Oleksii Matiiasevych - Challenges in testing of smart contracts

•

0 likes•98 views

The document discusses challenges in testing smart contracts including: - Black box testing is limited and there are many known attack vectors. - Rapid development and bugs in the Solidity compiler make testing difficult. - The unpredictable blockchain environment also poses challenges. The proposed solution is to: - Thoroughly learn blockchain and Solidity. - Write simple contracts that include known exploits. - Use frameworks like Truffle to write comprehensive autotests. - Lock compiler versions unless critical bugs are found. This approach has led to stable applications over 1.5 years, passed two audits with no vulnerabilities found, comprehensive test coverage, reported compiler bugs, and safely processing over $10M through smart

Challenges in testing of Smart
Contracts
Oleksii Matiiasevych

Speaker info
Oleksii Matiiasevych
Blockchain Engineer, Ambisafe
•11 years in the IT
•Architect, Developer, QA, Mentor
•Ethereum Evangelist
/in/lastperson
/lastperson

Problem
Black Box testing is useless. Dozen known,
domain specific attack vectors. Rapid technology
development. Bugs in the Solidity compiler.
Without knowing and understanding of Smart Contract code, you can only
check positive cases and most obvious negative ones.
New features added regularly, along with new threats being discovered.
Solidity releases includes security bug fixes along with new, and regression,
bugs being introduced.
Unpredictable blockchain environment changes, due to attacks on the
network, core updates, etc.

Proposed solution
Learn blockchain, understand its operation on an
advanced level. Learn Solidity, and read
contracts. Cover everything with autotests.
Start with Bitcoin blockchain, it is simpler, and it is the first one. Bitcoin
echoes in every other blockchain out there.
Read through Solidity docs, investigate and digest known attack vectors.
Write simple contracts with exploits, and exploit them.
Use frameworks like Truffle to cover contract code with autotests.
Lock compiler version unless critical bugs found in it.

Results
Stable and unharmed live applications for 1.5+
years. Core product codebase passed 2 external
audits with no vulnerabilities detected.
10 lines of autotests per line of code, on average.
Number of compiler bugs reported and neutralized.
10M+ USD safely processed through our smart contracts.
Library of 50+ smart contracts created with confidence.

Known attacks
Reentrancy
Timestamp Dependence
Transaction-Ordering Dependence
Integer Overflows/Underflows
Denial-of-Service with Throw
Denial-of-Service with Block Gas Limit

Questions
5 minutes.
You can also ask questions for me in the lounge zone

With the rise in using immature smart contract programming languages to build a decentralized application, more vulnerabilities have been introduced to the Blockchain and were the main reasons behind critical financial losses. Moreover, the immutability of Blockchain technology makes deployed smart contracts unfixable for the whole life of the Blockchain itself. The lack of complete and up-to-date resources that explain those vulnerabilities in detail has also contributed to increasing the number of vulnerabilities in Blockchain. In addition, the lack of a standardized nomination of the existing vulnerabilities has made redundant research and made developers more confused. Therefore, in this paper, we propose the most complete list of smart contract vulnerabilities that exist in the most popular Blockchains with a detailed explanation of each one of them. In addition, we propose a new codification system that facilitates the communication of those vulnerabilities between developers and researchers. This codification, help identify the most uncovered vulnerabilities to focus on in future research. Moreover, the discussed list of vulnerabilities covers multiple Blockchain and could be used for even future built Blockchains.

Unveiling the Landscape of Smart Contract Vulnerabilities: A Detailed Examina...

IJCNCJournal

Ethereum white paper made simple

Antonio Manno

Ethereum was created to address limitations in Bitcoin and other early blockchain platforms. It provides a platform for developers to build decentralized applications, expanding what is possible with blockchain technology beyond cryptocurrencies. The Ethereum white paper introduced Ethereum as a next-generation blockchain that allows developers to create applications with more extensive features and capabilities than previous platforms through the use of smart contracts and a built-in programming language. This enabled a wide range of applications to be developed in areas like finance, governance, and other industries.

