Hartej Sawhney, from Pink Sky Capital and Hosho.io joins CUBE hosts Dave Vellante and John Furrier live at Polycon 2018 in Nassau, Bahamas
#POLYCON18 #theCUBE
https://siliconangle.com/2018/03/13/solving-blockchains-security-problem-one-smart-contract-time-polycon18/
Solving blockchain’s security problem one smart contract at a time
Security has held significant weight in the argument against enterprise blockchain initiatives. Endpoint vulnerabilities for the encrypted ledger system, risks of malware to keys, a lack of regulation and more have created hesitation in a space ripe for innovation — with the right security protocols.
“There was nobody in this space that we saw laser focused on just blockchain security,” said Hartej Sawhney (pictured), senior advisor at Pink Sky Capital and cofounder of blockchain security company Hosho.io. “So we began focusing on auditing smart contracts … and then putting a seal of approval on that” to mitigate risk.
After seeing the low quality of smart contracts surrounding initial coin offerings at crypto hedge funds, Sawhney and his partner Yo Sub Kwon set out to create Hosho as an efficient, reliable auditing tool. Sawhney spoke with John Furrier (@furrier) and Dave Vellante (@dvellante), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, at the Polycon18 event in the Bahamas. They discussed the vulnerabilities in current blockchain processes and how Hosho is reducing ICO risk.
Building security standards for a new industry
As much attention as blockchain has gotten from companies and individuals alike, serious security considerations are still rare among even those who face tangible risks. “We have the best hedge funds cutting checks into companies before the smart contract is even written, let alone audited,” Sawhney said.
What Sawhney hopes to do with Hosho is partner with these hedge funds and affirm their commitment to security early on, both internally and within the smart contract. Hosho secures these agreements by doing a line-by-line code review of each smart contract that’s written, conducting a gas analysis and a static analysis, and making sure that the smart contract follows the guidelines of its white paper.
“We can mitigate the risks for exchanges and for investors,” he said. “There’s no chance that this is going to be hacked, money won’t be stolen, money won’t be lost, and there’s no chance of a security vulnerability.”
Hosho’s necessity was born out of lax standards in the space, mostly due to a lack of programmers with understanding of blockchain’s most common language Solidity. As a result, smart contracts are often written not by seasoned full-stack engineers, but web developers with an insufficient understanding of the language Solidity.
“One hundred percent of the time that Hosho has audited code for a smart contract, we have found at least a couple of vulnerabilities — even as a second or the third auditor,” Sawhney said.
With so much demand in the space, Hosho is looking to artificial intelligence to assist in offloading some manual labor from its auditors. “We are building a lot of proprietary tooling to speed up the process, to automate conducting a gas analysis … static analysis,” Sawhney stated.
As Hosho continues to perfect its security processes, Sawhney sees ever-expanding potential for the world of blockchain. “Every single day that we audit code, our process gets faster and faster and faster, because once we find a vulnerability, finding that same vulnerability next time will be faster and easier,” he said.
Here’s the complete interview, and there’s much more SiliconANGLE and theCUBE coverage of Polycon18.
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
Polycon 2018 | Nassau, Bahamas. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Register For Polycon 2018 | Nassau, Bahamas
Please fill out the information below. You will recieve an email with a verification link confirming your registration. Click the link to automatically sign into the site.
You’re almost there!
We just sent you a verification email. Please click the verification button in the email. Once your email address is verified, you will have full access to all event content for Polycon 2018 | Nassau, Bahamas.
I want my badge and interests to be visible to all attendees.
Checking this box will display your presense on the attendees list, view your profile and allow other attendees to contact you via 1-1 chat. Read the Privacy Policy. At any time, you can choose to disable this preference.
Select your Interests!
add
Upload your photo
Uploading..
OR
Connect via Twitter
Connect via Linkedin
EDIT PASSWORD
Share
Forgot Password
Almost there!
We just sent you a verification email. Please verify your account to gain access to
Polycon 2018 | Nassau, Bahamas. If you don’t think you received an email check your
spam folder.
In order to sign in, enter the email address you used to registered for the event. Once completed, you will receive an email with a verification link. Open this link to automatically sign into the site.
Sign in to gain access to Polycon 2018 | Nassau, Bahamas
Please sign in with LinkedIn to continue to Polycon 2018 | Nassau, Bahamas. Signing in with LinkedIn ensures a professional environment.
Are you sure you want to remove access rights for this user?
Details
Manage Access
email address
Community Invitation
Hartej Sawhney, Pink Sky Capital & Hosho.io | Polycon 2018
Hartej Sawhney, from Pink Sky Capital and Hosho.io joins CUBE hosts Dave Vellante and John Furrier live at Polycon 2018 in Nassau, Bahamas
#POLYCON18 #theCUBE
https://siliconangle.com/2018/03/13/solving-blockchains-security-problem-one-smart-contract-time-polycon18/
Solving blockchain’s security problem one smart contract at a time
Security has held significant weight in the argument against enterprise blockchain initiatives. Endpoint vulnerabilities for the encrypted ledger system, risks of malware to keys, a lack of regulation and more have created hesitation in a space ripe for innovation — with the right security protocols.
“There was nobody in this space that we saw laser focused on just blockchain security,” said Hartej Sawhney (pictured), senior advisor at Pink Sky Capital and cofounder of blockchain security company Hosho.io. “So we began focusing on auditing smart contracts … and then putting a seal of approval on that” to mitigate risk.
After seeing the low quality of smart contracts surrounding initial coin offerings at crypto hedge funds, Sawhney and his partner Yo Sub Kwon set out to create Hosho as an efficient, reliable auditing tool. Sawhney spoke with John Furrier (@furrier) and Dave Vellante (@dvellante), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, at the Polycon18 event in the Bahamas. They discussed the vulnerabilities in current blockchain processes and how Hosho is reducing ICO risk.
Building security standards for a new industry
As much attention as blockchain has gotten from companies and individuals alike, serious security considerations are still rare among even those who face tangible risks. “We have the best hedge funds cutting checks into companies before the smart contract is even written, let alone audited,” Sawhney said.
What Sawhney hopes to do with Hosho is partner with these hedge funds and affirm their commitment to security early on, both internally and within the smart contract. Hosho secures these agreements by doing a line-by-line code review of each smart contract that’s written, conducting a gas analysis and a static analysis, and making sure that the smart contract follows the guidelines of its white paper.
“We can mitigate the risks for exchanges and for investors,” he said. “There’s no chance that this is going to be hacked, money won’t be stolen, money won’t be lost, and there’s no chance of a security vulnerability.”
Hosho’s necessity was born out of lax standards in the space, mostly due to a lack of programmers with understanding of blockchain’s most common language Solidity. As a result, smart contracts are often written not by seasoned full-stack engineers, but web developers with an insufficient understanding of the language Solidity.
“One hundred percent of the time that Hosho has audited code for a smart contract, we have found at least a couple of vulnerabilities — even as a second or the third auditor,” Sawhney said.
With so much demand in the space, Hosho is looking to artificial intelligence to assist in offloading some manual labor from its auditors. “We are building a lot of proprietary tooling to speed up the process, to automate conducting a gas analysis … static analysis,” Sawhney stated.
As Hosho continues to perfect its security processes, Sawhney sees ever-expanding potential for the world of blockchain. “Every single day that we audit code, our process gets faster and faster and faster, because once we find a vulnerability, finding that same vulnerability next time will be faster and easier,” he said.
Here’s the complete interview, and there’s much more SiliconANGLE and theCUBE coverage of Polycon18.
