Second DeFi Security Summit

July 15th & 16th 2023

La Maison de la Chimie, 28 Rue Saint-Dominique, 75007 Paris, France

Preceding EthCC6

After an overwhelming response to the first DeFi Security Summit at Stanford, we’re thrilled to be back with the second iteration. This year we will convene at the historic La Maison de la Chimie in Paris, France for two full days directly preceding EthCC.

Over the course of two days, we will hear from the world’s leading DeFi security researchers, auditors, and hackers on how they are working to stay one step ahead – and how you can too. We’ll explore some of the biggest exploits, and dive into practical ways that you can integrate tools and techniques to prevent these types of attacks and increase security coverage for your code.

Since our last summit, we’ve continued to see novel DeFi hacks that have led to billions of dollars of losses. Preventing and mitigating these attacks is critical not only for protecting existing users, but for the success and growth of DeFi as a whole.

Schedule

Saturday

08:30-09:00 Opening – John Mitchell & Mooly Sagiv, Co-Founders of the DeFi Security Summit

Session 1: DeFi Protocols 1

Session chair – Merlin Egalité, Morpho

09:01-09:20 Eugene Pshenichny, Lido – Lido v2 upgrade from a security perspective [View Slides]

09:21-09:40 Anton Permenev, Security Engineer, ChainSecurity – DeFi invariants: examples and challenges [View Slides]

09:41-10:00 Peter Kacherginsky, Blockchain Threat Researcher, Coinbase – The State of DeFi Security

10:01-10:15 Coffee break

Session 2: DeFi Protocols 2

Session chair – Eugene Pshenichny, Lido

10:16-10:35 Mikhail Lazarev, Inventor & CTO, Gearbox Protocol – Continuous Management & Continuous Delivery [View Slides]

10:36-10:55 Quentin Garchery, Protocol researcher, Morpho Labs – Formally verifying Morpho [View Slides]

10:56-11:15 Daniel Von Fange, Security Engineer, Origin Protocol – Safe Upgrades: The most dangerous game [View Slides]

11:15-11:30 Break

Session 3: Network & VM

Session chair – Mikhail Lazarev, Inventor & CTO, Gearbox Protocol

11:31-11:50 Yoav Weiss, Security Fellow, Ethereum Foundation and Oren Fine, Co-Founder and CTO, SphereX – Masquerading code in Etherscan [View Slides]

11:51-12:10 Alex Manuskin, PM & blockchain researcher, Starkware – Unchained Starknet Security [View Slides]

12:11-12:30 Hari Mulackal, Co-founder, Spearbit – EVM Design Mistakes [View Slides]

Lunch break and sponsor interviews

12:31-13:30

Interviews:
12:31 – Trail of Bits
12:41 – Sigma Prime
12:51 – Lido
13:01 – Polygon
13:11 – Electric Capital
13:21 – Certora

Session 4: AI Panel

13:31-14:15
Moderator:
Curtis Spencer, Co-Founder, ElectricCapital
Panelists:
Chris Hart, CEO, Civic Technologies
Liyi Zhou, Co-founder, D23E
Joe Van Loon, CEO, Auditware
Lucas Martin Calderon, Founder & CEO, Pentestify

Session 5: Economic Risks Panel

14:16-15:00

Moderator:
Tarun Chitra, CEO, Gauntlet

Panelists:
Alex Marx, Web3 Risk Consultant, former Analyst at Coinbase
Marijo Radman, Co-Founder & CTO, Solity Network
Primoz Kordez, Founder, Block Analitica
Yaron Velner, Founder, B. Protocol

15:01-15:15 Break

Session 6: Tools Panel

15:16-16:15
Moderator:
Fraser Brown, CTO, Cubist and Assistant Professor, Carnegie Mellon University
Panelists:
Bhargav Bhatt, Research Engineer, Web3 Foundation
Gary Thung, Software Engineer, Electric Capital
Nat Chin, Senior Security Engineer, Trail of Bits
Patrick Ventuzelo, CEO, Fuzzinglabs
Uri Kirstein, Developer relations and developer, Certora
Yannis Smaragdakis, Co-Founder, Dedaub

16:16-16:30 Coffee break

Session 7: Monitoring Panel

16:31-17:30

Moderator:
Ernesto Boado, BGD Labs (AAVE)

Panelists:
Alexander Seleznev, CEO, Pessimistic Security
Carlos Salort Sanchez, Senior Data Scientist, Forta Foundation
Domantas Pelaitis, CTO, Lossless
Gal Sagie, CEO, Hypernative
Meir Dolev, Co-Founder & CTO, Cyvers.AI
Assaf Eli, Co Founder & CTO, Ironblocks
Yajin (Andy) Zhou, CEO of BlockSec and Professor of Zhejiang University
Yaniv Nissenboim, Co-Founder & CEO, Hexagate

17:31-17:45 Break

Session 8: Wallets Panel

17:46-18:45

Moderator:
Francesco Andreoli, Developer Relations Manager, ConsenSys/MetaMask

Panelists:
Clément Bihorel, Product Lead, Safe (Core)
Dima Kogan, Cofounder & CTO, Fordefi
Riad Wahby, CEO, Cubist & Assistant Professor, Carnegie Mellon University
Shahar Madar, Head of Security Products, Fireblocks
Taariq Lewis, Founder & CEO, Volume Finance
Yoav Weiss, Security Fellow, Ethereum Foundation

18:46-19:00 Drinks and snacks break
Snacks and drinks will be served until 21:00

Session 9: Focused Talks 1

Session chair – Josselin Feist, Engineering Director, Trail of Bits

19:01-19:10 Or Dadosh, Co Founder & CEO, Ironblocks – The First 60 Minutes: How to Stop Hackers [View Slides]

