First Annual DeFi Security Summit

Paul & Mildred Berg Hall, Stanford, August 27-28

                        Preceding SBC’22

Register Now

DeFi is an emerging suite of applications for decentralized asset management over blockchain technology. DeFi is becoming a major economic vehicle in modern society. The Ethereum blockchain alone already manages more than 235 billion USD worth of assets. One of the basic principles behind DeFis is that the code is law and computer programs called smart contracts that run on the blockchain dictate the conditions and the effects for asset transactions. This groundbreaking idea has many desirable benefits that originate from trust-minimizing and immutable aspects of decentralized public blockchains. However, vulnerabilities in smart contracts and in their applications may be exploited to steal or deny access to assets managed by them. Mitigation and prevention of such damages are challenging and require new software development and security design methodologies. Hundreds of millions in USD value have already been lost due to vulnerabilities in smart contracts. Therefore, smart contract security is a significant concern for DeFi applications.

Confirmed Speakers

Kurt Barry, MakerDao

Emiliano Bonassi,  DeFi Italy

Boring Crypto

Julien Bouteloup, Founder of Rekt, Blackpool & Stake DAO. Curve Team Member

Tarun Chitra, CEO and Co-Founder at Gauntlet

Nurit Dor, VP Product at Certora

Jared Flatow,VP of Engineering at Compound Labs

Emilio Frangella,  Head of Smart Contracts at Aave

Dan Guido,  Co-Founder & CEO of Trail of Bits

Mudit Gupta, Security Researcher, Delta Blockchain Fund

Hugh Karp, Founder of Nexus Mutual

Dmitry Khovratovich, Researcher at Ethereum Foundation Principal Cryptographer at Dusk Network Founder of ABDK Consulting

Michael Lewellen, Security Project Manager, OpenZeppelin

Richard Ma ,CEO – Quantstamp, Inc.

 

John Mardlin, Security Engineer at Optimism

Christoph Michel, Security Researcher

Sam S, Research Partner at Paradigm and white-hat hacker

Goncalo Sa, CoFounder and Security Researcher Consensys Diligence

Jack Sanford, Co-Founder at Sherlock Protocol

Grigore Rosu, Runtime Verification

Duncan Townsend, CTO and Security Researcher at Immunefi

Christopher Whinfrey, Co-Founder at Authereum

Mehdi Zerouali, Co-founder and Director of Sigma Prime

Tentative Schedule (subject to change)

Saturday

8:30-09:00 Opening

09:00-10:30 Session 1: Protocols Chair: Aparna Krishnan, Opyn

09:00-09:25 Kurt Barry, MakerDao – Maker’s safety and security practices

09:26-09:50 Jared Fatelow, VP of Engineering at Compound Labs – Secure by Design

09:51-10:15 Emlio Frangella, Head of Smart Contracts at Aave – The butterfly effect – How simple oversights turn into smart contract nightmares

10:15-10:30 Discussion

10:30-10:45 Coffee Break

10:45-12:00 Session 2: Auditors Part 1 Chair: Emilio Frangella, Aave 

10:45-11:10 Dmitry Khovratovich, ABDK audits of circuits for zero-knowledge proofs

11:11-11:35 Richard Ma ,CEO – Quantstamp – Flash Loans in the Wild: An Analysis of Attacks & Possible Mitigations

11:36-12:00 Goncalo Sa, CoFounder and Security Researcher, Consensys Diligence – Clear as mud – How compilers look like VMs

12:00-13:00 Lunch Break

13:00-14:45 Sesion 3: Auditors Part 2 and discussion Chair: Kurt Berry, MakerDao

14:45-15:05 Dan Guido, Co-Founder & CEO of Trail of Bits – A profile of causes for early bug death,

15:06-15:30 Michael Lewellen, Security Project Manager, OpenZeppelin Lessons –Learned from 5 Years of Ethereum Security Incidents

