Aptos Move Security Library Co-construction Initiative: Building Trusted Infrastructure Standards for Developers

avatar
Movemaker
1 days ago
This article is approximately 1564 words,and reading the entire article takes about 2 minutes
If you are building the future on Aptos, this foundational library will be yours too.

On-chain security calls for new standards

Problems we see: Duplication of modules, lack of standards

After several recent on-chain security incidents in the crypto industry, the entire Web3 community has once again paid the most direct attention to the old topic of infrastructure security. Although technology is constantly improving, we cannot avoid a reality: without unified standards and audit mechanisms, any basic module that reinvents the wheel may become a potential source of risk.

Move is a language born for resources and security, and Aptos has always provided developers with an excellent chain-level experience with parallel execution and native upgrade capabilities. However, in the process of our cooperation with many Aptos project parties, we have repeatedly found a key shortcoming: the ecosystem lacks a public basic module library that is reliable, reusable, and auditable. A large number of teams have implemented and maintained their own permission control, upgrade system, basic tool functions, etc., which is not only inefficient, but also weakens the overall security of chain-level applications.

We decided to take action: Movemaker and Alcove jointly launched

In order to solve this underlying shortcoming, Movemaker, the official Chinese community of Aptos, jointly launched a structured open source plan with Alcove, Asias first Move ecosystem developer organization - the Aptos Move Secure General Purpose Base Library initiative.

The initiative aims to provide a set of strictly audited, secure, reliable, modular and easy-to-use standard components for Aptos smart contract development, thereby accelerating the development and maturity of the Aptos ecosystem. Movemaker has long served the Aptos Chinese developer community and understands the actual needs of local developers; and alcove has gathered a group of technical members with experience in Move underlying development, auditing and toolchain construction, which can lay a solid foundation for the development and governance of this basic library.

📌The proposal has been launched on GitHub and is now open to all Aptos developers. Please click to view details and submit PR: https://github.com/ALCOVE-LAB/aptos-movekit

Next we will introduce the goals, mechanisms and ways to participate in this initiative - we hope that you will not only be a reader, but also a collaborator.

We are based on Aptos innovative redesign

This initiative is a long-term, systematic open source project for the entire Aptos development ecosystem. We are gathering resources, standardizing processes, and building mechanisms with only one goal, which is to create a gold standard library for Aptos that is widely adopted, trusted, and audited, just like OpenZeppelin is for EVM.

In the EVM ecosystem, OpenZeppelin Contracts has been proven to effectively improve security, accelerate development efficiency, and lower barriers to entry. But we are well aware that Move and Aptos are not mirror images of EVM. They have fundamental differences in language paradigm, account model, state management, upgrade mechanism, and execution architecture. For this reason, Moves resource-oriented model, bytecode verifier, formal verification support, and Aptos parallel execution and native package upgrade mechanism provide us with an excellent opportunity to build a more secure and performant basic library.

The following is the complete proposal for this plan. We invite every Builder who is building on Aptos to participate in depth, and we also welcome you to spread the idea of this infrastructure.

What we have prepared: from funding, organization to mechanism

  • Startup Funding: Movemaker provides an initial $200,000 grant to:

    • Development and maintenance of core modules.

    • Professional security audit fees.

    • Developer incentives and bounty programs.

    • Document writing and community operation support.

    • Necessary toolchain and infrastructure construction.

  • Development organization: Alcove is the project leader and coordinates community development resources, responsible for management processes, technical support, security audits, etc.

  • Support from multiple resources: Various project parties, independent developers, and security audit companies will participate in the development, testing, and review of basic modules in stages;

  • Governance mechanism: PR review, test verification, Move Prover verification, pre-audit, bounty incentives, and transparent execution of the entire process.

What we want to build: the infrastructure foundation of the Move ecosystem

  • Build core basic libraries: Develop a set of Move modules covering core functions such as access control, upgrade management tools, DeFi modules and general tools.

  • Improve ecosystem security: Leverage the inherent security features of the Move language (such as reentrancy prevention and strong typing) and combine rigorous testing, formal verification, and independent security audits to ensure the highest security of the library.

  • Promote developer adoption: By providing high-quality, easy-to-understand documentation, tutorials, and examples, we can reduce the learning curve of the Move language and attract more developers to the Aptos ecosystem.

  • Establish a community co-construction model: Establish an open and collaborative development process to encourage project teams, independent developers, and security audit companies to participate to ensure the quality, relevance, and sustainability of the library.

