DeFi Security 101

Lathrop Library, rm 282, 518 Memorial Way, Stanford, August 26

If you are fascinated about code correctness and would like to learn more about DeFi security, you are welcome to attend this one-day hybrid event on the Stanford campus where top security professionals will teach attendees about DeFi security. 

This is a one-day crash course on DeFi security at Stanford, just before DeFi Security Summit. The goals are to prepare students for the DSS event and attract them to perform research in this space.  The course is in-person only.


Concepts that will be covered include:

  1. What is DeFi all about?
  2. How to identify and prevent billion-dollar coding mistakes?
  3. What are the best security practices in DeFi?
  4. Useful DeFi security tools
  5. Policies for bug disclosure and mitigation
  6. Practical hands-on experience with a CTF

Schedule (tentative)

09:00-09:45 Anton Permenev, ChainSecurity: DeFi invariants: examples and challenges [PDF]

9:45 – 10:30 Neville Grech, Dedaub: Building the Ultimate Bounty-Hunting Machine [PDF]

10:30-10:45 Coffee break

10:45-11:30 Natalie Chin, Security Engineer, Trail of Bits: Building secure contracts: How to fuzz like a pro [PDF]

11:30-12:15 Mudit Gupta, Polygon: Bridge Security

12:15-13:15 Lunch 

13:15-14:00 Nurit Dor, Certora: Bug finding with the Certora Prover [PDF]

14:00-14:45 Emiliano Bonassi, Rentable: SecOps 101: Security Automation and Incident Response Plan design [PDF]

14:45-15:30 Joran Honig, Consensys Diligence: Initiation to audits – the what and when of starting [PDF]

15:30-16:00 Break

16:00 – 18:30 Secureum a-MAZE-X CTF: Capture-the-Flag with four beginner challenges on Ethereum smart contract security [PDF]

Suggested Reading Material

Who can attend

Anybody with an engineering background who is interested in learning DeFi security can attend. If you want to get more out of the event, please read the above suggested material and attempt to solve some well-known CTFs (e.g. Capture the Ether, Ethernaut, Damn Vulnerable DeFi) BEFORE formally registering.


Hotels close to Stanford include the Sheraton Palo Altothe Stanford Terrace Inn, and others listed in Stanford’s lodging guide.

Registration Closed

[forminator_form id=”440″]

Online Monthly Webinars first Wednesday 8-10:30 am PST Starting Nov 3, 2023





Nov 9, 2023


Dimitry Tsumak

Eugine Mamin

Drake Evans


Client Security

Geth, Nethermind, Besu,


January 8, 2024

Cool Defi

Lido, Uniswap V4, Aave



Aave, Gearbox, 1inch, Euler, Silo


State Size




Metamask, Safe, 1inch, Cubist, Foredefie, 

Yoav Weiss



OpenSea, Blur, Astaria








Operational Security





Foundry, HardHat, Echidna, MythX

Chandra Nandi


Frontend security issues


Price manipulation attacks


View reentrancy


Static analysis

Trail of Bits, Chain security, Dedaub, Certora


Smart contract languages

Solidity, Vyper, Fei, Rust, Move



LayerZero, Axlar


Layer2 security issues


Precompiled Code


Formal verification

Veridise, Nethermind, RV, Certora. Ottersec






Object Capabilities (Access Control, etc)

Andrew Miller (UIUC), Mark Miller/Dean Tribble/Dan Connolly (Agoric)


You have Successfully Subscribed!