GETSecured Network - On-chain security

A secured blockchain that allows deploying smart contracts only when they have no security vulnerability

Comment

Inspiration

Cybersecurity is one of the fundamental principles of any blockchain-based solution. Unfortunately, we are seeing a lot of data breaches these days where malicious users are managed to hack the smart contracts or exploit some weakness or security vulnerabilities to gain access to others' money and steal it. A lot of such incidents could have been easily avoided if we mandate that developers can only deploy the code in the network if the code doesn't have any major vulnerabilities. Hence I thought of building this pipeline where the code that is being deployed in an EVM-based network, will get scanned and checked for any major vulnerability. If the code has any major vulnerability, it will stop the deployment and throw an error back to the developer that the code is not suitable for the deployment

What it does

This is an automated deployment pipeline that ensures that whenever a developer tries to deploy a smart contract, it will scan and check if the code has any major security vulnerability or not. If it has any vulnerability, then it will not allow the code to be deployed to the test net.

How we built it

I have first created an XDC wallet and account. Then I imported it to Metamask. Then I created a nodejs proxy that sits between remix IDE and metamask. Once the developer triggers the deployment process through remix and metamask, the JSON RPC request will come to my proxy. The proxy will check if the code has any vulnerability or not. If it has any vulnerability, then it will stop the deployment. Otherwise, it will continue the deployment process as it is.

Challenges we ran into

The first challenge, was could not use a proxy with the XDC wallet. Hence I had to find a way to import the account to metamask and use it with metamask. Secondly, the Apotheum testnet jsonrpc doesn't work with the proxy. Hence had to set up a local blockchain network (EVM based) to showcase the complete flow.

Accomplishments that we're proud of

Managed to integrate Metamask with Apotheum testnet, there was no documentation for that I could find on the net.

What we learned

Learned how to run XDC wallet with XDC network. Migrate account from XDC wallet to metamask wallet and set up the proxy.

What's next for GETSecured

We would like to launch this as a full-fledged tool to help the entire development community.

Built With

Share this project:

Updates