When developing smart contracts on BenFen using the Move language, developers should follow these core security principles to fully leverage Move’s design and build robust, production-grade applications.
-
Prefer the Official Standard Library: BenFen provides a formally verified standard library, which serves as the foundation for secure contract development. Developers are strongly encouraged to use these audited modules, especially for asset management, rather than creating custom logic from scratch.
-
Understand Resource Ownership Deeply: At the core of Move's security model is explicit ownership of resources. Properly managing the ownership, storage location, and lifecycle of each resource ensures that assets are never accidentally lost, locked inside contracts, or mishandled.
-
Utilize Formal Verification Tools: For contracts involving critical logic or high-value assets, it is highly recommended to write specifications using Move Specification Language (MSL) and apply Move Prover for formal verification. This allows you to mathematically prove the correctness of your code and eliminate entire classes of vulnerabilities before deployment.
-
Clearly Define Access Control and Capabilities: Permissions and capabilities should be carefully scoped. Ensure that only authorized roles or modules can perform sensitive operations such as minting, burning, or transferring system-level assets.
-
Perform Rigorous Off-Chain Testing: Before deploying to the mainnet, conduct comprehensive testing in a testnet environment. Simulate all execution paths and edge cases to validate contract behavior under all conditions.