Skip navigation EPAM

How to Avoid the ‘High Cost of Code Mistakes’ on the Blockchain

In the News:

Built In NYC – by Adrienne Teeley

For engineers looking to minimize fraud and maximize transparency, blockchain technology is an enticing option. The use of distributed, encrypted digital assets aren’t easy to tamper with, and can be used to better protect sensitive information. 

For companies like EPAM Systems that build and develop platforms for enterprise businesses, blockchain has become an important resource in creating scalable and secure products. In EPAM’s case, they’ve used it to build programs and solutions for industries like manufacturing, healthcare, logistics and more.

But the new technology doesn’t come without its challenges, according to Alexandra Pitkevich, principal of business consulting at EPAM.

“Blockchain technology is new, experimental and requires a different engineering approach than most developers are used to,” Pitkevich said. “The cost of code mistakes in blockchain systems can be enormously high.”

Remember, in theory, a blockchain can’t be altered or edited after it’s been created. That means fixing even the smallest error involves building a new block, which in turn affects the entire chain. It’s no wonder Pitkevich recommends keeping code as clean and simple as possible.

To learn more about how busy engineers can keep up with using this tech most effectively, Built In NYC spoke to Pitkevich to see how her team navigates the exciting new world of blockchain — and how they can minimize errors. 

Alexandra Pitkevich, PRINCIPAL, BUSINESS CONSULTING

What's your favorite programming language for building smart contracts?
Solidity is the most-used language for on-chain code. Most solutions we create are based on Ethereum technology where it’s the native language.

When it comes to building secure smart contracts, what is the single most important practice an engineering team should follow?
There are many important things a developer should consider when writing a smart contract. Our developers follow the best practice of keeping it simple.

Blockchain technology is new, experimental and requires a different engineering approach than most developers are used to. The cost of code mistakes in Blockchain systems can be enormously high — therefore, even lean, short and simple code likely has mistakes. Another good piece of advice is to prepare for failure and have a backup plan.

What other tools or technologies do you use to improve the security of your smart contracts?
We stay up to date. EPAM’s blockchain community is constantly keeping up with the world's best developers, practices and research. With the given speed of technology development, we’re learning daily and updating our awareness of known attacks, recent failures, projects, tools, updates and more.

It’s difficult to highlight specific tech, as the common security toolset is well-known and doesn’t belong to only blockchain technology. Your knowledge and experience will make you a good specialist, though. For example, we may use Manticore for dynamic analyses and Echidna as fuzzer to generate malicious inputs. Mythril and Vertigo are also frequently used. The EPAM research and development security lab is constantly updating its toolset to keep up with the technology as it matures.

The original article can be found here.