金色财经|Jan 20, 2026 02:50
[a16z Crypto Calls for DeFi to Shift from 'Code is Law' to 'Norms are Law' to Address Vulnerability Crisis]
According to Golden Finance, Daejun Park, Senior Security Researcher at a16z Crypto, published an article urging DeFi protocols to shift from 'code is law' to 'norms are law' and adopt a more principled approach to security. The specific method involves hardcoding security guarantees through standardized norms and invariant checks, automatically rolling back transactions that violate predefined rules. Park pointed out that almost all known vulnerabilities would trigger such checks, potentially preventing hacker attacks during execution.
According to a report by Slowmist, hackers stole over $649 million last year through code vulnerabilities. Even the veteran protocol Balancer, which has been operating since 2021, suffered a $128 million loss last November due to code vulnerabilities. Developers are increasingly concerned that hackers are using AI to find vulnerabilities.
Immunefi's security director noted that invariant checks would increase gas costs, potentially driving away users, and are not a cure-all. The co-founder of Asymmetric Research stated that many vulnerabilities are difficult to write invariant rules for that can detect attacks without false positives.
Share To
Timeline
HotFlash
APP
X
Telegram
CopyLink