15:31-15:25 Mehdi Zerouali, Co-founder and Director of Sigma Prime` – Sigma Prime’s Favorite DeFi Vulnerabilities

15:26-15:50 Discussion on Auditing with all auditors

14:45-15:00 Coffee Break

15:00 -16:05 Session 4: Bridges Chair 

15:00-15:25 John Mardlin, Security Engineer at Optimism – A review of Bridge contract vulnerabilities

15:26-15:50 Christopher Whinfrey, Co-Founder at Authereum – Cross-chain Security

15:50-16:05 Discussion on bridges

16:05-16:30 Coffee Break

15:30-16:30

16:30-18:00 Session 5: Tool workshops open

18:00-19:00 Dinner

19:00-21:00 Bird of a feather ideas (with wine and cheese) Chair: John Mitchell

Sunday

09:00-10:30 Session 6: White Hat Hacking Chair: Curtis Spencer, Electric Capital

09:00-09:25 Emiliano Bonassi, DeFi Italy 

09:26-09:50 Duncan Townsend, CTO and Security Researcher at Immunefi – Bug Bounty Success Stories: War Rooms and New Vulnerability Classes

09:50-10:15 Sam Sun – How do you even write secure code anyways

10:15-10:30 Discussion

10:30-10:45 Break

10:45-12:15 Session 7: Security 1 Chair: Dan Robinson, Paradigm

10:45-11:10 Julien Bouteloup, Founder of Rekt, Blackpool & Stake DAO. Curve Team Member – DeFi Freemason Reptilian

11:11-11:35 Christoph Michel, Security Researcher – Price manipulation exploits

11:35-12:00 Mudit, Security Researcher, Delta Blockchain Fund – TWAP Oracle Manipulation Risks

12:00-13:30 Lunch Break

13:30-15:00 Session 8: Security 2 Chair: Mitchell Amador, Immunefi

13:30-13:55 BoringCrypto – Price manipulation exploits

13:56-14:20 Tarun Chitra, CEO and Co-Founder at Gauntlet – Probabilistic Liquidity Attacks in DeFi

14:21-14:45 Nurit Dor, VP Product at Certora – From high-level DeFi properties to concrete security bugs

14:45-15:00 Discussion

15:00-15:30 Break

15:30-16:35 Insurance Chair: Richard Chen, 1confirmation

15:30-15:55 Hugh Karp, Founder of Nexus Mutual Security Concerns from a User Perspective

15:56-16:20 Jack Sanford, Co-Founder at Sherlock Protocol 

16:20-16:35 Discussion

16:35-18:00 Panel on tools Moderator: Kartik Agarwal; Dan Guido, Paradigm; Goncalo Sa, Consensys Diligence; Grigore Rossu, Runtime Verification; Mooly Sagiv, Co-Founder, Tel Aviv University and Certora

18:00- Reception and DSS’23

Steering Committee

  1. Jonathan Alexander, OpenZeppelin
  2. Mitchell Amador, Immunefi 
  3. Kurt Barry, MakerDao
  4. Julien Bouteloup, Rekt
  5. Tarun Chitra, Gauntlet 
  6. Maria Christakis, MPI
  7. Isil Dillig, UT Austin
  8. Rajeev Gopalakrishna, Secureum
  9. Dan Guido,  Trails of bits
  10. Aparna Krishnan, CTO of Opyn
  11. Emin Gun Sirer, Cornell University, and Ava Labs
  12. John Mardlin., Optimism
  13. John Mitchell, Co-Founder, Stanford University
  14. Sam S, Whitehacker and a security Researcher, Paradigm
  15. Gonçalo Sá, ConsenSys Diligence
  16. Mooly Sagiv, Co-Founder, Tel Aviv University and Certora
  17. Curtis Spencer, Electric Capital
  18. Kartik Talwar, General Partner ACapital

Register here


Sponsors

Join the Telegram group

info@defisecuritysummit.org