They put Money on the Internet!

hello everybody we're about to get started our next speaker is Dean Pierce he's gonna be talking about they put money on the internet so Dean Pierce is a security research from Portland Oregon he's locally filleted with PDX 2600 and rain sick soft sec control H P DX Bitcoin P DX besides hack stuff and consensus diligence here he is

okay so I wanted to make this presentation such that it can be absorbed by a wide range of audiences so I'm gonna talk a little bit about some really basic watching any kind of stuff in the beginning then talk a little bit about web three things which is pretty cool so so some fun Hackett II hack stuff you can do then talk a lot about a lot of the recent stuff going on in the etherium Network especially like that decentralize finance movement D stuff what's going on and then so I also want to talk about what a lot of weird people are doing with zero knowledge proof which is kind of fancy and then I wanted

to fill a bunch of tools that my company builds so here we go so okay I'm gonna like gauging the audience here and helps you get some blood flow going but who has heard of Bitcoin okay we got the what is Bitcoin okay cool uh who who has owned any Bitcoin alright we got we got a good crowd okay and what is your private key who has heard of aetherium I gotta go know who has made transactions on the etherium Network no transactions on the theorem network cool cool anyone developed a theory on applications all right typically a solidity and like all sorts of fun and it's anyone hacked in the theory on contract before yeah I got

some good stuff cool blockchain so as a lot of people may have heard the real interesting technology in the space isn't the Bitcoin stuff but the blockchain I don't know I'm not gonna anyway so what web 3 is the next is the next thing what web 3 is a sort of an interesting concept of like modern web development that it's using sort of this back-end blockchain e ledger but then also doing things like storing state like like the Bitcoin network that Bitcoin ledger doesn't really have a concept of like editable State for example it's pretty much like an append-only database sort of a thing which is cool for a lot of things like financial transactions but sort of this

vision of web 3 stuff is actually adding business logic onto these widely distributed Ledger's and then having a lot of monetary incentives like financial system like a lot of fun stuff but anyway I like to define it so new model for building web applications where data and business logic are stored and they globally distributed ledger rather than any particular server so the cool thing that this lets you view is essentially you can build a website that's like somewhat complicated and interesting and we served off of like a static HTML page say like like a github pages or whatever and you can actually have some pretty complex back-end stuff but you store all the data on the etherium network which

is kind of neat because then it goes out to like all the nodes and people can interact with it and anyway good stuff atheria magical sky computer if there has a bunch of different networks there's a main net is the main network I guess the main net ethereum is what you would say like house value typically they have a lot of these other networks the Kovan network the rinkeby network the rob stand network and if you do any etherium development you can acquire these other etherium tokens with like various degrees of difficulty like rank me like you have to sort of prove that you're developing something in the space Rob's 10 is kind of a like a

free-for-all like a super easy to get Rob's done and then you can do some crazy stuff with it and the general idea behind aetherium is you send a transaction and instead of sending money from point A to point B you're pushing a contract to the network and a contract is essentially just a like a script and you can do things like it's SuperDuper easy because these are turing-complete scripts essentially so for the computer science II people like you can do whatever you want it's super duper easy for you to create a program where two people pay five dollars so that they can play against each other a game of tic-tac-toe and then the winner gets ten

dollars that's like a trivial thing that you can implement so that's a good example of you know money goes in money comes out in like a funny way based on business logic back-end the contracts are essentially like for people familiar with object-oriented programming they're objects on the network any contract you deploy is essentially an instantiated object and you can interact with it by calling methods and when you call a method you're sending a transaction that says hey you know particular this method use these arguments do something sometimes you can attach money to those strands you don't ever like you don't necessarily need to and the idea is that like once you put the push these up onto

the network they're just they're kind of forever there are ways to delete your contract if you add that functionality in but by default you don't need to and actually the ability to delete contracts has had some like massive financial there's been a lot of pretty bad screw-ups where people have accidentally let people delete certain parts of contracts and now there's like many millions of dollars locked up because of they weren't too careful on the permissions of who's actually allowed to delete the contract so most people now just like don't let you delete contracts see there up there up forever that's pretty neat and anytime you want to read data out of the state of any of

these contracts it's like totally free which is nice when you write - it's probably too costly like Toussaint's and then you're essentially now you're using this blockchain as the backend for all your all your fun stuff and one of the cool things I like to tell people is like you know you can run these crazy Ponzi schemes or do whatever you want you can deploy these contracts and like even if you go to jail like the contract is still gonna be there they're still gonna be running there's nothing that anybody can do to stop them which is very different from like the current system of like you know running a centralized server in a data center

