A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Subscribestar or Patreon

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


Hacking Smart Contracts--A Methodology - Konstantinos Karagiannis NolaCon 2018 (Hacking Illustrated Series InfoSec Tutorial Videos)

Hacking Smart Contracts--A Methodology
Konstantinos Karagiannis
@KonstantHacker

The DAO hack of June 2016 was the moment smart contracts entered mainstream awareness in the InfoSec community. Was the hope of taking blockchain from mere cryptocurrency platform to one that can perform amazing Turing-complete functions doomed? We’ve learned quite a lot from that attack against contract code, and Ethereum marches on (even though multi-million dollar hacks, like Parity Wallet, still happen). Smart contracts are a key part of the applications being created by the Enterprise Ethereum Alliance, Quorum, and smaller projects in financial and other companies. Ethical hacking of smart contracts is a critical new service that is needed. And as is the case with coders of Solidity (the language of Ethereum smart contracts), hackers able to find security flaws in the code are in high demand. Join Konstantinos for an introduction to a methodology that can be applied to Solidity code review … and potentially adapted to other smart contract projects. We’ll examine the few tools that are needed, as well as the most common types of flaws, illustrated using either public or sanitized real world” vulnerabilities.

Recorded at NolaCon 2018

Back to NolaCon 2018 video list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2020, IronGeek
Louisville / Kentuckiana Information Security Enthusiast