Sandbox Environment for Smart Contract Assessment (ARD/273)

Smart contracts are software programs being deployed and executed on blockchain networks. In the case of public blockchain networks, such as Ethereum, deployed smart contracts are immutable, meaning that they cannot be modified nor updated anymore, even if some security vulnerabilities are discovered or exploited. After the emergence of Decentralized Finance (DeFi), Non-Fungible Token (NFT) as well as Security Token Offering (STO) related applications, which usually involve high volume or high value transactions, security concerns on such smart contracts on public blockchains have been growing rapidly. However, performing a comprehensive security assessment for smart contracts to detect possible vulnerabilities before the actual deployment is a very challenging problem. In this project, a private, controlled and quorum-based sandbox environment is proposed to provide extensible testing capabilities of conducting thorough assessments for smart contracts. The proposed solution provides configurable blockchain environment and test cases specification mechanism to simulate attack scenarios for assessing security risk of the target smart contract. With the proposed system, ASTRI can set a new level of standard in DeFi application security and help SMEs build more secure business scenarios that lead the market in Hong Kong, China and onward.