Devcon Archive logo
Devcon Forum Blog
  • Watch
  • Event
    Event: background logo
    • Devcon 7
    • Devcon 6
    • Devcon 5
    • Devcon 4
    • Devcon 3
    • Devcon 2
    • Devcon 1
    • Devcon 0
  • Categories
    Categories: background logo
    • Cryptoeconomics
    • Devcon
    • Developer Experience
    • Coordination
    • Core Protocol
    • Layer 2s
    • Real World Ethereum
    • Cypherpunk & Privacy
    • Security
    • Applied Cryptography
    • Usability
  • Playlists

Suggested

Loading results..

View all

About Devcon —

Devcon is the Ethereum conference for developers, researchers, thinkers, and makers.

An intensive introduction for new Ethereum explorers, a global family reunion for those already a part of our ecosystem, and a source of energy and creativity for all.

  • Watch
  • Devcon
  • Forum
  • Blog

Get in touch

devcon@ethereum.org

Subscribe to our newsletter

Crafted with passion ❤️ at the Ethereum Foundation

© 2025 — Ethereum Foundation. All Rights Reserved.

devcon 2 / digixglobals security robustness and the stablecoin dgx

  • YouTube
  • IPFS
  • Details

DigixGlobal’s security robustness and the Stablecoin, DGX

Duration: 00:18:46

Speaker: Anthony Eufemio, Chris Hitchcott

Type: Talk

Expertise: Intermediate

Event: Devcon

Date: Invalid Date

Talk on Contract Patterns and Security.

Categories

Securitypatternssolidityarchitecturereadabilityauditsattackvectorsicsstorageaccessdirectory
  • Related
Reversing Ethereum Smart Contracts to find out what's behind EVM bytecode preview
Devcon
Talk
18:59

Reversing Ethereum Smart Contracts to find out what's behind EVM bytecode

Reverse engineering is a common technique used by security researcher to understand and analyze the behavior of closed-source binaries. If you apply this to Ethereum smart contract (and more specifically on the EVM bytecode), thats allow you to analyze and verify the result of your Solidity source code compilation. From a developer point of view, it can save you a lot of time and money if you succeed to detect flaws and missing bytecode optimization. Also, providing the Solidity source code it's not mandatory during the smart contract creation, that’s why being able to directly reverse the EVM bytecode make even more sense if you want to understand the behavior of external smart contracts.

Thinking Like an Auditor to Develop Safer Smart Contracts preview
Devcon
Workshop
47:22

Thinking Like an Auditor to Develop Safer Smart Contracts

Since 2017, ChainSecurity has audited countless smart contracts. Based on this experience, our experts will present a methodology for secure smart contract development. During the workshop, we will coach attendees to think about their project like an auditor would, to help them develop safer smart contracts using foundry and forked mainnet tests.

Smart Contract Security preview
Devcon
Talk
12:04

Smart Contract Security

After a quick overview of smart contract failures in the past, a list of important takeaways will be covered. Some coding techniques to prevent unexpected behaviour in smart contracts will be covered as well as some remarks about governance in decentralized systems.

Ethereum Security preview
Devcon
Talk
17:48

Ethereum Security

Martin Swende gives their talk on Ethereum Security.

Evolution of Smart Contract Security in the Ethereum Ecosystem preview
Devcon
Talk
19:41

Evolution of Smart Contract Security in the Ethereum Ecosystem

A lot has changed in the smart contract development ecosystem in the year since DEVCON2. Our perspective as leaders of the smart contract security community OpenZeppelin shows us that the industry is maturing. We give a brief overview of how security patterns and practices have evolved in the past months, dive into some details of recent developments, and talk about promising projects and their plans for the future.

The Melon security approach preview
Devcon
Talk
21:00

The Melon security approach

Melonport is striving to build a vibrant and successful developer ecosystem of Melon module builders. An important part of that ecosystem is the security and behaviour of smart contracts that make up Melon modules as well as how they interact with the Melon core and each other. In this presentation, we’ll demonstrate our ongoing technical efforts to assist Melon module developers in creating safe, secure smart contracts and touch on the importance of getting the auditing process right and how others can learn from our experience.

Vulnerability Coordination and Incident Response in a Decentralized World preview
Devcon
Breakout
24:32

Vulnerability Coordination and Incident Response in a Decentralized World

There’s one question that every team of core blockchain developers has discussed at least once: what are we going to do when a critical vulnerability in our software is surfaced? By definition, everything we create is likely to include a vulnerability or code flaw and the difficult legal, ethical, and business issues arise when bugs show up in code. While decentralization does not require us to reinvent the first principles security, it does force us to challenge ourselves to manage significant complexity to reduce harm to those who depend on our code. This talk will discuss the CosmosCERT as a model for how teams can successfully coordinate vulnerabilities and respond to incidents in decentralized environments using on-chain governance mechanisms in a way that ensures stakeholders have a dedicated emergency response capabilities ready to go when the worst happens.

Smart Contract Security - Incentives Beyond the Launch preview
Devcon
Talk
29:23

Smart Contract Security - Incentives Beyond the Launch

To mitigate security issues that were quickly present in the deployment of smart contracts, the community has turned to a wide variety of security techniques.  Standard when deploying new contracts is manual review by an externally contracted company/individual.  In many ways this has been a success, reducing the number of observed security incidents. In this talk, we take a look at how unique incentives in smart contracts affect the process of securing them. For example, smart contracts are often non-upgradeable: enshrinement at release time encourages security processes that end after the deployment of the contract, leaving blind spots in long-term security guarantees against evolving threats.  Pressure to ship often leaves critical security guarantees out-of-scope of external reviews, and auditor incentives tend away from detailed or fundamental criticisms of contracts' protocols. In this talk, we review the reviews and take a look at several top contracts in the ecosystem: what are the provided guarantees, who were they reviewed by, and what is missing?  How do these guarantees compare to guarantees provided users in systems outside the smart contract ecosystem?  And how can we most effectively deploy the immense talent coming into the community towards more secure, more usable systems for end-users?

Batched Bonding Curves: Grieving DEX Frontrunners preview
Devcon
Breakout
23:05

Batched Bonding Curves: Grieving DEX Frontrunners

It's been widely publicized that front-running is rampant across decentralized exchanges. Billy Rennekamp describes the technique developed to stop the parasitic behavior by using batched orders in tandem with bonding curves and how it's being used in a new fundraising app by Aragon Black.

(Defense Against) The Dark Arts - Contract Runtime Mutability preview
Devcon
Breakout
27:10

(Defense Against) The Dark Arts - Contract Runtime Mutability

Smart contracts are no longer guaranteed to have immutable runtime code, and can be redeployed with new code using a variety of methods involving the CREATE2 and SELFDESTRUCT opcodes. In this presentation, we will investigate how this is done and how to protect against malicious mutable contracts. We will also explore ways these new techniques can be applied in order to enable new use-cases and to improve the user experience.