How to design, code, deploy and execute a smart contract

Joseph Holbrook, Chief Learning Officer (CLO)

By the end of this webinar you should be able to understand The concepts, use cases and basics of smart contracts How Blockchain and smart contracts work and developer success How smart contracts work on both the Ethereum and Hyperledger platforms from a practical level The constructs of smart contract, common coding requirements and demos What are the most in demand Blockchain Certifications? How do these certification meet the needs of todays Enterprises? What about Blockchain Career Demand?

Blockchain in the Heart of Digital Transformation

Dr. Mohamed Torky

This document discusses blockchain technology and its applications. It begins with definitions of blockchain, describing how blocks are linked together in a growing list using cryptography. It then covers blockchain consensus protocols like proof-of-work and proof-of-stake. Applications of blockchain discussed include use in IoT for addressing space, identity management, and access control, as well as in smart agriculture for supply chain tracking and fair pricing. The document concludes by outlining challenges for blockchain like security issues, scalability as the ledger grows, legal questions around jurisdiction, and limitations to transactional privacy.

Aleksandr Shevchenko ITEM 2018

ITEM

- Exonum is an open source framework for private blockchains that provides high security and high performance. It includes tools for development and enables smart contract functionality. - Exonum uses a Byzantine Fault Tolerant consensus algorithm that can achieve 5,000 transactions per second with 0.5 second latency. It also anchors to the Bitcoin blockchain to increase security. - Exonum provides a light client software library that allows for auditability, transparency and proof verification for clients.

Blockchain Engineer.docx

MuhammadKhalil502533

Ethereum devcon1 in London, 27th November By Tomoaki Sato I have been to the conference, so I wrote this summary and doing presentation in Japan. The meetup name is "Smart Contract Japan". Some of the presentations are missing, or added. Please refer these official sources also Devcon http://devcon.ethereum.org/ Devcon1 youtube presentations https://www.youtube.com/user/ethereumproject Devcon1 slides on reddit https://www.reddit.com/r/ethereum/comments/3soym7/devcon_1_slides/

Blockchain and IoT / Atlanta BlockChainConf

Igor Artamonov

This document discusses how blockchain and smart contracts could be used for machine-to-machine communication and agreements in areas like robotics, autonomous vehicles, and home automation. It describes how the Ethereum Virtual Machine (EVM) provides a standardized, deterministic environment for executing smart contracts that could help address issues with hardware differences, security, and updates in IoT applications. The document suggests using a private or side blockchain to allow IoT devices to securely communicate and interact via smart contracts without needing to run a full node or deal with proof-of-work mining.

Top 10 Of The Best Tools For Blockchain Development

Blockchain Council

Blockchain Experiments 1-11.pptx

saiproject

The document describes the origin and importance of blockchain technology. It states that blockchain was first described in 1991 by Stuart Haber and W. Scott Stornetta who wanted to introduce a computationally practical solution for time-stamping digital documents. In 1992, Merkle Trees were incorporated which allows blocks to store multiple documents efficiently. However, this technology went unused until the Bitcoin whitepaper in 2008 sparked new interest in blockchain. The document then lists three reasons why blockchain is important to learn: growing job prospects, positioning yourself at the forefront of change, and how blockchain will revolutionize industries like banking, supply chain, and more.

Vs code extensions required for blockchain development

Blockchain Council

Bitcoin Development 2019 Starter Guide - No Skill | ProvenCrypto

Opti Network

Top 10 blockchain interview questions & answers

Blockchain Council

Komodo Blockchain Security Service Brochure

Jean-Phi N✅

How to Create Blockchain Products by Fr8 Network Lead Engineer

Product School

Eris Industries - American Banker presentation deck.

Preston Byrne

How to Build Your Blockchain Project with Chainstack

Chainstack

This document introduces Chainstack, a blockchain as a service platform that allows users to rapidly build, deploy, and manage decentralized networks. It discusses key considerations for choosing a blockchain platform such as supported protocols, deployment options, costs, and ease of use. Chainstack offers flexibility in protocols (Fabric, MultiChain, Quorum, Ethereum, Corda), deployment locations (public cloud, on-premises, hybrid), and aims to simplify complex processes like node deployment and synchronization through its user interface and synchronization technology.

