Reverse Engineering Of Blockchain Smart Contracts

Presented at REcon 2018, June 16, 2018, 5 p.m. (60 minutes)

Many platforms using blockchain technology have emerged in 2017 and take the top 10 position of the cryptocurrencies's MarketCap. One of the main reasons behind is the possibility to create decentralized applications (dapps) by writing Smart Contracts. During this presentation, we will analyze the implementation of smart contract mechanism (Virtual Machine, assembly language, instructions sets, ...) used by those platforms. we will analyze the assembly languages and instructions sets used by the Virtual Machine of the major blockchain platforms. We will see how to disassemble and reconstruct the CFG (Control Flow Graph) of those smart contracts and the tools actually available to perform a deeper security analysis. This talk aims at covering the following platforms: Ethereum (EVM bytecode) Neo (AVM) EOS (WASM - WebAssembly)

Presenters:

• Patrick Ventuzelo
  Patrick Ventuzelo is a French security researcher working at Quoscient GmbH. Previously, he have worked for Airbus Defense & Space Cybersecurity , the French Department of Defense and P1 Security. He is mainly focused on reverse engineering and vulnerability research on Android with a strong interest on Blockchain-based technologies that implement smart contract. Patrick has been trainer at Recon BRX 2017 and Recon MTL 2017 and have spoke the same year at the French security conference SSTIC about critical vulnerabilities that he found in VoLTE technology.

Links:

• https://recon.cx/2018/montreal/schedule/events/114.html

Similar Presentations:

• Black Hat USA 2018 / Blockchain Autopsies - Analyzing Ethereum Smart Contract Deaths
• ToorCon San Diego 20 (2018) / Reversing Ethereum Smart Contracts: Find out what is behind EVM bytecode
• DEF CON 25 (2017) / Porosity: A Decompiler For Blockchain-Based Smart Contracts Bytecode