Our Focus

The EEA EthTrust Security Levels Working Group specifies "EEA EthTrust Security Levels", a set of requirements for security audits of Ethereum smart contracts to ensure an industry-wide level of quality for security audits. This provides three levels of certification that give progressively stronger reassurance about the security properties of a smart contract or set of contracts intended to be deployed on an Ethereum blockchain.

The specification provides minimum standards that security audits should meet. Security auditors will generally offer review and additional services beyond the common base required for EthTrust Security Levels.

EEA has published version 1 of the specification as an EEA specification, and the Working Group is now working on a revised version to be published probably in 2023 or early 2024, as well as relevant supporting materials.

Resources

EthTrust Security Levels Specification



EEA EthTrust Security Levels Specification Version 1

EEA Specification. Edited by Chaals Nevile. URL: https://entethalliance.org/specs/ethtrust-sl/v1/. Published 22 August 2022.

Latest Editors' Draft

EEA EthTrust Security Levels Specification v-after-1. Work in Progress. Edited by Michael Theriault, Chaals Nevile. URL: https://entethalliance.github.io/eta-registry/security-levels-spec.html. Updated as the group agrees to changes (typically every two weeks).

The Editors' draft is a publicly available snapshot of the group's latest thinking. However, it is subject to change and should only be referenced as Work in Progress.

How to Contribute

For information on how to join the group, see "Contact Us" below:

Specifications & Guidelines Development

The working group collaborates to develop the specification for EthTrust certification. You can contribute by joining EEA and getting involved in our weekly calls and by writing, reviewing and providing feedback on the draft specification.

Test development

To participate in test development, including writing conformance tests, developing proof of concept for existing or new proposals, please join the EEA Client Interoperability Testing WG.

Chair

Contact Us

Non-EEA Members:

If you are interested in the work of the EEA Crosschain Interoperability WG and would like to contribute, please contact james.harsh@entethalliance.org.

EEA Members:

Please contact EEA Technical Program Director Chaals Nevile, the EEA Secretariat or your EEA Member Council representative.