Top 7 Benefits Of Using Blockchain Technology For Mobile Apps

Blockchain Council

Programming Decentralized Application

Bambang Purnomosidi D. P.

Becoming a blockchain professional

Portia Burton

Portia Burton provides an overview of becoming a blockchain professional. She recommends getting a foundation in blockchain technologies, making a list of how blockchain addresses company pain points, and pitching your expertise to your boss. Key steps include creating a career roadmap, learning through courses like Bitcoin and Cryptocurrency Technologies on Udemy, and contributing to open source projects like 21.co and Hyperledger.

Comparison Blockchain Developer vs. Blockchain Expert

Blockchain Council

Similar to Oleksii Matiiasevych - Challenges in testing of smart contracts

Ethereum smart contract security audit

shira william

Ethereum Devcon1 Report (summary writing)

Tomoaki Sato

Blockchain and IoT / Atlanta BlockChainConf

Igor Artamonov

Top 10 Of The Best Tools For Blockchain Development

Blockchain Council

Blockchain Experiments 1-11.pptx

saiproject

Vs code extensions required for blockchain development

Blockchain Council

Bitcoin Development 2019 Starter Guide - No Skill | ProvenCrypto

Opti Network

Top 10 blockchain interview questions & answers

Blockchain Council

Komodo Blockchain Security Service Brochure

Jean-Phi N✅

How to Create Blockchain Products by Fr8 Network Lead Engineer

Product School

Eris Industries - American Banker presentation deck.

Preston Byrne

How to Build Your Blockchain Project with Chainstack

Chainstack

Top 7 Benefits Of Using Blockchain Technology For Mobile Apps

Blockchain Council

Programming Decentralized Application

Bambang Purnomosidi D. P.

Becoming a blockchain professional

Portia Burton

Comparison Blockchain Developer vs. Blockchain Expert

Blockchain Council

Similar to Oleksii Matiiasevych - Challenges in testing of smart contracts (20)

Ethereum smart contract security audit

Ethereum Devcon1 Report (summary writing)

Blockchain and IoT / Atlanta BlockChainConf

Top 10 Of The Best Tools For Blockchain Development

Blockchain Experiments 1-11.pptx

Vs code extensions required for blockchain development

Bitcoin Development 2019 Starter Guide - No Skill | ProvenCrypto

Top 10 blockchain interview questions & answers

Komodo Blockchain Security Service Brochure

How to Create Blockchain Products by Fr8 Network Lead Engineer

Eris Industries - American Banker presentation deck.

How to Build Your Blockchain Project with Chainstack

Top 7 Benefits Of Using Blockchain Technology For Mobile Apps

Programming Decentralized Application

Becoming a blockchain professional

Comparison Blockchain Developer vs. Blockchain Expert

More from Ievgenii Katsan

8 andrew kalyuzhin - 30 ux-advices, that will make users love you

Ievgenii Katsan

5 hans van loenhoud - master-class the 7 skills of highly successful teams

Ievgenii Katsan

4 alexey orlov - life of product in startup and enterprise

Ievgenii Katsan

3 dmitry gomeniuk - how to make data-driven decisions in saa s products

Ievgenii Katsan

7 hans van loenhoud - the problem-goal-solution trinity

Ievgenii Katsan

The document discusses the problem-goal-solution trinity, which refers to the relationship between problems, goals, and solutions from the perspective of stakeholders. It defines a problem as an undesirable current state that inhibits desired behavior, a goal as a desirable future state that requires action to achieve, and a solution as a roadmap or plan to remove the problem and enable reaching the goal. It notes that problems and goals can only be identified through stakeholder elicitation, and that one stakeholder's problem may be another's goal. The document also discusses how problems, goals, and their relationships are not static and can change over time and context.

