As blockchain systems face new pressures from emerging technologies and intensifying security risks, the BSSC has released a new Smart Contract Security Standard as well as significant revisions to its Node Operation Standard and General Security and Privacy Guidelines.
May 14, 2026 — The Blockchain Security Standards Council (BSSC) has released its first Smart Contract Security Standard in tandem with wide-ranging updates to its Node Operation Standard and General Security and Privacy Guidelines. These standards offer a clear and practical framework for organizations building or evaluating blockchain-based systems, and for potential customers to assess whether a provider offers a secure and trustworthy service.
Ubiquitous across decentralized finance (DeFi) and tokenized real-world assets (RWAs), smart contracts have also been a frequent target for attacks. The new Smart Contract Security Standard addresses this directly, covering the full lifecycle of a smart contract application from development to deployment, to ongoing operations. Designed to be chain-agnostic, it addresses both code and governance mechanisms as risk surfaces.
“Security for smart contract applications has never been achieved in a single security audit or at a single moment in time — it requires controls and procedures across the lifecycle of a digital asset or application,” said John Neufeld of OpenZeppelin, editor of the Smart Contract Security Standard. “The Smart Contract Security Standard gives builders the precision they've been missing: a clear, blockchain-agnostic baseline for what good security looks like on the application layer, end to end.”
The updated Node Operation Standard introduces several key changes, including new guidance on protecting systems and their customers against future quantum computing threats that could break today’s cryptographic methods, and requirements to make information available to customers. The update also adds more detailed explanations of requirements to support consistent implementation.
"Trust between node operators and their customers has to rest on clear controls and clear disclosure," said Max Courchesne-Mackie of Figment, editor of the Node Operation Standard. "Version 2 restructures the standard so every requirement is named, testable, and tied to a defined audience. That turns a set of principles into something the industry can audit against."
The General Security and Privacy (GSP) Guidelines are designed to help blockchain-focused organizations address security and privacy risks relevant to them without going to the lengths of meeting much broader frameworks such as ISO27001. The GSP Guidelines act as a practical bridge toward meeting those standards, helping teams align blockchain-specific practices with security best practices.
The updates to the GSP largely clarify and add explanation to requirements to help with consistent explanation, along with references to crucial areas for organizations, such as Key Management
Across all three specifications, BSSC has introduced a more uniform structure and clearer explanations of requirements. In particular, the updates distinguish between information that must be publicly available and information that must be auditable without exposing sensitive or personally identifying content.
Each updated specification includes a detailed summary of changes from previous versions to help existing users quickly identify what has changed and what actions are required.
The updates reflect ongoing shifts in the technology landscape, including the growing influence of AI and the emerging risks and opportunities associated with quantum computing. Rather than speculating about distant scenarios, the BSSC has focused on what matters now, while keeping the standards adaptable as the field evolves.
The specifications are developed by the BSSC Technical Working Group, with contributions from a broad set of member organizations. This release also marks the first time General Members participated in the formal review process, contributing approximately 100 comments across the three specifications. All feedback was reviewed and addressed by the members of the Technical Working Group, resulting in further refinements.
To learn more about the new Smart Contract Security Standard and the latest updates, register for the upcoming BSSC webinar, taking place June 11, 2026, at 11am ET. During the session, contributors will walk through the significance and real-world implications of the new Smart Contract Standard, as well as the updates to existing standards.
The Blockchain Security Standards Council (BSSC) is a nonprofit organization dedicated to enhancing the security of blockchain systems and the digital assets on them. The BSSC develops security standards and audit frameworks to protect the integrity and continued growth of the blockchain ecosystem. For more information about the Council and its initiatives, please visit https://www.blockchainssc.org/.
Lillian Guinther
