DeFi Security
Summit
Buenos Aires, Argentina


.avif)





.avif)





What is DSS
.avif)
What is DSS

.avif)












The Venue
DSS 2025 will be hosted at La Rural in Buenos Aires, Argentina — the same venue as Devconnect.
Address: Av. Sarmiento 2704, C1425 Cdad. Autónoma de Buenos Aires
Speakers

Head of DeFi Engineering at Lido

Co-Founder and CTO, Gearbox Protocol

Core Team: Solutions Engineer, Security Ops, AI R&D at Spearbit

R&D at Safe

Blockchain Security Engineer at Coinbase

Blockchain Threat Researcher, BlockThreat

Senior Blockchain Engineer at Concordium

Security Engineer at ChainSecurity

Head of Security, Celo

Security Researcher at OpenZeppelin

Founder & CEO at Olympix

Security Researcher & Triage Lead at Immunefi
Security Engineer at Vyper

Chief Blockchain Officer, Kerberus

CEO, Runtime Verification
PhD student at Yale

Principal Engineer at Fireblocks

Tech Lead at Sky

CTO, Mimic

PhD Student at KTH, Royal Institute of Technology

Head of DevRel at Chronicle Labs

Smart Contracts Lead at Balancer

Security Researcher at Certora

DSS 101
DeFi Security 101 is a one-day intensive course specifically designed for builders who wish to deepen their understanding of web3 security.
DSS 101 provides a strong foundation, equipping participants with the necessary knowledge and skills to engage effectively with DSS main conference and the broader web3 security space.
Whether you’re new to security or looking to sharpen your skills, this hands-on technical event is the perfect start to your web3 security journey.
Schedule
Gearbox Protocol introduces a novel governance design based on architecture provides institutions and counterparties with guarantees of safety and long-term resilience while enabling flexibility through modularity and extensibility.
Tomer Ganor, Security Research Tech Leader, Certora
We analyze three game theoretic models of these dynamics and determine the challenge period length required to ensure the defender's success, as a function of the number of required protocol moves and the players' available budgets.
Ivy, a new Vyper interpreter, executes Vyper AST in a custom EVM and enables Csmith-style semantic equivalence testing against the compiler's bytecode. AST-aware, type-safe contract generator enables wide language coverage: generate contract → execute traces → compare semantics.
We'll define Coverage Classes, and from there give a structured definition and an algorithm to enumerate an over approximation of feasible Logical Combinations, with the goal of making auditors and developers know when they have actually reviewed 100% of the code.
This talk gives a survey of the common knowledge gaps that block understanding of mathematical code, then reverse-engineers Uniswap V3's getTickAtSqrtPrice() function as an example.
An infamous example for rounding errors are ERC-4626 vaults. Hence, we dissect the ERC-4626 conversion formula that OpenZeppelin came up with in defense. We will show how this virtual liquidity works and the absolute and relative error bounds that can be observed compared to the real-valued formula.
Oracle teams and risk committees rely on previewDeposit/previewMint as if they were binding promises. They aren’t.
Many “checks” are unit-tests that don’t model donations, flash liquidity, or time-dependent exchange rates.
This pressing issue motivates us to propose a novel referendum mechanism for DAOs with the objective of optimising the time taken to decide the outcome.
.png)
Coming Soon!
What do you do when the bug is confirmed, it affects 100M+ in user funds, and governance has limited options to control the affected contracts?
Millions of user funds were at risk, but it was patched before it could be exploited.
alter smart contract security assumptions and functionality. This talk examines the key EIPs in the recent and upcoming hard forks and their implications on smart contracts. Understanding Ethereum's trajectory is crucial for both developers and security researchers to build resilient applications that can maintain security guarantees across protocol changes
Panelists:
Joel Kerr, Head of DeFi Security, Coinbase
Jota Carpanelli, Head of Security Services, OpenZeppelin
Max Courchesne-Mackie, Security Architect and Red Team Lead, Figment
Areta Market is flipping this on its head with a builder-first audit marketplace that offers cost savings, competitive quotes, and rapid turnaround across ecosystems like Uniswap, Base, and Scroll.
I want to present, during this talk, recent cases that happened in Web3 (and beyond), to be able to better identify them in the future.





