Abstract
Blockchain systems and services built on top of them like DEXes or NFTs are getting increasingly popular with the general public. Many blockchain companies gain an immense amount of backing from crowdloans, making them lucrative targets to hackers. In the past years we have seen massive hacking incidents against blockchain networks where tokens worth millions of dollars were stolen or locked forever.
In this talk, we outline our methodology on auditing open-source code and identifying vulnerabilities in the Substrate blockchain ecosystem. We walk the audience through common vulnerabilities in blockchain networks and highlight already existing solutions to mitigate them. We also give an insight into how our tooling helped automate these blockchain security audits.
About the Speakers
- Regina Bíró is a Senior Security Expert with a focus on blockchain security and Android security at SRLabs. She obtained her master’s degree at UNITN and ELTE (Budapest) in the Security and Privacy track of EIT Digital.
- Louis Merlin is a Security Expert that has been working at the intersection of fuzzing and blockchain at SRLabs. He is a 2021 graduate of the Swiss Federal Institutes of Technology in Lausanne and Zürich (Switzerland) with a Master in Cybersecurity. Passionate about CTFs, the web and security.