1 hans van loenhoud -

Ievgenii Katsan

Digital disruption is defined as an effect that changes fundamental expectations and behaviors in a culture, market, industry or process through digital capabilities. It is an innovation that uses digital technologies to create change in our society and can threaten existing market players. Successful digital disruption satisfies a higher goal in a completely new way that is better, easier and cheaper, often through digital means. Design thinking is a light-weight approach using methods like prototyping to develop practical solutions to ill-defined problems, focusing on building quick prototypes to fail fast and succeed sooner through techniques like empathy mapping and the double diamond model. The lean startup approach emphasizes building minimal viable products to collect maximum learning from customers with minimum effort through pivoting based on testing and metrics.

3 denys gobov - change request specification the knowledge base or the task...

Ievgenii Katsan

5 victoria cupet - learn to play business analysis

Ievgenii Katsan

The document discusses how games can be used to support business analysis activities. It provides examples of different types of games that can be used for requirements gathering, prioritization, discovery, and innovation. Some key games discussed include Speed Boat to identify customer pain points, Spider Web to understand relationships between products, and Buy a Feature to prioritize features based on customer willingness to pay. The document advocates that games create structured activities that allow free and playful thinking to generate insights. It also provides tips for facilitating different games.

5 alina petrenko - key requirements elicitation during the first contact wi...

Ievgenii Katsan

3 karabak kuyavets transformation of business analyst to product owner

Ievgenii Katsan

The document discusses the transformation of a business analyst to a product owner role. It notes that hierarchical management modes are no longer suited for modern business challenges. Product modes were developed to allow teams to build, run, and iterate solutions continuously rather than separating these stages. A business analyst focuses on requirements gathering, while a product owner sets vision and priorities and makes decisions to support the team. The document advises business analysts to adopt a product owner mindset by focusing more on business objectives and outcomes rather than just requirements. It provides five recommendations for when and how to shift one's mindset to that of a product owner.

4 andrii melnykov - stakeholder management for pd ms and b-as and why it is...

Ievgenii Katsan

3 zornitsa nikolova - the product manager between decision making and facil...

Ievgenii Katsan

The document discusses the role of the product manager and describes them as being like a "mini-CEO" who must lead by example. It defines the ideal product manager as being DRIVEN, which stands for decisive, ruthless, informed, versatile, empowering, and negotiable. Each of these traits is then further explained, with examples of how a product manager can demonstrate being decisive by prioritizing important decisions, informed by verifying assumptions, and negotiable by seeking consensus or consent from stakeholders. The document concludes by having product managers assess themselves on how well they embody these DRIVEN traits in their daily work.

4 viktoriya gudym - how to effectively manage remote employees

Ievgenii Katsan

9 natali renska - product and outsource development, how to cook 2 meals in...

Ievgenii Katsan

Natali Renska discusses cooking two meals in one pan by presenting steps such as cooking proteins or vegetables for one meal first before adding ingredients for a second meal to the same pan. The document provides tips on saving time and money by using one pan to cook multiple ingredients sequentially for two separate meals. Various techniques are proposed, such as cooking pasta or rice as a base before adding protein and sauce components for another meal.

7 denis parkhomenko - from idea to execution how to make a product that cus...

Ievgenii Katsan

The document provides tips on how to make a product that customers will love. It discusses focusing on the problem and solution, targeting a specific market, and building a strong brand. It also outlines the typical stages a startup goes through, from creating an idea to releasing a minimum viable product to scaling up and harvesting returns. The overall message is that developing a deep understanding of customers, focusing efforts, iterating based on feedback, and having a clear business model are keys to success.

6 anton vitiaz - inside the mvp in 3 days

Ievgenii Katsan

Anton Vitiaz has over 10 years of experience in business analysis, custom software development, and Microsoft CRM/SharePoint implementation. He discusses creating a minimum viable product (MVP) in 3 days by focusing on key features, keeping things very simple, and ensuring it works. The process involves planning simple implementations, cutting unnecessary elements, conducting micro 2-3 hour iterations with quick demos, adding demo data, presenting key concepts, and running simple tests. Motivating participants, having expertise, providing the right support tools, and limiting the timeframe to 3 days or less are important to success, while distractions, overcomplicating the task, and unrealistic deadlines can lead to failure.

