Sign up to save your podcasts
Or
Share Dan Guido: Trail of Bits – The Evolution of Smart Contract Security
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Dan Guido: Trail of Bits – The Evolution of Smart Contract Security
Just like all software, smart contracts on the blockchain are subject to serious security vulnerabilities and coding errors. The fact however that smart contracts are often directly in charge of assets and cannot be changed once they are on the blockchain, makes secure development and running essential. Some smart contract platforms have their own languages, for example Solidity in Ethereum. Bugs and vulnerabilities in the source code, and errors in the virtual machines used by the network, are the main reasons behind security issues in smart contracts.
Projects using blockchain applications should expect constant changes in the security landscape. New bugs, security risks, and best practices will continue to emerge over time. Trail of Bits is a software security firm who advise in a range of industries for some top companies, including in the blockchain space. They are experts at identifying top-level risks and implementation vulnerabilities, and providing essential recommendations on best practices. Dan Guido, the CEO and Co-founder, explains all things software security in a really detailed and technical, yet easy to digest way. We also recommend you check out their exceptional blog packed with invaluable resources.
Topics covered in this episode:
- Dan’s background and how he came to create Trail of Bits
- What led Dan into the blockchain field
- How security software has changed over the last 20 years
- The unique challenges for security on blockchain and smart contract protocols
- Smart contract languages and security
- Slither - Trail of Bits’s suite of Ethereum based security tools
- Dan’s opinion on Solidity’s future and Vyper as an alternative
- Formally Verified Languages
- A use case on how Trail of Bits works
- Working with upgradeable contracts
- Composability and security
- Are compilers trustworthy?
- Other security issues in the blockchain space as DeFi grows
- The future of software security and the role of AI
Episode links:
- Trail of Bits Website
- Anatomy of an Unsafe Smart Contract Programming Language
- Slither, Github
- Slither: The Leading Static Analyzer for Smart Contracts
- 246 Findings From our Smart Contract Audits: An Executive Summary
- Rapid Risk Assessment (RRA)
- Our Full Report on the Voatz Mobile Voting Platform
- A Guide to Post-Quantum Cryptography
- BSides Lisbon 2016 - Keynote - The Smart Fuzzer Revolution by Dan Guido
- The Smart Fuzzer Revolution
- Trail of Bits Twitter
- Dan Guido Twitter
This episode is hosted by Sebastien Couture & Friederike Ernst. Show notes and listening options: epicenter.tv/346
View all episodes
By Epicenter Media Ltd.
4.7
183183 ratings
Just like all software, smart contracts on the blockchain are subject to serious security vulnerabilities and coding errors. The fact however that smart contracts are often directly in charge of assets and cannot be changed once they are on the blockchain, makes secure development and running essential. Some smart contract platforms have their own languages, for example Solidity in Ethereum. Bugs and vulnerabilities in the source code, and errors in the virtual machines used by the network, are the main reasons behind security issues in smart contracts.
Projects using blockchain applications should expect constant changes in the security landscape. New bugs, security risks, and best practices will continue to emerge over time. Trail of Bits is a software security firm who advise in a range of industries for some top companies, including in the blockchain space. They are experts at identifying top-level risks and implementation vulnerabilities, and providing essential recommendations on best practices. Dan Guido, the CEO and Co-founder, explains all things software security in a really detailed and technical, yet easy to digest way. We also recommend you check out their exceptional blog packed with invaluable resources.
Topics covered in this episode:
- Dan’s background and how he came to create Trail of Bits
- What led Dan into the blockchain field
- How security software has changed over the last 20 years
- The unique challenges for security on blockchain and smart contract protocols
- Smart contract languages and security
- Slither - Trail of Bits’s suite of Ethereum based security tools
- Dan’s opinion on Solidity’s future and Vyper as an alternative
- Formally Verified Languages
- A use case on how Trail of Bits works
- Working with upgradeable contracts
- Composability and security
- Are compilers trustworthy?
- Other security issues in the blockchain space as DeFi grows
- The future of software security and the role of AI
Episode links:
- Trail of Bits Website
- Anatomy of an Unsafe Smart Contract Programming Language
- Slither, Github
- Slither: The Leading Static Analyzer for Smart Contracts
- 246 Findings From our Smart Contract Audits: An Executive Summary
- Rapid Risk Assessment (RRA)
- Our Full Report on the Voatz Mobile Voting Platform
- A Guide to Post-Quantum Cryptography
- BSides Lisbon 2016 - Keynote - The Smart Fuzzer Revolution by Dan Guido
- The Smart Fuzzer Revolution
- Trail of Bits Twitter
- Dan Guido Twitter
This episode is hosted by Sebastien Couture & Friederike Ernst. Show notes and listening options: epicenter.tv/346
More shows like Epicenter - Learn about Crypto, Blockchain, Ethereum, Bitcoin and Distributed Technologies
View all
a16z Podcast
1,014 Listeners
Unchained
1,210 Listeners
Real Vision: Finance & Investing
912 Listeners
The Peter McCormack Show
2,161 Listeners
CoinDesk Podcast Network
638 Listeners
The Pomp Podcast
1,838 Listeners
The Breakdown
742 Listeners
On The Brink with Castle Island
287 Listeners
Bankless
1,028 Listeners
The Wolf Of All Streets
227 Listeners
Empire
166 Listeners
Supply Shock
112 Listeners
Forward Guidance
271 Listeners
The Milk Road Show
37 Listeners
web3 with a16z crypto
61 Listeners