Pragmatic Issues in Solidity Development: Security and Exploits | SGInnovate
October 06 2018


32 Carpenter Street
Singapore 059911

Pragmatic Issues in Solidity Development: Security and Exploits

Presented by Blockchain Infrastructure Group
Partnered with SGInnovate and QTUM Foundation

Solidity, the main programming language for Ethereum and other EVM-emulation chains like QTUM, is subject to many quirks. Building on Solidity can therefore be dangerous for the neophyte programmer without a knowledge of standardized libraries and safe patterns. In this talk, we'll go through several common exploits on Solidity.

We will have discussions and some live-demos on a grab-bag of topics based on several famous exploits:

  1. Re-entrancy - Why you shouldn't transfer flow control to an untrusted contract before updating state (DAO hack)
  2. Pseudorandomness - Why you shouldn't rely on any (pseudo) randomness within the EVM
  3. DelegateCall - Why using DelegateCall as a catch-all forwarding mechanism is bad idea (Parity Hack)
  4. ICO Contributions from Contracts - how some gamed the ICO contribution system in 2017 with contract addresses
  5. Block Manipulation with Gas Limit - how to prevent changes of blockchain state that you're unhappy with

We hope to see you there!

Date : 6 October 2018, Saturday
Time : 11.00am to 1.00pm
Venue : 32 Carpenter Street, Singapore 059911

Topics: Blockchain