Overview
Explore known vulnerabilities in smart contracts and blockchain networks in this HITB GSEC 2018 conference talk. Delve into specific issues that have occurred on the Ethereum blockchain, applicable to any platform using the Ethereum Virtual Machine. Learn about best practices to mitigate these vulnerabilities. Examine potential attack vectors on the Bitcoin network and similar peer-to-peer validation systems. Cover topics including integer underflow/overflow, timestamp dependence, denial of service, reentrancy attacks, Parity Wallet attacks, short address attacks, honeypots, 51% attacks, long-range attacks, TEE-based consensus, partitioning attacks, and delay attacks. Gain insights from cybersecurity expert Jorden Seet, who shares his experience in penetration testing, smart contract auditing, and blockchain development.
Syllabus
Intro
Blockchain is a special kind of Database
Blockchain is a Distributed Ledger
What are Smart Contracts?
Why do Smart Contracts need Blockchain?
Integer Underflow/Overflow
Timestamp Dependence
Denial of Service
Reentrancy Attack
Parity Wallet attacks
Short Address Attack
Honeypots
51% Attack (Proof of Work)
Long Range Attack (Proof of Stake)
TEE-based consensus
Partitioning Attack
Delay Attack
Questions?
Taught by
Hack In The Box Security Conference