Securing Ethereum smart contracts

This talk is presented by the team behind PolySwarm - the first decentralized threat intelligence market. Each member of the PolySwarm team brings over a decade of information security experience, drawing from academia, industry and government employment. Most recently, the team successfully conducted research into on-chain confidentiality on behalf of the US Department of Homeland Security.

Vulnerabilities in Ethereum smart contracts have resulted in the loss of 100s of million USD and have put near 1 billion USD in cryptocurrency at risk. Despite the enormous amount of funds entrusted to these contracts, our community is still in the infancy of understanding secure smart contract design.

This example-driven talk will deconstruct real-world smart contract vulnerabilities, reverse engineer in-the-wild exploitation tactics and discuss defensive coding practices that will help developers avoid pitfalls in the future. The talk will close with a survey of the current state of the art in autonomous and manual-assist smart contract auditing tools.