Just like all software, smart contracts on the blockchain are subject to serious security vulnerabilities and coding errors. The fact however that smart contracts are often directly in charge of assets and cannot be changed once they are on the blockchain, makes secure development and running essential. Some smart contract platforms have their own languages, for example Solidity in Ethereum. Bugs and vulnerabilities in the source code, and errors in the virtual machines used by the network, are the main reasons behind security issues in smart contracts.
Projects using blockchain applications should expect constant changes in the security landscape. New bugs, security risks, and best practices will continue to emerge over time. Trail of Bits is a software security firm who advise in a range of industries for some top companies, including in the blockchain space. They are experts at identifying top-level risks and implementation vulnerabilities, and providing essential recommendations on best practices. Dan Guido, the CEO and Co-founder, explains all things software security in a really detailed and technical, yet easy to digest way. We also recommend you check out their exceptional blog packed with invaluable resources.
Topics covered in this episode:
Dan’s background and how he came to create Trail of BitsWhat led Dan into the blockchain fieldHow security software has changed over the last 20 yearsThe unique challenges for security on blockchain and smart contract protocolsSmart contract languages and securitySlither - Trail of Bits’s suite of Ethereum based security toolsDan’s opinion on Solidity’s future and Vyper as an alternativeFormally Verified LanguagesA use case on how Trail of Bits worksWorking with upgradeable contractsComposability and securityAre compilers trustworthy?Other security issues in the blockchain space as DeFi growsThe future of software security and the role of AIEpisode links:
Trail of Bits WebsiteAnatomy of an Unsafe Smart Contract Programming LanguageSlither, GithubSlither: The Leading Static Analyzer for Smart Contracts246 Findings From our Smart Contract Audits: An Executive SummaryRapid Risk Assessment (RRA)Our Full Report on the Voatz Mobile Voting PlatformA Guide to Post-Quantum CryptographyBSides Lisbon 2016 - Keynote - The Smart Fuzzer Revolution by Dan GuidoThe Smart Fuzzer RevolutionTrail of Bits TwitterDan Guido TwitterThis episode is hosted by Sebastien Couture & Friederike Ernst. Show notes and listening options: epicenter.tv/346
Patrick O'Grady: Avalanche – Building High Performance VMs With HyperSDK
Vitalik Buterin: Ethereum - MEV, Staking Derivatives and Privacy (EthCC 6)
Avril Dutheil: Neutron – Interchain Smart Contracts on Cosmos
Sveinn Valfells: Monerium – Regulated On-Chain Euro (EURe)
Eli Ben-Sasson: Starknet - zk-STARKs and Cairo 1.0 upgrade
Luka Müller: Sygnum Bank & MME Legal – Crypto Regulations & Institutional Investors
Epicenter – Looking Back on 10 Years of Crypto. AI Doom & Gloom? SPECIAL
Zac Williamson & Joe Andrews: Aztec - Privacy-preserving, hybrid ZK rollup
Fig: Squid Router – Sub-20 Second Cross-Chain Swaps. Axelar-Powered Interoperability
Collin Myers & Oisín Kyne: Obol Network - Distributed Validator Technology (DVT)
Ben DiFrancesco: Umbra – Privacy Preserving Token Transfers
Emin Gün Sirer: Avalanche – The Future of Crypto: From Gaming to LLM-Powered Smart Contracts
Ali Yahya: Andreessen Horowitz – A16z Crypto Investment Thesis
Jose Macedo: Mars Protocol – Red Bank' Credit on Cosmos via Osmosis
John Letey: KYVE – Decentralised and Accessible Data Storage
Tim Galebach: Uqbar – Smart Contracts on Urbit
Ryan Zurrer: Dialectic AG - A Decade of Crypto Ventures: From BTC mining to P2E gaming
Barry: Dymension – Modular Blockchains and RollApps
Laurence Ion & Vincent Weisser: Vita DAO – From DeSci to Longevity Research
David Schwartz & Jordi Baylina: Polygon zkEVM – From Mainnet to Mass Adoption - Part 2
Create your
podcast in
minutes
It is Free
The Commercial Edge: Unleash the Power of People
The emPOWERed Half Hour
Aligned Money Show
Dubai Property Podcast
IBKR Podcasts
The Ramsey Show
The Clark Howard Podcast