MakerDAOs influence over could potentially result in reliance on the platform

Cybersecurity specialists caution that potential vulnerabilities in yield-generating pools or protocols utilized by Blast on Lido or MakerDAO could jeopardize associated tokens held by Blast users.

Resonance Security, a web3 firm, highlighted these concerns regarding Blast’s reliance on third-party decentralized finance protocols. In a recent blog post, Grace Dees, a cybersecurity business analyst at Resonance Security, emphasized the inherent risks involved in Blast’s use of external protocols for yield generation. Specifically, Dees pointed out that MakerDAO, responsible for generating a 5% yield for USDB (Blast’s stablecoin) holders, has not undergone a security audit of its smart contracts in three years.

“If yield-generating pools or protocols on Lido or MakerDAO are compromised, the tokens associated with Blast users in those pools will also be compromised,” Dees warned. She underscored that while integrating with third-party protocols isn’t inherently problematic, the absence of recent security audits by MakerDAO—some dating back as far as five years—raises significant concerns.

“This is worrisome because smart contracts can be vulnerable to newly discovered exploits, necessitating regular audits to mitigate these risks,” Dees remarked.

The concerns about Blast’s security extend beyond third-party dependencies. Dees specifically highlighted issues with Blast’s LaunchBridge contract, describing it as a “custodial contract protected by a 3/5 multisig address,” rather than a rollup bridge.

Experts stress the importance of robust security measures such as regular audits and bug bounty programs. Despite MakerDAO’s lack of recent security audits, Dees acknowledged the utility of its bug bounty program through ImmuneFi, which helps address security vulnerabilities in their contracts.

To minimize risks associated with third-party integrations, Resonance Security advises Blast to prioritize close collaboration with their partners to establish and uphold stringent security standards. Such measures, they argue, can prevent potential pitfalls for projects in the future.

For further details:
Blockchain fraud group strikes again, launches fresh scheme on Blast network