Immunefi, Trail of Bits, Solana Foundation launch web3 ‘Rekt Test’

Security • July 27, 2023, 6:00AM EDT
UPDATED: July 27, 2023, 7:24AM EDT
The Block

Quick Take

  • Immunefi, Trail of Bits, Solana Foundation and others are launching “The Rekt Test” — a baseline security standard for web3.
  • The Rekt Test covers seven critical security requirements, including key management, incident response, code security and external audits — helping users assess the quality of projects before interacting with them.

Bug bounty security platform Immunefi is launching “The Rekt Test” — a baseline security standard for web3 — in partnership with cybersecurity firm Trail of Bits.

The test guides web3 projects through a set of questions designed to ensure they adhere to a minimum level of security performance. The results enable users and investors to more easily evaluate the quality of a project before engaging with it, according to a statement.

The Rekt Test covers seven security assessments: system documentation and roles, key management and access control, incident response and crisis management, team and personnel security, code security and testing, external audits and vulnerability management and attack mitigation and user protection.

The test is also in collaboration with Solana Foundation, Fireblocks and Ribbit Capital. It was developed by a group of web3 security experts including, Mitchell Amador, founder and CEO at Immunefi, Dan Guido, co-founder and CEO at Trail of Bits, Lee Mount, head of EulerSwap at Euler Finance, Shahar Madar, head of security products at Fireblocks and Ribbit Capital representatives, Immunefi said.

The state of web3 security

“The state of web3 security is still largely immature and of poor quality,” Immunefi added, citing its recent report claiming that over $3.9 billion was lost to hacks and scams in web3 last year. With the large amount of capital in the ecosystem providing an incentive for attackers to exploit web3 projects through code vulnerabilities, private key thefts and social engineering, setting security standards was crucial, Immunefi said.

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

“The Rekt Test is a crucial standard for ensuring that web3 projects are operating at a minimum baseline of security performance,” Amador said. “We see devastating, unnecessary losses caused by private key thefts and social engineering alone that can be mitigated by having an established and proactive approach to security requirements.”   

Last week, Immunefi said it had been inundated with ChatGPT-generated web3 security reports since OpenAI launched the tool in November.

Correction: Removed references to Polygon Labs and the DeFi Education Fund who said they were not involved in the project.


© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

James Hunt is a reporter at The Block, based in the UK. As the writer behind The Daily newsletter, James also keeps you up to speed on the latest crypto news every weekday. Prior to joining The Block in 2022, James spent four years as a freelance writer in the industry, contributing to both publications and crypto project content. James’ coverage spans everything from Bitcoin and Ethereum to Layer 2 scaling solutions, avant-garde DeFi protocols, evolving DAO governance structures, trending NFTs and memecoins, regulatory landscapes, crypto company deals and the latest market updates. You can get in touch with James on Telegram or X via @humanjets or email him at [email protected].

Editor

To contact the editor of this story:
Tim Copeland at
[email protected]

More by James Hunt