[SOOHO] Hi-Con 2018

D28f2e4d0a276d9c6c6cd04e7e188fd8?s=47 SOOHO
November 10, 2018

[SOOHO] Hi-ConĀ 2018

Programmers often copy and paste the software code from various sources like GitHub. This reuse is excessively found in Ethereum as its community is open source-oriented and smart contracts are open to the public through the chain.

Although the code reuse is an efficient development strategy, contract software often suffers from the propagated security threats due to the possibility of cloning buggy code. Vulnerable code clones - similar code fragments containing security bug - are even permanent because of the immutability of Ethereum.

If a hacker succeeds to exploit one of the clones, our contracts may also be exploited. Users, funds, and services are exposed to threats, and there is no other way than the contract migration. Therefore, to ensure the safety, the contract developer should pay attention to recently hacked clones.

In this session, we introduce real-world vulnerability propagation cases in Ethereum smart contract. And we propose our vulnerability DB and analyzer to Ethereum community to be secured from the known vulnerabilities.



November 10, 2018