HomeNewsFortifying Network Security: Hedera Revolutionizes with HSCS Security Model v2, Empowering Users...

Fortifying Network Security: Hedera Revolutionizes with HSCS Security Model v2, Empowering Users and Developers

- Advertisement -
  • Hedera Smart Contract Service (HSCS) advances its security model to secure state and token assets of users and the network during smart contract executions.
  • The new security model, version 2 (v2), offers enhanced protections and clarity, improving on limitations seen in the previous version (v1), with a specific focus on boundary rules.

As a prominent name in the blockchain space, Hedera’s Smart Contract Service (HSCS) continuously evolves to deliver optimal performance and security. Bridging Ethereum’s Virtual Machine (EVM) with Hedera’s third-generation native entity features, the HSCS aims for seamless execution of smart contracts initially written for other EVM-compatible chains. The grand vision is to create an ecosystem where developers can deploy their smart contracts on Hedera as effortlessly as copy-pasting.

- Advertisement -

In the pursuit of this ambition, the latest HSCS Security Model version 2 (v2) targets to address gaps present in the preceding model, which allowed potential threats a window of opportunity. By leveraging the Besu EVM for executing all smart contract transactions and the Hedera-optimized Virtual Merkle Tree state to record the changes, HSCS ensures finality of smart contract executions within 2-3 seconds.

The security model v1 offered account key signatures for authorization at transaction time, allowing smart contracts to modify their storage or that of another contract if delegate called, and even adjust an Externally Owned Account (EOA)’s storage or balance under certain conditions. While this model significantly improved user experience by allowing contracts to consolidate transactions, it inadvertently created a window for malicious activities.

In response, the Hedera engineering team meticulously revised the Smart Contract Service and the Hedera Token Service (HTS) system contracts to secure user and network assets better during smart contract execution. The result is HSCS Security Model v2, introduced in Hedera Services release v0.35.2.

- Advertisement -

The v2 model refines the boundary rules: smart contracts can only change their storage or the storage they’re delegate called with; system smart contracts can’t be delegate called, except from the Token proxy/facade flow; and EOAs can only have their storage or balance changed by smart contracts if certain conditions are met.

Crucially, the HSCS now operates under a three-level security model: Level 0 (EVM security model), Level 1 (EVM balance allowance interactions), and Level 2 (Hedera advanced security features). To facilitate state change or value transfer, transactions must adhere to all the rules of each level, ensuring optimal security.

The v2 model also clarifies the rules of account interactions (EOA & contract) during smart contract execution. The models elaborate on regular calls and delegate calls, providing insight into how accounts, states, and code may change throughout the chain of calls.

In essence, the HSCS Security Model v2 reinforces user and network security, albeit at the cost of slightly more complex user interactions. Yet, the benefits far outweigh the additional steps required, demonstrating Hedera’s commitment to providing a safe and scalable platform for creative dApps and fostering a shared world on the ledger.

- Advertisement -
ETHNews does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. Readers should do their own research before taking any actions related to cryptocurrencies. ETHNews is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned.
Jack Williams
Jack Williams
As a Blockchain Analyst, I specialize in analyzing the performance of decentralized systems and optimizing their efficiency. Through data analysis, I provide insights on blockchain technology, smart contracts, and cryptocurrencies to help businesses make informed decisions and improve their operations.
- Advertisment -spot_img