  • Accelerate ecological development: Provide a reliable foundation for Aptos dApp developers, accelerate innovation, reduce the cost of reinventing the wheel, and thus promote the prosperity of the Aptos ecosystem.

How to participate in co-construction? Every developer can become a promoter

We believe that a truly credible and reusable smart contract base library must be jointly built by the ecosystem. Therefore, this initiative is open to all Aptos developers. Whether you are from a team project or an independent creator, you can participate in the co-construction in an appropriate way:

  • How to participate: If you are a developer team with existing projects on Aptos, you can participate in the development, testing and integration of core modules, and transform the pitfalls and best practices you have encountered in actual business into standard components that can be reusable throughout the ecosystem. This will not only improve the security of your project, but also contribute to the entire ecosystem.

  • Independent developers also have a stage: If you are a Move enthusiast or independent developer, we will continue to recruit module contributors through code challenges, Bounty programs, and public task pools. Alcove will provide complete contribution guidelines, development documents, and technical support to help you join from 0 to 1.

  • The participation method is simple and clear: all module development will be conducted openly on GitHub, using the Pull Request (PR) mechanism. All codes must pass automated testing and Move Prover verification, and be merged after review by core contributors. Audit and version management mechanisms will also be implemented simultaneously to ensure that every line of code can withstand inspection.

What tools and resources will we provide?

In order to lower the participation threshold and improve development efficiency, we will also build a complete set of ecological tools and support systems:

  • Core module library: including reusable components such as access control, module upgrades, DeFi basic logic, and security tools;

  • Multi-language SDK: supports languages such as TypeScript, Python, Rust, Go, etc. to simplify on-chain operations;

  • Standardized API: Provide application developers with easier-to-access on-chain data query and interaction interfaces;

  • Developer tool support: including VS Code plug-ins, CLI extensions, debugging tools, etc. to improve the coding experience;

  • Project templates and sample code: ready-to-use sample projects that allow you to quickly build your own applications.

Whether you are a beginner or an experienced developer, as long as you care about the technical future of Aptos, this set of basic libraries and tool systems will be your indispensable starting point.

Conclusion: The starting point of an ecosystem-level infrastructure

Building a Move open source base library inspired by OpenZeppelin on Aptos is a project with long-term strategic value for the entire ecosystem. We will make full use of the Move languages advantages in resource security and strong typing, combined with the parallel execution and native upgrade capabilities of the Aptos platform, to create a safer, more efficient and friendly smart contract development environment for developers.

By combining the security rigor of OpenZeppelin with the technological innovation of Move/Aptos, this basic library is expected to become the core cornerstone of Aptos dApp development, reduce duplicate development costs, speed up product iteration, and promote the evolution of the ecosystem in a more professional and robust direction.

The success of this open source initiative is inseparable from the joint efforts of all builders. We sincerely invite Aptos project parties, independent developers and security experts to join in the construction and polish a set of truly reliable, reusable and auditable underlying standards. If you are building the future on Aptos, then this basic library will also belong to you.

About Movemaker

Movemaker is an official community organization authorized by the Aptos Foundation and jointly initiated by Ankaa and BlockBooster, focusing on promoting the construction and development of the Aptos Chinese ecosystem. As the official representative of Aptos in the Chinese region, Movemaker has received millions of dollars in funding and resource support from the Aptos Foundation, and will be committed to building a diverse, open and prosperous Aptos ecosystem by connecting developers, users, capital and many ecological partners.

From DeFi, AI to payments, stablecoins and RWA, Movemaker is committed to supporting innovative projects and promoting the connection between Aptos technology and the real world. As an important bridge for Aptos in Asia, Movemaker is using localized narratives and a global vision to inspire more developers to join the Aptos ecosystem.

About Alcove

Alcove is the first Chinese Move developer community in Asia co-built by Aptos, dedicated to supporting developers to build a new generation of Web3 applications using the Move language. The community brings together a large number of developers with Move underlying development, contract security, and toolchain building capabilities, and has contributed practical experience in multiple Aptos projects.

Original article, author:Movemaker。Reprint/Content Collaboration/For Reporting, Please Contact report@odaily.email;Illegal reprinting must be punished by law.

ODAILY reminds readers to establish correct monetary and investment concepts, rationally view blockchain, and effectively improve risk awareness; We can actively report and report any illegal or criminal clues discovered to relevant departments.

Safety
Developer
Aptos
Movemaker

Movemaker

See More
Recommended Reading
Editor’s Picks
twitter.png
discord.png
telegram.png Group
telegram.png Channel
weibo.png
Github.png