Programming Secure Smart Contracts

YOUTUBE Em7tHO6fXPQ Pesented to SF Cryptocurrency Developers, Oct 10, 2018

Succinctly via Mark Miller addressing sanitized eval with Caja. Caja contains the original-SES, which still works fine, but mostly supports only the features from EcmaScript 5 with a few select elements of EcmaScript 6. SES is built on modern JavaScript and supports modern JavaScript -- including all of the EcmaScript 2018 standard. It is also much faster than the original-SES in Caja. SES is a joint effort of Agoric and Salesforce. Unlike Caja, SES runs everywhere modern JavaScript runs, including both browser and Node.

+ See JF Paradis on Object Capabilities at Salesforce (OCAP Workshop at Splash Nov 2018) video + Securing EcmaScript, presentation to Node Security video + Report on Realms Shim Security Review video OTOH, Caja contains Domado, which is a taming of the browser and DOM APIs, so that you can give your untrusted code access to a subtree of you DOM tree. We [Agoric] expect to reproduce this functionality eventually on modern SES but, currently, we are not treating it as urgent. If you need Domado functionality in order to use SES rather than Caja, please let us know.