Outsmarting Smart Contracts - Security Vulnerabilities and Attack Vectors

Explore the intricacies of smart contract security in this 43-minute conference talk from OWASP AppSec EU 2018. Delve into the world of blockchain technology, focusing on the second generation that enables programmable transactions through smart contracts. Examine the Ethereum platform, its cryptocurrency Ether, and the Solidity programming language used for smart contract development. Uncover potential vulnerabilities and common design flaws that have led to multi-million dollar thefts in the past. Learn about spectacular hacks like the $30M Parity incident and gain insights into preventing such costly mistakes. Discover the challenges of responsible vulnerability disclosure in the blockchain ecosystem and a proposed mechanism for securely notifying contract owners. Gain a comprehensive understanding of attack vectors specific to decentralized, publicly visible smart contracts and acquire knowledge on identifying and mitigating these vulnerabilities.