How Consensys Diligence Secures MetaMask Snaps and Linea
At Consensys, we’re building the infrastructure that powers Ethereum’s most ambitious projects, integrating innovation and security at every step. MetaMask Snaps and Linea zkEVM are two recent projects that highlight our commitment to supporting builders.
MetaMask now boasts 60+ Snaps in the MetaMask Snaps directory, and this vibrant ecosystem continues to grow, promising exciting new features and integrations for users. On the other hand, Linea has quickly become a powerhouse in the L2 space, with $1 billion in total value locked (TVL) since its mainnet launch in July 2023. This achievement highlights the value of MetaMask and Linea and underscores the importance of robust security measures.
This blog provides a brief overview of how Diligence employs a multi-layered approach to protect and empower builders through comprehensive audits, advanced security tools, and extensive developer resources, using our work on MetaMask Snaps and Linea as references.
Diligence secures MetaMask Snaps
With numerous Snap audits completed, we’re proud to be leaders in ensuring these extensions are safe and secure for every MetaMask user. None of this would be possible without our brilliant lead auditors, Valentin Quelquejay and Martin Ortner.
Martin has been doing great work in breaking down the MetaMask Trust Module and crafting the Snaps Security Essentials guide, a knowledge base for secure Snaps development. Meanwhile, Valentin, a true ninja in the field, continues to slash through your code as our lead Snaps auditor, ensuring your Snaps run flawlessly and securely.
We are also excited to announce Snapguardian, our latest invention and a Snaps security tool that automates security analysis, offering quick, comprehensive insights and vulnerability checks for Snaps.
Additionally, in an upcoming blog post, you will learn from the MSQ Snap team how to create secure Snaps that will make any auditor smile, so stay tuned.
Diligence secures Linea
Since Linea’s inception, Diligence has been integral in securing its network, auditing crucial components such as:
- Linea Contracts Update (Jan 2024)
- Linea Custom Bridged Token (Dec 2023)
- Linea Cross-Chain Governance Executor (Oct 2023)
- Linea Canonical Token Bridge (June 2023)
- Linea Message Service (June 2023)
- Linea Plonk Verifier (June 2023)
Our involvement has not only solidified Linea’s infrastructure but also allowed us to expand our expertise in zero-knowledge proofs (ZK proofs). Our journey into ZK began with exploring the Cairo language in 2021. Since then, we have been continuously securing ZK networks, which has given us the opportunity to advance our ZK knowledge.
Led by our researcher Valentin Wüstholz and in collaboration with TU Wien, we’ve built an experimental prototype tool: ZK-fuzzing, which has shown promising results in identifying vulnerabilities, demonstrating the potential of automated security tools. More on that soon.
Get in Touch
So many teasers and so much suspense! We will share everything with you in the upcoming Diligence security series, which will dive deep into our work auditing the Snap by the Masquerade team, insights from auditing ZK projects, and the latest ZK-fuzzing prototype. Keep an eye out on the MetaMask Developer and Linea blogs.
Need help securing your blockchain project? Contact us! Whether you’re looking for an audit or security tools like Diligence Fuzzing, our team is here to support you every step of the way.
Stay safe and happy hacking!
Your Consensys Diligence Team
Martin Ortner (tintinweb)
|
Valentin Quelquejay
|
Martin and Valentin, Security professionals at Consensys Diligence, are at the forefront of Snap security research, diligently working to enhance the platform's security |