What is the change?
After the security incident of March 2023, core Hedera engineers conducted a thorough analysis of the Smart Contract Service and the Hedera Token Service system contracts. No new vulnerabilities were found, but the team looked for any behavioral differences between Hedera Token Service system contract APIs and those of Ethereum Virtual Machine (EVM) or ERC token APIs that could be used maliciously. To eliminate any possibility of such differences being used as attack vectors in the future, the consensus node software will align the behaviors of the Hedera Smart Contract Service and HTS system contracts with those of EVM and typical token APIs such as ERC 20 and ERC 721.
As a developer on Hedera, what should I do?
Developers are strongly encouraged to test their applications with new contracts and UX using the new security model to avoid unintended consequences.
- The new security model has been applied to contracts created from the mainnet 0.35.2 release onwards.
- Existing contracts deployed prior to this upgrade will continue to use the previous security model for a limited time to allow for application/UX modifications.
- The previous security model will only be maintained for an approximate period of 3 months. The current target is for the network to remove the previous security model and for all contracts to follow the new security model by the mainnet release of July 2023.
- See more information in the official Hedera documentation.
What does the change in security model mean for smart contract developers?
The security update involves changes to entity permissions during contract executions when modifying state. In short, system contract calls (smart contract calls to the Hedera Token Service) are no longer executed with all upper caller privileges even if the authorized user provides a signature.