Security
Enhance security of your digital assets when deploying and interacting with smart contracts
Identify common vulnerabilities and mitigate potential risks through customized tests that assess alignment with industry standards and leading practices.
Business logic alignment
Better understand the expected output of your digital agreement as it is implemented in the smart contract’s code.
Assess the smart contract’s compatibility with the system design and functionality as it is declared in the published documentation.
Create "what-if" scenarios
Helps build out scenarios of your smart contract performance before deployment .
Through the Testing Studio, run pre-defined automated tests and simulate smart contract execution by configuring selected functions through a user interface.
Plug and play
Easy connectivity into EY’s blockchain API ecosystem.
Tests directly from the developer environment by connecting through the EY API. This puts you in the driving seat.
Reduced risk
More information and insights help mitigate the operational and inherent risks of blockchain.
Transparency
Helps build a picture of how tokens or smart contracts will behave, giving insights into functionality, security, compliance, and design implications.
Trust
Greater confidence in the validity of smart contracts and tokens increases trust between counterparties in the blockchain ecosystem
Explore what EY leaders have to say and learn how blockchain could help your organization.
The team
Paul Brody
EY Global Blockchain Leader
Avner Geifman
EY OpsChain Global Product Manager
Track your entire carbon emissions with trusted information and strengthen your ESG performance, helping you avoid issues around greenwashing.
Revolutionize how you manage contracts using blockchain technology.
Providing a trusted platform for traceability and transparency across global supply chain ecosystems
Frequently Asked Questions (FAQs)
What is a smart contract?
A smart contract is a self-executing computer program that automatically enforces the terms of an agreement between parties. It operates without the need for intermediaries and is built on blockchain technology, making it secure and transparent.
Why should smart contracts be reviewed?
Smart contracts must be reviewed to mitigate the risks of errors, vulnerabilities, and other issues that could compromise their security and functionality. By identifying potential risks and opportunities to improve the code, reviews help reduce the risks of costly mistakes, fraud and hacking attempts.
How does the Smart Contract and Token Review solution work?
When you submit your code, it is scanned, compiled with the relevant solidity compiler version, and sent through our testing engine. The testing engine uses static code analysis through both the source code and the solidity AST, and a customized Ethereum Virtual Machine (EVM) dynamically simulates various testing scenarios
Who should use the Smart Contract and Token Review?
The solution is primarily used by EY client-serving professionals. It can also be used directly by the clients and any person or enterprise wanting to assess a smart contract (subject to EY’s client acceptance process, as applicable). We also see interest from tech-savvy specialists, developers, auditors, compliance and risk teams
Why are EY teams well-positioned to support clients with smart contract assessments?
EY teams’ core business is to provide trust and confidence to business ecosystems. We do that in the assurance business but also across our consulting business. We have robust methodologies and standards in place to deliver quality services to help stakeholders gain more trust in the technology they are using
What is functionality testing?
Our research and experience reveal that most smart contract exploits occur through unexpected behavior of the smart contract and manipulation of edge cases. Functionality testing aims to reduce that risk by verifying that a smart contract behaves as expected. The tool aims to test functionality by both reviewing the required syntax and simulating various scenarios that are part of the ERC-20 standard core functionality.
Have more questions?Contact Us
