DeFi Security: With So Many Hacks, Will It Ever Be Safe? - Ep.170
Unchained5 Mai 2020

DeFi Security: With So Many Hacks, Will It Ever Be Safe? - Ep.170

Dan Guido, cofounder and CEO of Trail of Bits, and Taylor Monahan, founder and CEO of MyCrypto, discuss all the recent hacks in DeFi, how it can be made more safely and who is responsible. We tackle: the Hegic security incident: whose responsibility it was to make sure the contract was secure — the auditor (Trail of Bits) or the team (Hegic) — what Trail of Bits was saying in its audit summary, and how to read between the lines of an audit summary how long an audit should be upgradeability: particularly around when more advanced technology and contracts interface with older technology/contracts centralization vs. decentralization: whether contracts can be made safely while maintaining adhering to the principle of decentralization, why Taylor would prioritize centralization and security, and how teams can create different levels of risk for users bug bounties: why asking what amount they should be is the wrong question the security threats posed by oracles and what a checklist for DeFi teams might look like Thank you to our sponsors! Crypto.com: https://crypto.com Kraken: https://www.kraken.com Stellar: https://www.stellar.org Episode links: Dan Guido: https://twitter.com/dguido Trail of Bits: https://www.trailofbits.com Taylor Monahan: https://twitter.com/tayvano_ MyCrypto: https://mycrypto.com Initial tweet by Hegic calling the security issue a typo: https://twitter.com/HegicOptions/status/1253937104666742787?s=20 Hegic tweet saying, “It’s not a security issue”: https://twitter.com/HegicOptions/status/1253954145113038849?s=20 Trail of Bits saying it will no longer work with Hegic: https://twitter.com/dguido/status/1254260725431894020?s=20 Taylor breaks down the audit summary: https://twitter.com/MyCrypto/status/1254058121342803968?s=20 Molly Wintermute’s Medium post on requesting a week audit vs. three-day review: https://medium.com/@molly.wintermute/post-mortem-hegic-unlock-function-bug-or-three-defi-development-mistakesthat-i-feel-sorry-about-5a23a7197bce Unconfirmed episode with Haseeb Qureshi on the Lendf.me attack: https://unchainedpodcast.com/haseeb-qureshi-on-the-unbelievable-story-of-the-25-million-lendf-me-hack/ Unchained interview showing Matt Luongo's approach to kill switches and upgradeability with tBTC: https://unchainedpodcast.com/tbtc-what-happens-when-the-most-liquid-crypto-asset-hits-defi/ Discussion of the bZx attacks on Unchained: https://unchainedpodcast.com/the-bzx-attacks-unethical-or-illegal-2-experts-weigh-in/ Issue with Curve contract: https://blog.curve.fi/vulnerability-disclosure/ Compound bug bounty program: https://compound.finance/docs/security#bug-bounty Taylor on “upgradeability makes things more insecure”: https://twitter.com/tayvano_/status/1222564979657723904?s=20 Synthetix oracle incident, allowing a bot to profit $1 billion: https://unchainedpodcast.com/how-synthetix-became-the-second-largest-defi-platform/ Taylor’s tips on how to get more ROI on an audit: https://twitter.com/MyCrypto/status/1254061500244713474?s=20 Tips to follow before getting an audit: https://blog.openzeppelin.com/follow-this-quality-checklist-before-an-audit-8cc6a0e44845/ Resources for security in DeFi: crytic/building-secure-contractsGuidelines and training material to write secure smart contracts - crytic/building-secure-contractsgithub.com https://consensys.github.io/smart-contract-best-practices/ https://forum.openzeppelin.com https://swcregistry.io https://diligence.consensys.net/blog/2020/03/new-offering-1-day-security-reviews/ Learn more about your ad choices. Visit megaphone.fm/adchoices

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(1207)

Why CLOs Are Suddenly DeFi's Hottest Yield Play

Why CLOs Are Suddenly DeFi's Hottest Yield Play

Niklas Kunkel maps where the RWA market is heading next, from Centrifuge and Apollo's CLOs to Galaxy's first tokenized credit product, then turns to a cautionary tale: some SpaceX pre-IPO token buyers...

10 Jul 7min

How Lighter Powers Robinhood Perps With USDG as the Quote Asset

How Lighter Powers Robinhood Perps With USDG as the Quote Asset

Robinhood Chain perps now run on Lighter. Vlad Novakovski maps the revenue split, the USDG collateral risk, and the race for a US perps license. ======================================================...

10 Jul 25min

Austin Griffith on the $1 AI Audit and the Case for Founders Over DAOs: Uneasy Money

Austin Griffith on the $1 AI Audit and the Case for Founders Over DAOs: Uneasy Money

Austin Griffith joins Kain Warwick and Taylor Monahan to unpack BonkDAO's $20M governance heist, and Kain's case for giving founders more control. ===================================================...

9 Jul 1h 10min

The Chopping Block: Tokens vs Equity, Lighter's Robinhood Perps Deal, and Trump's $2.4B Crypto Windfall

The Chopping Block: Tokens vs Equity, Lighter's Robinhood Perps Deal, and Trump's $2.4B Crypto Windfall

Vladimir Novakovski of Lighter joins the Chopping Block crew to untangle one of crypto's oldest debates: what happens when tokens and equity coexist. The gang digs into the Venice/VVV controversy, bre...

9 Jul 58min

Why Strategy Dumped Its Biggest Bitcoin Tranche Yet

Why Strategy Dumped Its Biggest Bitcoin Tranche Yet

For years, Michael Saylor's Strategy was the market's most dependable Bitcoin buyer. Recently, it has done the opposite. Strategy just sold 3,588 Bitcoin for roughly $216 million, its largest single ...

9 Jul 8min

Strategy Sold More Bitcoin. Is This a Betrayal of the Bitcoin Ethos?

Strategy Sold More Bitcoin. Is This a Betrayal of the Bitcoin Ethos?

Strategy sold $260M of Bitcoin at a loss to fund dividends. Parker White of Apyx makes the case that it is smarter than it sounds. ======================================================== Thank you ...

8 Jul 52min

Ari Redbord Sits Down With the Hosts of DEX in the City

Ari Redbord Sits Down With the Hosts of DEX in the City

Ari Redbord sits down with Katherine, Jessi, and Vy to talk about SEC clarity, the onshore perps boom, and DeFi's opsec problem — plus why the U.S. should hack North Korea back. Thank you to our sp...

7 Jul 47min

How Ethereum Institutional Intends to Grow Ethereum's Market Share

How Ethereum Institutional Intends to Grow Ethereum's Market Share

Joseph Chalom lays out why Ethereum Institutional exists, how it differs from Etherealize, and why he thinks Michael Saylor is in a pickle. ======================================================== T...

3 Jul 37min

Populært innen Politikk og nyheter

giver-og-gjengen-vg
aftenpodden-usa
aftenpodden
fotballpodden-2
popradet
forklart
stopp-verden
det-store-bildet
hanna-de-heldige
rss-gukild-johaug
rss-ness
nokon-ma-ga
dine-penger-pengeradet
aftenbla-bla
lydartikler-fra-aftenposten
rss-utenrikskomiteen-med-bogen-og-grasvik
e24-podden
ta-dokumentar
rss-espen-lee-usensurert
rss-borsmorgen-okonominyhetene