The first Trillion Dollar Security (1TS) report notes that developer tooling often lacks secure defaults, standardised security components and integrated formal verification support, increasing the risk of bugs and vulnerabilities
Claim
Quotes that support claims
There is a lack of standardized secure components or frameworks for advanced security workflows.
Low adoption of formal verification methods. Formal verification techniques are powerful, but they are complex, costly, require specialized domain expertise, and are not well integrated into standard developer workflows
Lack of secure defaults in popular frameworks. Some tools prioritize flexibility or speed over safety, setting insecure defaults like unlimited token approvals in the approve() function
Referenced by
End-user risks - UX & smart contract security
Crypto news
Data block