somewhere or whatever so that's kind of really neat fun so this is this is what it looks like it's kind of JavaScript D so this is a contract that I wrote it's called stupid contract it has a list of stupid stuff and you can add there's this method here where you add a string which is something stupid and then it pushes it to the array and then you can get the count of how much stupid stuff there is and so pretty simple contract this is just a very basic demo of storing state on the network yeah here we go there's this great tool called remix remix is an IDE an integrated development environment and you can

actually it's very very nice it's very pretty it's well liked instrumented everything's great it's got good debugging options and everything you can you can go there at remix ethereum org and it's all completely like it uses your local storage to store your code and everything and so it's like it's really cool it is kind of like in the browser so this is just a demo of kind of what that looks like remix has done a massive overhaul in the past few months so it doesn't really look like this anymore like all of these cool buttons for interacting with the contract or actually over here now but in general you get the idea your code is

here your output is here and then when you deploy a contract it's actually like like here's the contract here's the address that it's at on the blockchain here's these functions like you know people who get mad at Facebook like there's there's all sorts of like stupid stuff and then you can like hit the thing and it all works yeah that's good when you when you deploy a contract this is what it looks like this is called a block Explorer that's very people who are familiar with other blockchain stuff should be familiar with the concept of block explorers where you're in Bitcoin it's pretty much used to look you know has the transaction arrived to me yet

like where is it you know has this transaction happened and you can look at you know where money is coming from where money is going to and because it's just globally distributed ledger everybody everybody on the network can see all the transactions that are happening and so you so either scan is a very nice ID it's a very nice block Explorer for the etherium network and this is me showing what happens when you deploy a contract and see the input data okay popping up a thing over there anyway if the input data is like this giant blob of thing and you see it starts with a hex six oh six oh four and this is this is the little header that

says like it's time to build a contract and the rest of it is just executable code and like the etherium virtual machine so it's like virtual machine code that is now published on this globally to centralized ledger and then anybody can call functions on it and do stuff so does anybody recognize this Fox yeah okay this is the meta mask fox meadow mask is cool though also it's a consensus project so the company I work for is like working on this the company I worked for it as a bunch of weird ethereum stuff anyway yeah so yeah madam asked essentially is a browser extension and what it lets you do is the meta mask plug-in talks to the

etherium back-end or like it talks to the etherium Network and then it lets you use javascript from within your website to essentially read and write data and to do stuff and so you have your website here it's all pretty you click buttons and then it's translating that into the backend and it does the key management and stuff too so your your meta mask is also essentially like an aetherium wallet where you hold a certain amount of like you can hold like five dollars of aetherium and then any time you want to write something to the network it's gonna cost like two cents or something but that's kind of how all that works with the web stuff I've got

an example we're not gonna do this here but if you wanted to or like see this or screenshot like you can go play within that eye mask and it's fun anyway so yeah I don't like paying for servers I'm kind of a cheapskate I guess on the Internet and you know any time like you know github will co-host my code for free neo cities is great if Kyle is here if not then and like servers are like or dumb and so you want you have a back-end that's essentially free and then you make your users pay for interactions it's great because this whole new thing anyway I also have a thing so Namecheap started accepting Bitcoin a

while back and so I went kind of crazy buying a bunch of anyway I have this domain name which is actually going to expire in a couple of days I don't know if I want to renew it but a stupid dot site it's a pretty cool site anyway essentially so this is that's actually if you visit stupid site right now with a web 3 browser which includes like Chrome with the meta mask plug-in and there's a bunch of other web through your browsers and stuff but this is actually you know it's live right now and this is a list of stupid things and then you can just click that add stupid button on the bottom and like add a new

stupid thing to the list and then it's like on the blockchain forever because there's no functions could delete stupid things so anyway that's exciting so stupid da site so what what else are people doing great yeah anybody have any crypto kiddies I have four beautiful crypto kiddies we got a lot of crypto kiddies owners this is well you know now uh crypto kiddies is neat so there's a indie in the etherium space the the protocols the standards are typically referred to by like their er seee or it's the like aetherium request for comments or like theory improvement protocol or proposals they so there's ER c 20s which are like you know the basic tokens so like there's a whole bunch of

different types of tokens out there like basic attention token and like a bunch of other stuff and there's also as of a few years ago there's the ER c 721 tokens and those are the non fungible tokens which the crypto kitty has pretty much maybe invented and it kind of there were the ones that really first started making it I kind of took off but it's a essentially the ability to own like a little object it's just a little token with a serial number attached to it and some metadata and then it represents an item that you have on this blockchain so you get these kitties and then you can give them to other people

you can also relieve the kitties together and they'll make more kitties and kitties have value which is crazy I just took this screenshot a few minutes ago here's this kiddy being sold for $191,000 here's one hundred eighty one thousand three one thousand twenty seven thousand dollars these are expensive kiddies okay so this is a real life thing that people are doing right okay yeah this is the thing and the great thing about crypto kiddies is it's um it's just a website like you've been still met a mask and the you go to the website and you're interacting with the ethereum blockchain but it's entirely through the JavaScript and like the beautiful UI stuff that these people

