March 6th, 2018
The second EEA NYC Meetup took place at Fordham University McNally Amphitheatre, 140 West 62nd Street New York. The meeting explored how blockchain technology is being used to increasingly automate legal agreements, issues related to enforceability of smart contracts, machine-to-machine contracting, and whether existing laws like the E-Sign Act, ESRA and UETA are sufficient to address enforceability concerns.
Blockchain technology is useful for more than just simply digital currencies like Ether and Bitcoin. Relying on a blockchain, parties can also deploy autonomous smart contract programs, which can be used to model all or parts of formal legal agreements.
These topics were addressed by Stuart D. Levi, co-head of Skadden’s Intellectual Property and Technology Group; David M. Adlerstein, counsel in the Corporate Department at Wachtell, Lipton, Rosen & Katz; and Andrea Tinianow, Chief Innovation Officer for Global Kompass Strategies.
Andrea Tinianow conceived and was the founding director of the Delaware Blockchain Initiative which gave rise to the “Blockchain Amendments” to Delaware’s General Corporation Law. These amendments expressly authorize corporations to issue and maintain their stock ledgers on a blockchain. Andrea is a member of the global Wharton RegTech think tank. She is also an advisory board member of the Weinberg Center for Corporate Governance at the University of Delaware. In 2017, MarketsMedia awarded Andrea its “Women in Finance Award” for Excellence in Blockchain.
ZirconTech has started a process of evaluation and testing all emerging blockchain based legal technologies, and this was again another great opportunity to interact with the key global lines of development.
Later was the case of Amberdata demonstration, where they showcased the product. Amberdata commented about the customer pain points and argued that everyone needs transparency into the state and health of blockchain infrastructure, applications and transactions. That means no operational instrumentation, no monitoring, alerting, search or insights, and no visibility into scalability, availability and throughput. There are unique challenges operating decentralized.
Trail of Bits discussed the case Manticore, the smart contract analysis. It uses symbolic execution of EVM to deeply explore possible contract states across multiple transactions and contracts. It discovers functions directly from bytecode, detects contracts flaws like int overflows, uninitialized memory and storage usage, among other features. It also verifies customized program assertions. Manticore is open source and can be found at https://github.com/trailofbits/manticore
As a second initiative, Trail of Bits introduced Echidna, a smart contract testing solution. It uses fuzzing and input generation to generate and execute many contract inputs and generate intelligent grammar based inputs. Echidna seamlessly integrates into developer workflows, runs thousands of generated inputs per second, and reduce test cases for easier manual analysis.
Mark Mossberg, a Security Engineer in Trail of Bits, recommended the following steps if you are developing a smart contract:
- Review Not so Smart Contracts
- Trail of Bits database of insecure Solidity code
- Ensure your team learns from others mistakes
- Run Slither on every new code checkin
- Static analyzed/bug checker for Solidity
- Write Echidna tests for new features
- Solidity smart fuzzer/testing framework
- Aim for 80% coverage or higher
- Run Manticore for final verification
- EVM analysis and verification tool
- Discover any dangerous, obscure states
Alethio introduced its platform to capture and synthesize block data in real-time, presenting relevant information via clear and accessible dashboards. It uses data science & semantic modeling so users can clearly see what matters to them. Includes features like advanced block explorer, intuitive user interface, meaningful visualizations, real-time alerting, account timelines and smart contract analytics.