Smart Contract Honeypots for Profit (and probably fun)

Presented at ekoparty 14 (2018), Sept. 28, 2018, 5:20 p.m. (30 minutes)

Ethereum honeypot contracts combine the oldest of cons with the newest of tech. As it turns out, it's still easy to con someone who thinks they're a conman. These malicious contracts share one trait in common: they almost always try to look like they were designed by a beginner. As such, they are a great place to learn about some of the pitfalls that can befall a new entrant to the space, and serve as an interesting (and often entertaining) case study into the wild-west world of smart contract security. By exploring a few of the more interesting cases of not-so-vulnerable contracts, the audience can gain a deeper understanding of how smart contract security works in practice, and maybe how to beat a few scammers at their own game.


Presenters:

  • Ben Schmidt
    Ben Schmidt brings over a decade of experience in information security to the table, having led research on automated program analysis, malware reverse engineering, secure software development, cryptography, cryptocurrency, and vulnerability analysis. An avid CTF player, Ben has helped win many CTFs, including DEF CON. Ben continues to participate in these competitions today, staying at the edge of reverse engineering and software exploitation. A passionate practitioner of memory corruption, and a strong believer in the awesome power of "strings", Ben's always interested in the next system to tear apart.

Links:

Similar Presentations: