Introduction

In a significant stride towards fortifying blockchain security, we at Safe, along with top security experts have introduced ERC-7512, a standard for onchain audit report representations. This initiative aims to elevate transparency and trust within the blockchain ecosystem by establishing a standardized approach to display audit reports directly on the blockchain. In this blog post, we'll delve into the details of ERC-7512, its importance, and its impact on the world of smart contracts and decentralized applications (dApps).

In the first half of 2023, an estimated $667 million was lost to DeFi hacks and scams, emphasizing the critical necessity and urgency for onchain access and verification of audit reports. The blockchain community has witnessed several incidents involving vulnerabilities in smart contracts, leading to substantial financial losses. ERC-7512 acknowledges this challenge and seeks to address it by standardizing onchain audit report representations.

ERC-7512: Strengthening the Foundations

ERC-7512 introduces a standardized onchain approach to verifying audits. This innovation allows users and developers to eliminate the cumbersome and time-consuming manual verification process. By providing a standardized method for representing audit reports directly on the blockchain, ERC-7512 enhances transparency in the world of smart contracts.

One of the primary objectives of ERC-7512 is to establish trust within the blockchain ecosystem. Users and dApps can now verify audits conducted by reputable auditors, thus creating an on-chain reputation system for auditors themselves. This standard paves the way for a more secure environment where smart contracts can be relied upon confidently.

ERC-7512 is not merely a one-time initiative but a catalyst for ongoing innovation in smart contract security. Future extensions of this standard may include support for additional standards and networks, enhanced handling of polymorphic contracts, and mechanisms for managing signing keys for auditors. The ultimate goal is continually advancing blockchain security and making it resilient against vulnerabilities and attacks.

"Blockchains have a notion of security at a consensus layer, yet smart contract risk has cost the industry billions. While permissionless innovation allows anyone to build anything, for actual use cases to emerge, we need to create a layer that will enable us to verify the security of contracts that interact. This visibility is currently missing. To scale the advantage of modules in AA, intent hooks, or even bridges, we need onchain utility to guarantee security. The first step is to make crucial audit information available to contracts verifiably. This is the goal of ERC-7512, a standard drafted by some of the industry's best auditors and security minds.” - Richard Meissner, co-founder of Safe and co-author of ERC-7512.

Conclusion

ERC-7512 is a significant step towards enhancing smart contract security and bolstering trust within the blockchain ecosystem. By standardizing onchain audit report representations, this initiative addresses the critical need for transparency and verification in smart contracts. As the blockchain community continues to evolve, ERC-7512 sets the stage for further innovations and advancements in security. To stay updated or contribute to this critical standard, visit ERC-7512 on Ethereum EIPs.

About ERC-7512:

ERC-7512 is a groundbreaking Ethereum Request for Comment (ERC) proposal that aims to create a standard for an onchain representation of audit reports that can be parsed by contracts to extract relevant information about the audits, such as who performed the audits and what standards have been verified.

It has been co-authored by:

• Richard Meissner - Safe (@rmeissner)

• Robert Chen - OtterSec (@chen-robert)

• Matthias Egli - ChainSecurity (@MatthiasEgli)

• Jan Kalivoda - Ackee Blockchain (@jaczkal)

• Michael Lewellen - OpenZeppelin (@cylon56)

• Shay Zluf - Hats Finance (@shayzluf)

To learn more and make contributions, please visit

Connect with the authors and contribute to discussions around the ERC on Telegram:

Discuss on Ethereum Magicians: