They Put Money on the Internet¶
An introduction to emerging smart contract threats presented at BSides Portland (circa 2018), with special emphasis on oracle manipulation vulnerabilities and economic attack vectors.
Context¶
As smart contracts began holding significant value, this talk explored the new attack surface created by putting "money on the internet" in programmatically accessible ways. The presentation focused on oracle manipulation bugsāvulnerabilities where attackers exploit the data sources that smart contracts rely on for real-world information.
Topics Covered¶
- Introduction to smart contract security fundamentals
- Oracle manipulation attacks and price feed vulnerabilities
- Economic incentives for attacking DeFi protocols
- Real-world examples of oracle-based exploits
- Defense strategies for smart contract developers
Note: Slides for this presentation may be available upon request.