5 mariya popova - ideal product management. unicorns in our reality

Ievgenii Katsan

The document discusses product management and how to transform unrealistic expectations ("unicorns") into practical realities. It defines product management and what product managers do, including developing strategy, managing releases, conducting research, and more. However, unrealistic expectations can cause problems if customer and product requirements do not align, or if "nice-to-have" features are prioritized over product improvements. The presentation provides tips on how to take a more realistic approach by understanding customer needs, conducting market research, determining requirements, and developing a product roadmap to guide the process. Templates are also shared for SWOT analysis, development charters, requirements documents, timelines, and roadmaps.

2 victor podzubanov - design thinking game

Ievgenii Katsan

3 sergiy potapov - analyst to product owner

Ievgenii Katsan

4 anton parkhomenko - how to make effective user research with no budget at...

Ievgenii Katsan

The document discusses how to conduct effective user research with no budget and limited time. It provides recommendations for free or low-cost tools to conduct remote interviews and usability testing, including Zoom, OBS, Screencastify, Loom, and Lookback. It also recommends using YouTube to store recordings, Google Docs for transcripts, and Airtable to organize findings into an atomic database structure of people, sessions, jobs, pains, gains, and features linked to evidence from interviews. The methodology outlined atomizes research into small units that can be easily shared and built upon over time.

More from Ievgenii Katsan (20)

8 andrew kalyuzhin - 30 ux-advices, that will make users love you

5 hans van loenhoud - master-class the 7 skills of highly successful teams

4 alexey orlov - life of product in startup and enterprise

3 dmitry gomeniuk - how to make data-driven decisions in saa s products

7 hans van loenhoud - the problem-goal-solution trinity

1 hans van loenhoud -

3 denys gobov - change request specification the knowledge base or the task...

5 victoria cupet - learn to play business analysis

5 alina petrenko - key requirements elicitation during the first contact wi...

3 karabak kuyavets transformation of business analyst to product owner

4 andrii melnykov - stakeholder management for pd ms and b-as and why it is...

3 zornitsa nikolova - the product manager between decision making and facil...

4 viktoriya gudym - how to effectively manage remote employees

9 natali renska - product and outsource development, how to cook 2 meals in...

7 denis parkhomenko - from idea to execution how to make a product that cus...

6 anton vitiaz - inside the mvp in 3 days

5 mariya popova - ideal product management. unicorns in our reality

2 victor podzubanov - design thinking game

3 sergiy potapov - analyst to product owner

4 anton parkhomenko - how to make effective user research with no budget at...

Recently uploaded

Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024

Sinan KOZAK

Sinan from the Delivery Hero mobile infrastructure engineering team shares a deep dive into performance acceleration with Gradle build cache optimizations. Sinan shares their journey into solving complex build-cache problems that affect Gradle builds. By understanding the challenges and solutions found in our journey, we aim to demonstrate the possibilities for faster builds. The case study reveals how overlapping outputs and cache misconfigurations led to significant increases in build times, especially as the project scaled up with numerous modules using Paparazzi tests. The journey from diagnosing to defeating cache issues offers invaluable lessons on maintaining cache integrity without sacrificing functionality.

BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf

MIGUELANGEL966976

2008 BUILDING CONSTRUCTION Illustrated - Ching Chapter 02 The Building.pdf

Yasser Mahgoub

Engineering Drawings Lecture Detail Drawings 2014.pdf

abbyasa1014

Manufacturing Process of molasses based distillery ppt.pptx

Madan Karki

Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...

shadow0702a

This document serves as a comprehensive step-by-step guide on how to effectively use PyCharm for remote debugging of the Windows Subsystem for Linux (WSL) on a local Windows machine. It meticulously outlines several critical steps in the process, starting with the crucial task of enabling permissions, followed by the installation and configuration of WSL. The guide then proceeds to explain how to set up the SSH service within the WSL environment, an integral part of the process. Alongside this, it also provides detailed instructions on how to modify the inbound rules of the Windows firewall to facilitate the process, ensuring that there are no connectivity issues that could potentially hinder the debugging process. The document further emphasizes on the importance of checking the connection between the Windows and WSL environments, providing instructions on how to ensure that the connection is optimal and ready for remote debugging. It also offers an in-depth guide on how to configure the WSL interpreter and files within the PyCharm environment. This is essential for ensuring that the debugging process is set up correctly and that the program can be run effectively within the WSL terminal. Additionally, the document provides guidance on how to set up breakpoints for debugging, a fundamental aspect of the debugging process which allows the developer to stop the execution of their code at certain points and inspect their program at those stages. Finally, the document concludes by providing a link to a reference blog. This blog offers additional information and guidance on configuring the remote Python interpreter in PyCharm, providing the reader with a well-rounded understanding of the process.

