Cybersecurity experts from Resonance Security, a web3 firm, are sounding alarms about potential vulnerabilities in Blast’s reliance on third-party decentralized finance protocols. In a recent blog post, Grace Dees, a cybersecurity business analyst at Resonance Security, highlighted significant risks associated with Blast’s use of external protocols to generate yield. She pointed out that MakerDAO, a key protocol providing 5% yield for Blast’s stablecoin USDB, has not undergone a security audit for its smart contracts in the past three years.
Dees cautioned that any compromise of yield-generating pools or protocols on platforms like Lido or MakerDAO could directly impact Blast users’ tokens held within these pools. Emphasizing the dynamic nature of smart contract vulnerabilities, she stressed the necessity for regular audits to mitigate newly discovered risks.
Beyond external dependencies, concerns were raised about Blast’s LaunchBridge contract, described by Dees as utilizing a “custodial contract protected by a 3/5 multisig address,” rather than a rollup bridge, which presents additional security considerations.
While MakerDAO’s recent audit history was questioned, Dees acknowledged their bug bounty program through ImmuneFi as a measure to address security gaps. Resonance Security advised Blast to prioritize stringent security standards and close collaboration with partners to safeguard against potential threats.
For more details on blockchain fraud and recent developments within the Blast network, visit their latest updates.