Instructor: Chris Masden and Dan Nolan
Dates: May 30- June 2 2022
Location: Hilton Double Tree
Capacity: 25 Seats
Smart contracts are still a relatively new target surface area for vulnerability research with new bug classes and exploitation techniques. Smart contracts lack traditional protection mechanisms to hinder exploitation such as CFG, DEP, PXN, or different hypervisor protections/mitigations. With the growing popularity of DeFi and other dApps, smart contract security is one of the largest problems in the Ethereum space.
This course will do a deep dive into different bug classes and how to exploit and protect against them. Exploitation of blockchain fundamentals such as Maximum Extractable Value (MEV) or other types of bot activity will also be examined
This is a hands-on course where students will fork the Ethereum blockchain and replicate historical hacks. This class will touch on classic vulnerabilities such as integer under/overflow but will mainly focus on newer concepts such as:
-Understanding what MEV is and how to participate
-How to perform arbitrage with flash loans
-How to exploit data structures in the EVM
-Exploring calldata vulnerabilities such as method ID collisions
-Exploiting incorrect usage of transaction variables
-Exploiting upgradeability methods for smart contracts
- Create advanced disassembly scripts to identify potential bugs or characteristics of a contract
- Use unicode to exploit a benign looking contract
- Exploit Reentrancy Bugs
- Abuse the Method ID collision mechanism to withdraw ether from a sender without their knowledge
- Exploit proxy contracts that don’t follow best practices
- Exploit a contract that doesn’t use tx.origin correctly
- Understand cross chain attacks
- Write a front running transaction bot
- Understand the vulnerabilities associated with a centralized price oracle
- Understand and recreate flash loan attacks
- Fuzz smart contracts and triage results
- Decompile smart contracts and understand smart contracts execution without source code - Disassemble smart contracts and learn how to perform automated bug detection
- Use disassembled smart contracts to identify characteristics such as number of external functions and possibly the names of the functions
- Understand how stack based VM’s work (EVM)
- Identify potential bug classes of a stack based VM (EVM)
- Understand what types of bugs that static analyzers are good at identifying as well as the types of bugs that it cannot identify
- Understand traditional exploit mitigation techniques and protections such as DEP and PXN
Prerequisites:
Familiarity with Javascript and Python
Hardware:
Chris Masden is currently a smart contract auditor. He was previously employed as a security researcher at ManTech and Oceans Edge. He transitioned from a traditional VR role that focused on ARM/ARM64 platforms to the exciting world of blockchain research. He brings traditional vulnerability research knowledge and expertise to this new emerging technology.
Dan Nolan graduated from Marist College in 2012 with a Bachelor’s Degree in Computer Science and has since been working professionally as a software engineer. In the last six years, Dan has been building coding tutorials focused primarily on hands-on learning, experience he carried over when he co-founded ChainShot. He greatly enjoys the process of helping others learn programming concepts and has held technical workshops at numerous meetups, conferences and hackathons around the world.
Click here to register.