Electric vehicle and photovoltaic advanced roles in enhancing the financial p...

IJECEIAES

Climate change's impact on the planet forced the United Nations and governments to promote green energies and electric transportation. The deployments of photovoltaic (PV) and electric vehicle (EV) systems gained stronger momentum due to their numerous advantages over fossil fuel types. The advantages go beyond sustainability to reach financial support and stability. The work in this paper introduces the hybrid system between PV and EV to support industrial and commercial plants. This paper covers the theoretical framework of the proposed hybrid system including the required equation to complete the cost analysis when PV and EV are present. In addition, the proposed design diagram which sets the priorities and requirements of the system is presented. The proposed approach allows setup to advance their power stability, especially during power outages. The presented information supports researchers and plant owners to complete the necessary analysis while promoting the deployment of clean energy. The result of a case study that represents a dairy milk farmer supports the theoretical works and highlights its advanced benefits to existing plants. The short return on investment of the proposed approach supports the paper's novelty approach for the sustainable electrical system. In addition, the proposed system allows for an isolated power setup without the need for a transmission line which enhances the safety of the electrical network

Engine Lubrication performance System.pdf

mamamaam477

Understanding Inductive Bias in Machine Learning

SUTEJAS

This presentation explores the concept of inductive bias in machine learning. It explains how algorithms come with built-in assumptions and preferences that guide the learning process. You'll learn about the different types of inductive bias and how they can impact the performance and generalizability of machine learning models. The presentation also covers the positive and negative aspects of inductive bias, along with strategies for mitigating potential drawbacks. We'll explore examples of how bias manifests in algorithms like neural networks and decision trees. By understanding inductive bias, you can gain valuable insights into how machine learning models work and make informed decisions when building and deploying them.

The Python for beginners. This is an advance computer language.

sachin chaurasia

Harnessing WebAssembly for Real-time Stateless Streaming Pipelines

Christina Lin

Traditionally, dealing with real-time data pipelines has involved significant overhead, even for straightforward tasks like data transformation or masking. However, in this talk, we’ll venture into the dynamic realm of WebAssembly (WASM) and discover how it can revolutionize the creation of stateless streaming pipelines within a Kafka (Redpanda) broker. These pipelines are adept at managing low-latency, high-data-volume scenarios.

