Play all

Introduction

Common smart contract vulnerabilities

Example re-entrancy attack

Re-entrancy example in an AMM project

Short intro to delegatecall and selfdestruct

Constructor() vs Initialize()

OpenZeppelin's UUPS uninitialized proxy bug: explanation

Harvest Finance

Price oracles

Yearn.Finance spot-price usage

Yearn. Finance spot-price usage - explanation

Missing an authorization check

Lack of access control in cancelOrder() #1

Useful links to get you started

Description:

Explore the world of smart contract vulnerabilities in this conference talk from #NahamCon2022. Dive into common security issues, including re-entrancy attacks, delegatecall and selfdestruct functions, and initialization vulnerabilities. Examine real-world examples from AMM projects, OpenZeppelin's UUPS proxy bug, and Harvest Finance. Learn about the risks associated with price oracles and spot-price usage in DeFi protocols like Yearn.Finance. Discover the importance of proper authorization checks and access control in smart contract functions. Gain valuable insights and resources to enhance your understanding of smart contract security and potential haunting vulnerabilities.

Are Smart Contracts Haunted? - Security Vulnerabilities in Blockchain

NahamSec

Add to list

#Computer Science #Blockchain Development #Smart Contracts #Ethereum #Information Security (InfoSec) #Cybersecurity #Access Control #Blockchain Security #Vulnerability Analysis #Decentralized Finance #DeFi

0:00 / 0:00