Temas para Barcelona

## When Title: The Blockchain Guardians: Safeguarding the Future of Ethereum Smart Contract Security - Friday 7 July - Max: 20 minutes - 17:20 - 17:40 ## DRIVE CON COSAS: https://docs.google.com/presentation/d/1T6N3K57t6q1m1NYMztzWhpfO9u3mzd6W/edit?usp=sharing&ouid=103083562722676049066&rtpof=true&sd=true ## Topics - independent auditors. Incentives: - economic - reputational - audit platforms: - contests - Code4rena - Sherlock - bug bounties - Immunefi - marketplaces - Cantina.xyz - audit firms (guilds) - Spearbit - OpenZeppelin - SigmaPrime - Trail of Bits - Consensys Diligence - players - black hats - lazarus NATION STATE - White hacks - Monsters of the Dark forest - The dark forest itself - tooling - mention different types of tools - certora provet - vulnerability classes - technical vulnerabilities - economic attacks - overview of the security space - full security stack? - initiatives - Education: Secureum - Security: Cantina.xyz ### Agenda - Hacks. Money lost - web3 stack. Where do you think security is important? Let's understand the security space: actors, tools... - Actors: audit platforms: - audit firms (guilds) - Spearbit - OpenZeppelin - SigmaPrime - Trail of Bits - Consensys Diligence - contests - Code4rena - Sherlock - bug bounties - Immunefi - marketplaces - Cantina.xyz - independent auditors. Incentives: - economic - reputational - tooling - mention different types of tools - certora prover - vulnerability classes: [EL TOP 5 DE LA TELEVISIÓN!!XD](https://rekt.news/leaderboard/) - technical vulnerabilities - examples. TVLost - economic attacks - examples. TVLost - initiatives: mass education and product - Education: Secureum - Security: Cantina.xyz ## Links and resources - [chainalysis: biggest-year-ever-for-crypto-hacking](https://blog.chainalysis.com/reports/2022-biggest-year-ever-for-crypto-hacking/#:~:text=2022%20Biggest%20Year%20Ever%20For%20Crypto%20Hacking%20with%20%243.8%20Billion,by%20North%20Korea%2Dlinked%20Attackers) - [rekt leaderboard](https://rekt.news/leaderboard/) - [The web3 stack](https://alchemy.com/blog/web3-stack) - [SoK: Decentralized Finance (DeFi) Attacks](https://arxiv.org/abs/2208.13035) - [web3-and-crypto-global-survey-2023](https://consensys.io/insight-report/web3-and-crypto-global-survey-2023) - [@samczun: mev-boost-relay validator attack](https://twitter.com/samczsun/status/1642848556590723075) - [@punk3155:mev-boost-relay validator attack ](https://twitter.com/punk3155/status/1642771856758546434) - [mev-boost-relay post mortem](https://collective.flashbots.net/t/post-mortem-april-3rd-2023-mev-boost-relay-incident-and-related-timing-issue/1540) - [how-did-a-malicious-validator-steal](https://eigenphi.substack.com/p/how-did-a-malicious-validator-steal) - [fbi lazarus](https://www.fbi.gov/news/press-releases/fbi-confirms-lazarus-group-cyber-actors-responsible-for-harmonys-horizon-bridge-currency-theft) - [@zachxbt: french police investigation](https://twitter.com/zachxbt/status/1672032219156688897) - [Open Standard Web3 Attack Reference ](https://www.oswar.org) <br> <hr>