When’s the Fintech?

The WTF calendar lets you see upcoming Fintech events and keep up-to-date with what’s happening in the world of Fintech. We list conferences and ticketed events as well as meetups and informal gatherings.

Click ‘Find Events’ to search for events by month, or by keyword, eg. blockchain.

Now showing events in London but other locations coming soon!

Loading Events

« All Events

Reasoning about Trace Vulnerabilities in Ethereum Smart Contracts for Developers

May 24 @ 18:30 - 21:00

Sign-up HERE: https://www.eventbrite.com/e/reasoning-about-trace-vulnerabilities-in-ethereum-smart-contracts-for-software-engineers-tickets-45400466016

Important! You must register on Eventbrite to attend our event.

Please note: this is a technical deep dive talk strictly for software engineers, software architects and computer science/software engineering students only.

This event is organized by http://www.volt-project.org/, https://workonblockchain.com/ and https://www.theblockchainconnector.com/

TALK TITLE: Reasoning about Trace Vulnerabilities in Ethereum Smart Contracts

KEYWORDS: Ethereum, Smart Contracts, Program Analysis, Symbolic Execution

ABSTRACT:
Smart contracts — stateful executable objects hosted on blockchains like Ethereum — carry billions of dollars worth of coins and cannot be updated once deployed.

In my talk, I will present a systematic characterisation of a new class of trace vulnerabilities, which result from analysing multiple invocations of a contract over its lifetime. We will discuss three example properties of such trace vulnerabilities: finding contracts that either lock funds indefinitely, leak them carelessly to arbitrary users, or can be killed by anyone. I will then describe the design and implementation of Maian, the first tool for precisely specifying and reasoning about trace properties, which employs inter-procedural symbolic analysis and concrete validator for exhibiting real exploits.

From nearly one million contracts in Ethereum blockchain, Maian flagged 34,200 (2,365 distinct) contracts as vulnerable, in 10 seconds per contract. On a subset of 3,759 contracts sampled for concrete validation and manual analysis, we reproduced real exploits at a true positive rate of 89%, yielding exploits for 3,686 contracts. Amongst others, Maian also found exploits for the infamous Parity bug that indirectly locked 200 million dollars worth in Ether.

This project is a joint work with Ivica Nikolić, Aashish Kolluri, Prateek Saxena, and Aquinas Hobor.

SPEAKER: Ilya Sergey

SHORT BIO:
Dr Ilya Sergey does research in the area of programming languages, program analysis, and formal verification. In recent years, Ilya has mainly been concerned with developing scalable methods for building trustworthy concurrent and distributed software, but his earlier work was advancing the state of the art in static analysis for higher-order languages and programming language design. Prior to joining academia, Ilya has spent a part of his career in industry, working in JetBrains Inc., a world-leading company in creating integrated developement environments for software developers. He obtained his PhD in formal methods at KU Leuven (Belgium), and held a postdoctoral position at IMDEA Software Institute (Spain), before taking his current position as a Lecturer at University College London.

Location:
Room K6.29 (Anatomy Lecture Theatre), King’s College London, Strand, London, WC2R 2LS

Date:
24th of May, 2018

Schedule:
18:30 to 21:00

Venue

King’s College London, Anatomy Lecture Theatre (room K6.29) –
Strand, London WC2R 2LS, United Kingdom
London, gb

Organiser

Understanding Blockchains Without a Technical Background