DeFi Security 101
Lathrop Library, rm 282, 518 Memorial Way, Stanford, August 26
If you are fascinated about code correctness and would like to learn more about DeFi security, you are welcome to attend this one-day hybrid event on the Stanford campus where top security professionals will teach attendees about DeFi security.
This is a one-day crash course on DeFi security at Stanford, just before DeFi Security Summit. The goals are to prepare students for the DSS event and attract them to perform research in this space. The course is in-person only.
Concepts that will be covered include:
- What is DeFi all about?
- How to identify and prevent billion-dollar coding mistakes?
- What are the best security practices in DeFi?
- Useful DeFi security tools
- Policies for bug disclosure and mitigation
- Practical hands-on experience with a CTF
09:00-09:45 Anton Permenev, ChainSecurity: DeFi invariants: examples and challenges
9:45 – 10:30 Nurit Dor, Certora: Bug finding with the Certora Prover
10:30-10:45 Coffee break
10:45-11:30 Natalie Chin, Security Engineer, Trail of Bits: TBA
11:30-12:15 Mudit Gupta, Polygon: Bridge Security
13:15-14:00 Neville Grech, Dedaub: Building the Ultimate Bounty-Hunting Machine
14:00-14:45 Emiliano Bonassi, Rentable: SecOps 101: Security Automation and Incident Response Plan design
14:45-15:30 Goncalo Sa, Consensys Diligence: Initiation to audits – the what and when of starting
16:00 – 18:30 Secureum a-MAZE-X CTF: Capture-the-Flag with four beginner challenges on Ethereum smart contract security
Suggested Reading Material
Who can attend
Anybody with an engineering background who is interested in learning DeFi security can attend. If you want to get more out of the event, please read the above suggested material and attempt to solve some well-known CTFs (e.g. Capture the Ether, Ethernaut, Damn Vulnerable DeFi) BEFORE formally registering.