have made but it's pretty cool so like even like even if their company like get sued into oblivion for some you know cat related reason or something it doesn't it doesn't really matter like you still have your crypto code use forever and so that's kind of neat yeah there's a bunch of other weird stuff going on on the network there's a lockdown thing which is say so I Dow is a what distributed anonymous organization and so it's essentially those are groups that people can join this group on the network and then they can use voting mechanisms to affect event and so like what Moloch Tao is is a bunch of people put in a bunch

of money and people are essentially voting for what parts of the network need to be funded so the veil fund a security audit or the development of a new block Explorer or like a lot of other new things and so it's really meant is this way to have this kind of it's not really a governing body because it's like a totally decentralize like you know any weirdo in the world can join this group and they can just vote on where money goes to so it's kind of interesting that they have like this political influence and there's actually a whole bunch of different groups that are now doing very similar things like there's a pom Bala is also doing a lot

of group funding stuff the etherion foundation itself was the original group that decides you know who gets what money which is why a lot of these other ones sprung up because I think you know why is the etherium fund foundation funding this but not funding this and so you you get all these like I don't even want to say competing because it's all like you know working in the same ecosystem different people can choose different mechanisms for funding different things so it's it's a it's a fun system there's this thing called unit swap which is super cool which is essentially it lets you convert any of your ethereum tokens into any other aetherium token and yeah that's a pretty

powerful thing because there is no centralized server there's no like so this one guy Hayden wrote this and deployed it and it just exists now and like yeah anybody can move money from point A to point B and like they can they can essentially it is a decentralized exchange so they're it's very difficult like I'm like a regulatory perspective because you know there's not a central company that's actually holding everything which is kind of crazy that it's all just like I don't know people money goes in and out and it's all it's all it's all crazy it's not a mixer um it's it's actually like you're just purchasing it's all like visible on the blockchain like

people can see you know coins go in coins go out and whatever but it just it lets you if you have you know aetherium and want to buy some I don't know say like some basic attention token or some you know storage tokens or some water like there's all these different ERC 20 tokens identifies different things on that network and yeah so it just lets you convert one thing to another and actually if you look on coin market cap which is a big list of the top cryptocurrency is a massive portion of them are just our aetherium tokens and so they're on the etherium network which is largely because you have these kinds of systems that have like this network

effect where you know people can trade tokens and people don't want to run their own kind of blockchain or whatever thing and so you can you can use an already well-established network and just deploy new tokens on and like I've done it and like any any any weirdo on the Internet can just like deploy a bunch of new tokens and you can make tokens that behave in funny ways whatever but even like nikto cos we're gonna like blow up like prime number of people's tokens or something like whatever you know a lot of cool stuff here but yeah so you know swap is an interesting thing and there is insane amounts of money we've been through you

in a swap which was also weird there yeah maker Dow is another has another big one this is the mechanism behind the die token Dai and the die is a USD like US dollar pegged ERC 20 token so it is a RC 20 token that is always worth $1 and the way that works is because of the way these a collateralized loan mechanisms work and it's kind of interesting it's like a like a centralized exchange or yeah it's a decentralized mechanism that allows the pegging to a like US dollar asset which like any real-world asset I don't know that's weird and then a layer above that is this thing called compound that you throw money into and then the

money goes up which is cool and so if you look at the the die you and this is all just using meta master you don't have to create an account with a username and password or anything like that it's just a straight-up like you install your meta math thing you load say ten dollars into it you go to the compound finance website and you can click a button and then you deposit die into their system and then you're getting this like 7.4 percent APR which is being generated from I don't know a lot of complex fun math or whatever but no it's it's super legit ever ever everybody should put all their money in it immediately no um but no

it's an interesting system anyway so hacking okay we're all we're all security people here so one of the biggest hacks from like way back in 2017 was like the DAO hack and a lot of people heard that and there's many millions of dollars that were stolen and it was from this every entrance II bug and really the the counterintuitive thing here is that if you if you deploy a contract and the contract gets an address and the address looks just like a normal aetherium address and so when you send aetherium to somebody and that somebody is a contract what you're also doing when you send aetherium is you're executing a callback function essentially or like it

no it's the fallback function on on a contract and the fallback function can really do whatever you want it to do and so if you can trick another contract into sending you money like in if you can send to like an arbitrary address like you know this is my reward address if you can send it you're essentially able to execute arbitrary code and then do some other fun weird stuff so yeah so this was a challenge that I did way back in time yeah back in the day and this is a a wallet called the Hottel wallet and this was for the there was like a Polly swarm whatever token hacking competition from was like a and yeah what this did