一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理

ecqow

CalArts毕业证学历书【微信95270640】CalArts毕业证’圣力嘉学院毕业证《Q微信95270640》办理CalArts毕业证√文凭学历制作{CalArts文凭}购买学历学位证书本科硕士,CalArts毕业证学历学位证【实体公司】办毕业证、成绩单、学历认证、学位证、文凭认证、办留信网认证、（网上可查，实体公司，专业可靠） (诚招代理)办理国外高校毕业证成绩单文凭学位证,真实使馆公证（留学回国人员证明）真实留信网认证国外学历学位认证雅思代考国外学校代申请名校保录开请假条改GPA改成绩ID卡 1.高仿业务:【本科硕士】毕业证,成绩单（GPA修改）,学历认证（教育部认证）,大学Offer,,ID,留信认证,使馆认证,雅思,语言证书等高仿类证书； 2.认证服务: 学历认证（教育部认证）,大使馆认证（回国人员证明）,留信认证（可查有编号证书）,大学保录取,雅思保分成绩单。 3.技术服务：钢印水印烫金激光防伪凹凸版设计印刷激凸温感光标底纹镭射速度快。办理加利福尼亚艺术学院加利福尼亚艺术学院毕业证文凭证书流程： 1客户提供办理信息：姓名生日专业学位毕业时间等（如信息不确定可以咨询顾问：我们有专业老师帮你查询）； 2开始安排制作毕业证成绩单电子图； 3毕业证成绩单电子版做好以后发送给您确认； 4毕业证成绩单电子版您确认信息无误之后安排制作成品； 5成品做好拍照或者视频给您确认； 6快递给客户（国内顺丰国外DHLUPS等快读邮寄） -办理真实使馆公证（即留学回国人员证明） -办理各国各大学文凭（世界名校一对一专业服务,可全程监控跟踪进度） -全套服务：毕业证成绩单真实使馆公证真实教育部认证。让您回国发展信心十足！（详情请加一下文凭顾问+微信:95270640）欢迎咨询！子小伍玩小伍比山娃小一岁虎头虎脑的很霸气父亲让山娃跟小伍去夏令营听课山娃很高兴夏令营就设在附近一所小学山娃发现那所小学比自己的学校更大更美操场上还铺有塑胶跑道呢里面很多小朋友一班一班的快快乐乐原来城里娃都藏这儿来了怪不得平时见不到他们山娃恍然大悟起来吹拉弹唱琴棋书画山娃都不懂却什么都想学山娃怨自己太笨什么都不会斟酌再三山娃终于选定了学美术当听说每月要交元时父亲犹豫了山娃也说爸算了吧咱学校一学期才转

Hematology Analyzer Machine - Complete Blood Count

shahdabdulbaset

The CBC machine is a common diagnostic tool used by doctors to measure a patient's red blood cell count, white blood cell count and platelet count. The machine uses a small sample of the patient's blood, which is then placed into special tubes and analyzed. The results of the analysis are then displayed on a screen for the doctor to review. The CBC machine is an important tool for diagnosing various conditions, such as anemia, infection and leukemia. It can also help to monitor a patient's response to treatment.

Introduction to AI Safety (public presentation).pptx

MiscAnnoy1

ML Based Model for NIDS MSc Updated Presentation.v2.pptx

JamalHussainArman

哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样

insn4465

原版一模一样【微信：741003700 】【(csu毕业证书)查尔斯特大学毕业证硕士学历】【微信：741003700 】学位证，留信认证（真实可查，永久存档）offer、雅思、外壳等材料/诚信可靠,可直接看成品样本，帮您解决无法毕业带来的各种难题！外壳，原版制作，诚信可靠，可直接看成品样本。行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备。十五年致力于帮助留学生解决难题，包您满意。本公司拥有海外各大学样板无数，能完美还原海外各大学 Bachelor Diploma degree, Master Degree Diploma 1:1完美还原海外各大学毕业材料上的工艺：水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠。文字图案浮雕、激光镭射、紫外荧光、温感、复印防伪等防伪工艺。材料咨询办理、认证咨询办理请加学历顾问Q/微741003700 留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才

Transformers design and coooling methods

Roger Rozario

学校原版美国波士顿大学毕业证学历学位证书原版一模一样

171ticu

原版一模一样【微信：741003700 】【美国波士顿大学毕业证学历学位证书】【微信：741003700 】学位证，留信认证（真实可查，永久存档）offer、雅思、外壳等材料/诚信可靠,可直接看成品样本，帮您解决无法毕业带来的各种难题！外壳，原版制作，诚信可靠，可直接看成品样本。行业标杆！精益求精，诚心合作，真诚制作！多年品质 ,按需精细制作，24小时接单,全套进口原装设备。十五年致力于帮助留学生解决难题，包您满意。本公司拥有海外各大学样板无数，能完美还原海外各大学 Bachelor Diploma degree, Master Degree Diploma 1:1完美还原海外各大学毕业材料上的工艺：水印，阴影底纹，钢印LOGO烫金烫银，LOGO烫金烫银复合重叠。文字图案浮雕、激光镭射、紫外荧光、温感、复印防伪等防伪工艺。材料咨询办理、认证咨询办理请加学历顾问Q/微741003700 留信网认证的作用: 1:该专业认证可证明留学生真实身份 2:同时对留学生所学专业登记给予评定 3:国家专业人才认证中心颁发入库证书 4:这个认证书并且可以归档倒地方 5:凡事获得留信网入网的信息将会逐步更新到个人身份内，将在公安局网内查询个人身份证信息后，同步读取人才网入库信息 6:个人职称评审加20分 7:个人信誉贷款加10分 8:在国家人才网主办的国家网络招聘大会中纳入资料，供国家高端企业选择人才

