Breaking Smart Contracts for Fun and Profit
At Bitcoin Wednesday on 6 February, 2019, ChainSecurity’s lead auditor, Daniel Fischmann will give an overview of Ethereum smart contracts from a security perspective. In his work with ChainSecurity Daniel has investigated the security guarantees for Augur, Kyber Network and DAOStack, among others.
Daniel writes, “In the early days 0-day vulnerabilities went undisclosed and were distributed on mailing lists to gain the respect of other security researchers, with barely any profit to be made. Nowadays however, smart contracts hold millions of dollars in crypto assets and are often neither verified nor audited.”
At Bitcoin Wednesday Daniel will present fundamental flaws in smart contracts and run through a selection of case studies (i.e. hacks) that demonstrate new exploitation techniques inherent to blockchain systems. His talk will also cover tools for the analysis of solidity smart contracts and research approaches that can mitigate some of the previous attacks.
Daniel has a Bachelor’s degree in computer science from ETH Zurich. He completed a thesis on differential privacy for machine learning for the ETH System Security Group. In addition to his work at ChainSecurity, Daniel has pursued an interest in trading and financial markets by working briefly at Deutche Bank and maintaining a long/short crypto assets portfolio. He is also completing a Master’s degree at ETH in distributed machine learning.