Is Move the answer to smart contract exploits?
Gm Degens
Another week, another exploit. This time a money market on Scroll - (a new L2 zk chain) on a protocol called Rho.
Over $7.5m was exploited by what seemed to be an application smart contract issue with oracle misconfigurations.
Scroll decided the hault the chain, and thankfully the funds were recovered. This however, doesn’t always happen and time and time again we’ve seen smart contracts from DeFi protocols get exploited again and again.
In fact, you can see some of the previous exploits we’ve had here - https://defillama.com/hacks
$6b in DeFi protocol alone. This is unacceptable.
Is there a way to stop these? Well better audits and more safety practises for sure. Perhaps one of the issues is with Solidity itself. There is now a new language within the crypto space taking off in recent months - year or so and it’s called MOVE. One of Moves core features is security, so lets dive in.
Move is a new language thats used by a few chains including Aptos, Sui and the recent EVM compatible Movement. Move uses whats known as an object based model where objects are often tracked rather than wallets. When everything is an object, you know exactly which transactions are related. The system knows how to segment or group transactions and every group can be processed in parallel.
Move contracts can be broken down into modules and within each of these there are defined access nomenclature, including who and what can have access to assets. These pipelines offer more protection as smart contracts become more complex. As a result some of the common issues with protocol hacks including reentrancy attacks can be mitigated because of this.
Okay, so we have a chain which uses a language with better security, is that enough? No. How are we going to get all these solidity devs to start learning and coding their apps in Move? It’s a bit of an ask and ultimately another problem.
That is where chains like Movement come in. Movement is a new chain bringing MOVE to the EVM. Fractal is a new feature from movement that enables the conversion of solidity code into Move. Simple, seamless and secure. No need to write new code! This should make developing apps pretty simple on Movement for already existing apps.
Of course, time will tell to see where we go with Movement. Currently in testing and development, we’ll see what happens when mainnet goes live. Movement has some interesting tech including parallel execution, high TPS and some other core features, we’ll touch upon them next time but for now it’s interesting to see how Move can be used to stop the on going issues we have in DeFi. Perhaps Movement will be able to capture value because of this.
Let me know your thoughts and I’ll be back with some more in depth educational pieces on Movement in the future.
Too many exploit ATM. Something must be done. Perhaps MOVE could improve security..?