Cybersecurity experts from Resonance Security have issued a warning about Blast’s dependency on third-party decentralized finance protocols, particularly MakerDAO and Lido. According to Grace Dees, a cybersecurity business analyst at Resonance Security, the lack of recent security audits from MakerDAO poses a significant risk to Blast users.
Dees highlighted the fact that MakerDAO has not published a security audit of their smart contracts in three years, which could leave Blast users vulnerable if the yield-generating pools or protocols on MakerDAO are compromised. She emphasized the importance of regular security audits for smart contracts to protect against newly discovered vulnerabilities.
In addition to concerns about MakerDAO, Dees also pointed out issues with Blast’s LaunchBridge contract, describing it as a “custodial contract protected by a 3/5 multisig address” instead of a rollup bridge. This further underscores the importance of robust security measures in the DeFi space.
While MakerDAO does have a bug bounty program through ImmuneFi to help address security gaps, Resonance Security recommends that Blast work closely with their partners to establish stringent security standards. This collaboration can help prevent potential security breaches and safeguard user funds in the long term.
It is crucial for projects like Blast to prioritize security and regularly assess the risks associated with third-party dependencies. By implementing strong security measures and staying vigilant against potential threats, projects can better protect their users and maintain trust in the DeFi ecosystem.