83% of smart contract engineers don’t claim security as a top priority

An interesting [study]( was conducted by the University of Illinois on smart contract engineers’ security practices. I was dismayed, but not overly shocked, to learn that 83% of smart contract engineers “did not claim security as a top priority.”

This is becoming more obvious with all the smart contract hacks and bug exploits that have occurred.

Smart contract development is hard. It is more difficult than other types of software development that I’ve seen. It’s a new programming paradigm where we’re still learning the best practices and the security holes to watch out for.

I love seeing more people get into web3, especially on the tech side, but solidity is not the best language for a new developer to start with. The most expensive engineers are those who are inexperienced and maybe a little sloppy. The DeFi protocols and bridges that have suffered from hacks are extremely aware of this now. You get what you pay for, and education and practical experience are important.

As DeFi users, we need to be really careful on which projects, and therefore which developers, we trust with our funds.

View Source

5 thoughts on “83% of smart contract engineers don’t claim security as a top priority”

  1. >solidity is not the best language for a new developer to start with

    You make a fair point. Many developers have to learn solidity and start building sensitive projects with it. One protocol was poorly coded and ended up locking $11M inside itself, such that even the devs couldn’t get the money out. I can’t remember the name of the protocol, but it happened a few months ago. This is why I’m positive about the multi-language QAN virtual machine, because it will allow smart contract devs build projects in any language they want to. That will at least allow them build with the languages they have deeper experience of.

    Reply
  2. The reason why Security is not the top priority is that when you launch a project, founders value speed of building over security because it makes financial sense.

    Why trying to make something that will probably fail, 100% secure. Security is hard and takes a lot of time and investment.

    That doesn’t mean security is not important but it means it doesn’t make sense financially to focus on that for early projects(99% of the projects out there)

    Reply

Leave a Comment