“Mechanisms that reliably record that a compromise of information has occurred can be used in place of more elaborate mechanisms that completely prevent loss” — Ensure that smart contracts and their accompanying operational infrastructure can be monitored/analyzed at all times (development/deployment/runtime) for minimizing loss from any compromise due to vulnerabilities/exploits.
For e.g., critical operations in contracts should necessarily emit events to facilitate monitoring at runtime. (See Saltzer and Schroeder's Secure Design Principles)
- Compromise Recording
- Saltzer & Schroeder 1975
- Bug-free Code?
- Reduce Attack Surface
- Residual Risk
- Monitor & Detect & Fix
- On-chain: Add Checks
- Off-chain: Add Events