EIP 7512 (Ethereum Improvement Proposal 7512) is a draft proposal for an Ethereum standard that focuses on creating an on-chain representation for audit reports of smart contracts. The primary aim of this proposal is to enhance transparency and trust in the security of smart contracts by providing a standardized, blockchain-based way to access audit information. Among the authors are some big names coming from companies like Safe, Chain Security and OpenZeppelin just to mention a few.
What is wrong with today’s audits?
The primary issue with current smart contract audits is the lack of standardization and on-chain accessibility. Current audit reports are typically off-chain, in various formats, and not always easily verifiable. This setup can lead to challenges in ensuring transparency and trustworthiness. Users and developers may have difficulty accessing or verifying these reports, which impacts the overall perception and assurance of smart contract security. EIP 7512 aims to address these concerns by proposing a standardized, on-chain representation for audits, making them more accessible and verifiable within the Ethereum ecosystem.
What is the motivation for eip 7512?
The motivation for Ethereum Improvement Proposal (EIP) 7512 centers around creating a standardized on-chain representation for audit reports. This standardization aims to enhance transparency and trust in smart contract security. By representing audit reports in a consistent and accessible format on the Ethereum blockchain, users and developers can more easily verify the security audits of smart contracts, fostering a more secure and trustworthy ecosystem. This approach addresses the need for a reliable and decentralized way to share and access information about the security and integrity of smart contracts on the Ethereum network.
Why are findings not encoded in this standard?
While EIP 7512 does not encode detailed audit findings directly on the blockchain, it does include a mechanism to reference these findings. The standard allows for linking to an off-chain location where the full audit report, including detailed findings, can be accessed. This approach ensures that while the blockchain carries essential and summary information about the audit, the more detailed and potentially voluminous data of the actual findings are stored off-chain. This design decision balances the need for transparency and accessibility of audit information with the practical limitations of on-chain storage.
It’s not appropriate to speculate on the intentions of the authors of EIP 7512 without direct evidence. However, it’s important to consider that the proposal for trusted auditors aims to ensure the reliability and quality of smart contract audits in the Ethereum ecosystem. The concept of “trusted auditors” is likely meant to establish a standard of trust and expertise, rather than to create an exclusive or elitist system. The overall goal of such a standard would be to enhance the security and credibility of smart contracts, benefiting the broader community. Any concerns about inclusivity and fairness in the vetting process are valid considerations for the Ethereum community to address in the implementation and evolution of such a standard.