Breaking smart contracts
2019-05-17, 10:00–12:00, Workshop 1

Some of the most financially devastating hacks in recent years have happened on the blockchain. This Ethereum focused workshop, will teach you the fundamentals of writing and breaking smart contracts.

In this workshop, we will teach students how to write smart contracts in the Solidity programming language. Solidity is easy to learn, but hard to get right.

The approach to training we’ll take in this session will be to provide a series of simple coding challenges, where participants are asked to write the code to implement a simple program, such as a coin toss, a transferable token (like a coin), or an auction. We’ll allow an appropriate amount of time for each step, and then provide a solution.

Then the fun part! We will walk the participants through the steps to break their contracts.

Classes of vulnerabilities we’ll explore include:

Reentrancy attacks
Forcible sends
Front Running

Maurelian is a lead security engineer at ConsenSys Diligence, where he works to ensure that Ethereum smart contracts are transparent, trustworthy, and reliable. He helped build a decentralized name registrar for the Ethereum Name Service; authoring the spec and auditing the final implementation. He is a regular writer and speaker on smart contract security. Prior to joining ConsenSys, Maurelian worked at Coinbase.

Shayan is currently completing his doctoral studies in Information Systems Engineering at Concordia University. He is also working as a security engineer and auditor in ConsenSys Diligence team. He has worked in network and information systems security for several years and has extensive experience as a blockchain engineer in startups as well as contributing to open source projects. He is currently dedicating both his intellectual and professional pursuits towards Blockchain technology. Looking at the technology from an interdisciplinary perspective, Shayan has been working on multiple academic papers varying from exploring the psychology of Blockchain to decentral exchanges.