19:11-19:20 Gal Sagie, CEO, Hypernative – New Web3 security paradigm – Detecting an attacker and not a vulnerability [View Slides]

19:21-19:30 Andrew Beal, Ecosystem Lead, Forta Foundation – Web3 Threat Intelligence: What is it, how we get it, and how you can use it [View Slides]

19:31-19:40 Herman Junge, Lead Security Technical Manager, MetaMask – Menpo – DeFi Incident Database [View Slides]

19:41-19:50 Liyi Zhou, Co-founder, D23E – DeFi Hack Detection and Prevention [View Slides]

19:51-20:00 Andres Monty, Founder and CEO, Range – Mitigative measures for bridge exploits: With an emphasis on the Cosmos ecosystem and IBC [View Slides]

20:00-20:15 Cocktail Break

Session 10: Focused Talks 2

Session chair – Mudit Gupta, CISO at Polygon & Technical Partner, Delta Blockchain Fund

20:16-20:25 Yaron Velner, Founder, B. Protocol – Simple Economic Risk Approximations [View Slides]

20:26-20:35 Picodes, Co-founder & CTO, Angle Labs – Assessing Risks for Stablecoin Protocols [View Slides]

20:36-20:45 Gary Thung, Software Engineer, Electric Capital – The power of code search for smart contracts [View Slides]

20:46-20:55 Riad Wahby, CEO, Cubist & Assistant Professor, Carnegie Mellon University – No Silver Bullet: A brief survey of key management technology [View Slides]

20:56-21:05 Kang Li, CTO, CertiK – Unpacking Move VM Security: Expected Guarantees and Implementation Pitfalls [View Slides]

21:06-21:15 Justin Jacob, Blockchain Security Engineer, Trail of Bits – Cairo 1.0: Differences and Security Considerations [View Slides]

Sunday

Session 11: Focused Talks 3

Session chair – Isaiah Wash, Coinfund

08:30-08:40 Mark Toda, Protocol Engineer, Uniswap Labs – Flash Everything with TSTORE: Uniswap V4 Architecture Overview – Singleton & Flash Accounting [View Slides]

08:41-08:50 Jeremiah Smith, Co-founder and CEO,
OpenCover – The state of DeFi insurance [View Slides]

08:51-09:00 Break

Session 12: Vulnerabilities & Exploits

Session chair – Spencer MacDonald, Co-founder, Spearbit

09:01-09:20 Andrei Kozlov, Co-Founder of BGD Labs – Security challenges of Aave Governance v3 [View Slides]

09:21-09:40 Hossam Mohamed, Senior Security Architect, Halborn – Breaking Digital Asset Custody Solutions [View Slides]

09:41-10:00 Xin Wan, Research Scientist at Uniswap Labs – Economics Security Of Onchain Oracles [View Slides]

10:01-10:20 Matthias Egli, Co-Founder & CTO, ChainSecurity – Deployment Validation and the Introduction of the DVF Standard: Enhancing the Security and Accountability of Blockchain Projects [View Slides]

10:21-10:40 Dmitry Khovratovich, Cryptographer at Ethereum Foundation & Founder of ABDK Consulting – Zero Knowledge Security in DeFi and elsewhere [View Slides]

10:41-10:55 Break

Session 13: Monitoring & Incident Response

Session chair – Mehdi Zerouali, Cofounder & Director, Sigma Prime

10:56-11:15 Yajin (Andy) Zhou, CEO of BlockSec and Professor of Zhejiang University – Securing Web3 Through Proactive Threat Prevention [View Slides]

11:16-11:35 Adrian Hetman, Tech Lead of Triaging, Immunefi – How Immunefi is fighting for you behind the scenes [View Slides]

11:36-11:55 Heidi Wilder, Lead Blockchain Security Research, Coinbase – Rekt pilled: What to do when your dApp gets pwned and how to stay kalm [View Slides]

11:56-13:00 Lunch Break

Session 14: Formal Verification

Session chair – Yannis Smaragdakis

13:01-13:20 Netanel Rubin-Blaier, Security Engineer, Certora – Improving the Security of DeFi Math Libraries [View Slides]

13:21-13:40 Palina Tolmach, Verification Engineer,
Runtime Verification – Towards Adoption of Symbolic Execution for DeFi Security [View Slides]

13:41-14:25 Formal Verification Panel

Moderator:
Kurt Barry, Security Researcher, Fixed Point Solutions LLC

Panelists:
Fraser Brown, CTO, Cubist and Assistant Professor, Carnegie Mellon University
Ghila Castelnuovo, R&D Director, Certora
Grigore Rosu, CEO, Runtime Verification
Jon Stephens, CTO, Veridise
JulianSutherland, Head of formal verification, Nethermind

14:26-14:40 Break

Session 15: Bridges Panel

14:41-15:25

Moderator:
Mudit Gupta, CISO at Polygon & Technical Partner, Delta Blockchain Fund

Panelists:
Hugo Philion, Co-Founder & CEO, Flare Network
Irene Wu, Head of Strategy, LayerZero Labs
Robert Chen, CEO, OtterSec
Valerian Callens, Senior Research Engineer, Quantstamp
Yosuke Aramaki, Optimistic x Liquidity less bridge, Pheasant Network

Session 16: Audits: Conventional vs Community Panel

15:26-16:25

Moderator:
Rajeev, Founder, Secureum

Panelists:
Gonçalo Sá, Co-founder, Consensys Diligence
Hari Mulackal, Co-founder, Spearbit
Jack Sanford, Co-Founder, Sherlock
Josselin Feist, Engineering Director, Trail of Bits
Mehdi Zerouali, Cofounder & Director, Sigma Prime
Mitchell Amador, CEO, Immunefi
Sock, Primary Sock, Code4rena

16:26-16:40 Break