The shoddy security of websites that use SSL is becoming a concern, and it’s now becoming a major factor in the development of smart contracts and smart-contracts applications.
The security of web servers is especially important, as the security of their underlying infrastructure is often at the heart of the trustworthiness of smart-client applications, such as Bitcoin or Ethereum.
However, with new developments in the field of smart contract security, it is possible that the shoddy server security that currently exists in the web world could be compromised and used by attackers to attack the Ethereum and Bitcoin protocols as well.
There are a number of possible scenarios that could occur in which a malicious actor could exploit a server vulnerability to execute malicious code.
The most common scenario would be when a malicious attacker has the ability to compromise a server by using a known vulnerability in the browser, a vulnerability that can be exploited to compromise the Ethereum protocol and, potentially, a number on the Ethereum blockchain.
If the attacker has this capability, it would be possible to compromise both the Ethereum protocols and the blockchain by exploiting a known weakness in the server.
In the event of a cross-server attack, developers can take the following steps: Ensure that their web browser is configured to block XSS vulnerabilities that have not been addressed by the browser’s security tools (for example, by default, browsers do not block XSRF).