August 24, 2023




CommSec Track

COMMSEC: Bugs in Blocks

Love it or hate it, blockchain has become a playground for techies. The chains also fuel criminal ecosystems through major hacking incidents.

Blockchain bugs present unique challenges for developers and security testers. In this talk, we shed light on the most common bug types found in one of the main blockchain frameworks and provide insights and tools to find them.

Drawing from several hundred blockchain security issues we reported, we identified five common bug types. We discuss the potential impact of each type and provide practical tips for testing blockchain systems.

To help you get started on finding bugs in blocks, we released a fuzzer for Substrate-based chains. During the talk, we demo the fuzzer and showcase typical bugs.