Computational Engineering IITH Presentation

co23btech11018

IEEE Aerospace and Electronic Systems Society as a Graduate Student Member

VICTOR MAESTRE RAMIREZ

Recently uploaded (20)

Optimizing Gradle Builds - Gradle DPE Tour Berlin 2024

BPV-GUI-01-Guide-for-ASME-Review-Teams-(General)-10-10-2023.pdf

2008 BUILDING CONSTRUCTION Illustrated - Ching Chapter 02 The Building.pdf

Engineering Drawings Lecture Detail Drawings 2014.pdf

Manufacturing Process of molasses based distillery ppt.pptx

Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...

Electric vehicle and photovoltaic advanced roles in enhancing the financial p...

Engine Lubrication performance System.pdf

Understanding Inductive Bias in Machine Learning

The Python for beginners. This is an advance computer language.

Harnessing WebAssembly for Real-time Stateless Streaming Pipelines

一比一原版(CalArts毕业证)加利福尼亚艺术学院毕业证如何办理

Hematology Analyzer Machine - Complete Blood Count

Introduction to AI Safety (public presentation).pptx

ML Based Model for NIDS MSc Updated Presentation.v2.pptx

哪里办理(csu毕业证书)查尔斯特大学毕业证硕士学历原版一模一样

Transformers design and coooling methods

学校原版美国波士顿大学毕业证学历学位证书原版一模一样

Computational Engineering IITH Presentation

IEEE Aerospace and Electronic Systems Society as a Graduate Student Member

Oleksii Matiiasevych - Challenges in testing of smart contracts

1. Challenges in testing of Smart Contracts Oleksii Matiiasevych

2. Speaker info Oleksii Matiiasevych Blockchain Engineer, Ambisafe •11 years in the IT •Architect, Developer, QA, Mentor •Ethereum Evangelist /in/lastperson /lastperson

3. Problem Black Box testing is useless. Dozen known, domain specific attack vectors. Rapid technology development. Bugs in the Solidity compiler. Without knowing and understanding of Smart Contract code, you can only check positive cases and most obvious negative ones. New features added regularly, along with new threats being discovered. Solidity releases includes security bug fixes along with new, and regression, bugs being introduced. Unpredictable blockchain environment changes, due to attacks on the network, core updates, etc.

4. Proposed solution Learn blockchain, understand its operation on an advanced level. Learn Solidity, and read contracts. Cover everything with autotests. Start with Bitcoin blockchain, it is simpler, and it is the first one. Bitcoin echoes in every other blockchain out there. Read through Solidity docs, investigate and digest known attack vectors. Write simple contracts with exploits, and exploit them. Use frameworks like Truffle to cover contract code with autotests. Lock compiler version unless critical bugs found in it.

5. Results Stable and unharmed live applications for 1.5+ years. Core product codebase passed 2 external audits with no vulnerabilities detected. 10 lines of autotests per line of code, on average. Number of compiler bugs reported and neutralized. 10M+ USD safely processed through our smart contracts. Library of 50+ smart contracts created with confidence.

6. Known attacks Reentrancy Timestamp Dependence Transaction-Ordering Dependence Integer Overflows/Underflows Denial-of-Service with Throw Denial-of-Service with Block Gas Limit

7. Questions 5 minutes. You can also ask questions for me in the lounge zone

Oleksii Matiiasevych - Challenges in testing of smart contracts

Recommended

Recommended

More Related Content

Similar to Oleksii Matiiasevych - Challenges in testing of smart contracts

Similar to Oleksii Matiiasevych - Challenges in testing of smart contracts (20)

More from Ievgenii Katsan

More from Ievgenii Katsan (20)

Recently uploaded

Recently uploaded (20)

Oleksii Matiiasevych - Challenges in testing of smart contracts