devcon 6 / shamir secret sharing with no id numbers
- YouTube
- IPFS
- Details
Shamir Secret Sharing with No ID Numbers!
Duration: 00:10:47
Speaker: Jorge Arce-Garro
Type: Lightning Talk
Expertise:
Event: Devcon
Date: Oct 2022
Recall that, when splitting a seedphrase via Shamir Secret Sharing into n shares, each share is numbered (from 1 to n). These ID numbers are necessary for reconstruction—if they are lost, reconstruction may be impossible or require brute force. We will quickly review Shamir Secret Sharing and show a trick that can be used to encode the ID numbers into each share for BIP-39 compliant seeds, so that users only need to store the share mnemonic.
Categories
- Related
Devcon
Lightning Talk
07:44
Ethereum Foundation's Bug Bounty Program
The Ethereum Foundation's Bug Bounty program is one of the longest running bounty programs for blockchains. This talk focus on its history, reported vulnerabilities, where it's heading and why having a bug bounty program is important.
Devcon
Lightning Talk
05:59
Future-block MEV in Proof of Stake
In PoS Ethereum, block proposers are known ahead of time. This allows for new types of MEV, which leverage the ownership of future block space. Using this, some attacks that were expensive due to arbitrage competition, such as oracle manipulations, become very cheap. There could also be opportunities for incentivizing high-MEV transactions in a future block that you know you will control.
Devcon
Lightning Talk
08:34
How to Not Be Worth Kidnapping
Personal physical security, specifically violent kidnapping and compulsion to disclose keys, is often brought up as a concern by cryptocurrency participants. We will quickly present a way of thinking about these threats and a model for not merely protecting from loss of cryptocurrency, but prevention of victimization through violence entirely.
Devcon
Lightning Talk
07:10
Read-only Reentrancy - a Novel Vulnerability class responsible for 100m+ funds at risk
Reentrancy is one of the first lessons learned when getting started with smart contract development and security. In this lightning talk we will present a novel form of reentrency, the "read-only reentrency" which is mostly unknown, although devastating in today's DeFi world and which has been single-handedly responsible for $100m+ in funds at risk.
Devcon
Talk
30:18
CBC Casper Design Philosophy
Consensus protocols are used by nodes to make consistent decisions in a distributed network. However, consensus protocols for public blockchains should satisfy other requirements, by virtue of the protocol being open. For example, they need to be incentivized, in that people will be incentivized to run consensus forming nodes in the first place, and in that following the protocol should be an equilibrium for consensus forming nodes.The CBC Casper family of consensus protocols has been designed to fit design criteria necessary for secure public blockchains. In this talk, we will explore the design goals and methodology used in CBC Casper research: economically motivated properties of the consensus protocol, the correct-by-construction approach to protocol specification, and the resulting rapid iteration.
Devcon
Talk
23:35
Solutions towards trusted and private computations - built by Golem for the wider ecosystem
Intel SGX is a technology first developed by Intel for the protection of code and data. This an extremely promising technology that will contribute to the development of the blockchain space and is focusing efforts on solutions and further development.Our hard work has allowed us to be positioned as the most advanced team in this field. We are building this solution and open-sourcing it because we believe that our user-friendly product will enable many projects facing challenges like the ones we have faced apply this solution and push other development aspects of their projects. This talk will cover what we have accomplished so far and what are the next steps related to Intel SGX technology development. We will explain how we have achieved total security and privacy for requestors (people requesting computing power via the Golem p2p marketplace). They can be certain that the data they share is not accessible for the providers and they can be certain that the results are not manipulated. We'll also show how that integrates with our Concent service.Most importantly we will talk about other new possibilities that this technology enables for decentralized computations, explaining how to run arbitrary binaries inside SGX.
Devcon
Talk
21:22
Protecting The Baselayer - from Shanghai to Osaka
Most people know that Ethereum runs smart contracts and move ether around. However, "Ethereum Security" involves a lot more than only smart contracts, mining difficulty and managing private keys. This is a talk about the base layer security. There is a peer-to-peer stack, with it's own separate discovery protocol and p2p protocol, which can be used for eclipse-, DoS- and amplification attacks. There's a consensus engine which encompasses a lot more than only the EVM. In this talk, Martin Holst Swende will talk about vulnerabilities, attacks and hotpatching the mainnet -- lesser known incidents, hiccups and close-calls that have occurred on the road from Shanghai (Devcon2) to Osaka (Devcon5).
Devcon
Lightning Talk
08:03
Being a Responsible Multisig Signer (Verify, Don't Trust!)
So you have been trusted with safeguarding a project along with other members of your community, congratulations! But, alas, the first transaction from a developer on the team comes in. How do you proceed? Can you blindly trust the developer? Should you? It's tempting to just see what other multisig members do and roll along, right? In this talk we'll go over what you can do to verify what a transaction will actually do, and what tools you have at your disposal for this. No coding required!
Devcon
Lightning Talk
05:41
Underhanded Solidity
A brief description of the exploit behind the winning submission to the Underhanded Solidity Contest 2022.
Devcon
Talk
30:27
Decentralized Threat Detection Bots
Decentralized threat detection bots are a recent area of research and development for protecting the ecosystem. This talk will cover concepts and recent research on detection bots and implementation patterns including heuristic-based, time-series based, multi-block, and TX simulation. Examples involving prior exploits will be included, as well as tools, limitations, the potential for automated threat prevention, and areas for further research.