yield-generating pools or protocols on Lido or MakerDAO are compromised, the associated tokens of Blast users in those pools will be compromised as well,” Dees warned. The analyst noted that even though relying on third-party integrations is not a bad thing, some of MakerDAO’s most recent public audits even go back five years.
This raised concern to me because smart contracts can be susceptible to newly discovered vulnerabilities and should be audited periodically to protect against those new discoveries.
Concerns about Blast’s security extend beyond third-party dependencies. Dees outlined issues with Blast’s LaunchBridge contract, describing it as a “custodial contract protected by a 3/5 multisig address,” rather than a rollup bridge.
Experts stress the importance of robust security measures, including regular audits and bug bounty programs. Although MakerDAO hasn’t published a recent security audit, its bug bounty program via ImmuneFi helps cover the security gaps in their contracts, Dees acknowledged.
Practical Tips for Ensuring Security in DeFi Investments
- Regular Audits: Ensure that the protocols you are investing in conduct regular security audits.
- Bug Bounty Programs: Look for platforms that have active bug bounty programs to identify and fix vulnerabilities.
- Collaborate Closely: Encourage projects to collaborate with their partners to develop stringent security standards.
To mitigate third-party risks, Resonance Security recommends that Blast prioritize close collaboration with their partners to develop and uphold stringent security standards that can save projects many headaches in the long run.
For more updates on cryptocurrency, investing, and finance, explore more news on Global Crypto News.