@ode Thanks for a nice research summary. I have been hoping to see a collated attack/security issues summary on smart contracts just like the one on NFTs by @LTTOguns.
From this research, three methods were listed for solving issues of security on smart contracts. It is important that we also put into perspective the ease, cost, and impacts of these various methods before deciding on the one to deploy for solving particular issues.
Again, most, if not all, smart contracts are audited by auditing companies, like Certik, before being deployed on blockchains. In essence, these auditing companies are supposed to ensure that codes follow due process and that potential harmful bugs are detected.
Sincerely, while reading this summary, I was kind of bewildered. The summary stressed the fact that better coding practices could help smart contracts avoid the various attacks listed in the research summary.
So, I am finding it a bit difficult to reconcile these two ideas : auditing by security companies and better coding practices. Does it mean that auditing companies whose job is to find these bugs and code errors are not efficient? I am trying to wrap my head around why the problem is a persistent one since the infrastructure to handle this issue is in place. I ask this knowing at the back of my mind that these codes are audited before the smart contracts are deployed.