COMMSEC: Smart Contract (In)Security


Vulnerabilities in smart contracts have resulted in the loss of 100s of million USD and have put near 1 billion USD in cryptocurrency at risk. Despite the enormous amount of funds entrusted to these contracts, our community is still in the infancy of understanding secure smart contract design.

This example-driven talk will deconstruct real-world smart contract vulnerabilities, reverse engineer in-the-wild exploitation tactics and discuss defensive coding practices that will help developers avoid pitfalls in the future. The talk will close with a survey of the current state of the art in autonomous and manual-assist smart contract auditing tools.

This talk is presented by the team behind PolySwarm ( – the first decentralized threat intelligence market where security researchers are rewarded for their ability to identify malware.

Location: Track 4 / CommSec Date: April 13, 2018 Time: 3:30 pm - 4:00 pm Ben Schmidt