is they would create an account for people and that account had 0.1 a theory a minute which was at the time something like 80 dollars or something and it let people withdraw money from the contract but they could only withdraw three times and they can only withdraw point zero zero two or less and so really to get everything they would need to withdraw fifty times but because they have certain logic in their contract that says you can only withdraw three so just do withdraw function enhance okay cool so this is what it looks like in the in the withdraw function make sure that that the amount that you're trying to withdraw is less than that point zero or two or whatever

it's requiring that you actually have that much aetherium in your account you're not doing like more than whatever the point one aetherium designated to you and then it's making sure that you have withdrawn less than three times right and so the first thing it does is it subtracts your balance from the total balance in the wallet and then it sends the money to the to address say the to address is getting passed in of where the money is sent to this is an old way of doing I don't know it's it's a way of doing a ascending transaction value because then your this is the to address and you say call and then you set the

value to the the amount that you're trying to send so you're sending aetherium to that address and then you're saying okay now you have the drawn once or twice or three times and so you can never draw more than three times so here the reentrant e is because this this increase in the draw count happens after this function happens and so it turns out you can reenter on this two thing and then you call do withdraw from this like over and over again until you lose all the money so I'm gonna dig a little bit deeper into that there's a concept of militia smart contracts I made this a ninja docile this is a contract I use to loot the Hottel wallet

here's a zoom in on the fallback function and so any time that anybody sends money to this contract what it does is this is the address of the huddle wallet Hottel equals whatever and from is my my personal address that they created for me for the challenge and so I'm withdrawing from this person's wallet this wallet and then this is the the address of the Hottel wallet so I'm being a huddle about call and then I'm using this withdraw for function and then I'm withdrawing this point zero to aetherium and this happens every time that I get paid and so what I'm doing is I do the withdraw it pays this contract and then it goes and then

it calls the contract again which then falls back to this function again and then calls that contract again so it with Roz points are there - over and over and over and over and over again without ever increasing the total withdrawal account which is pretty fancy and it looks like this so I thought like when I actually looked at the block Explorer and saw what was happening I thought this was the coolest thing ever because this is you're only supposed to do this three times so then it's all stacked up and you can see it's like it's in the same transaction hash also this like BC eight five five or whatever so in a single transaction I'm doing a

whole crap ton of withdrawals and this is me taking my point one ether and going home happy

okay yeah there's some weird stuff I want to talk about that like a lot of other places there's a lot of it's a weird world in here but yeah we in turn see we talked about that a little bit it's kind of it's not super common like that exact kind of anti-pattern in like across the software space they're really interesting attack is this a front running attack which actually comes from Wall Street essentially where you know back in the day like you would overhear that somebody's you know gonna buy this thing - what two minutes it's not an hour oh yeah okay cool yeah so the yeah it yeah front-running it's like we're literally that you like run run

ahead and then like you overhear that something's gonna buy something so you go up and you buy a bunch of it first and then like it like you can buy it before the other person gets it so you can get it at a higher value or get it at a lower value and the price goes up but in the etherium space all of the like yeah all the transactions happen kind of public in the open or whatever so everybody can see what's going on so it's really easy to see somebody else is moving something and so you can like shove something else in front of it and do whatever so yeah good stuff ownership a lot of people have overpowered

ownership stuff type confusion shoving weird contracts into weird places yeah so there's an interesting thing on because you're in a smart contract you can do this thing with determinism where you can say you know do this thing try to win this lottery and if the random number doesn't turn out in my favor then revert and revert essentially means like this transaction never happened and so it's yeah pretty good and the cool thing about that too is offensively if you're trying to steal money from something or do whatever you can also make it so that it never happens unless like you can see how much money you have in the beginning of the transaction there's so much when

you have at the end of the transaction and if you don't have more money at the end you can revert so then it's like nothing ever happened so you have zero risk you can like a tenth as multiple times and do all sorts of crazy stuff and I want to talk a bit about it so the way that we enter VC actually happens usually these days in modern contracts is you have yeah these it's usually people want to let users say like do whatever with like a certain token but the thing is that token doesn't necessarily need to be a real token you can have a contract that has like a malicious transfer from function

and so you put in the token address and the thing and then the contract calls transfer from but it ends up actually it's calling some other malicious thing and it's exciting so yeah okay okay cool cool okay I got lots of time together soon good okay anything I want to go over better here good yeah yeah you can win all the lotteries anyway there's a concept in the etherium Network called Oracle's so everything like all the smart contracts are like totally a deterministic right so there's no like there's not really a good way to bring information from the outside world into the network and so if you are a smart contract and you want to know say the

price of like a dollar to ether or whatever that's not you can't just write a smart contract that like does like a JSON request and does a thing like that's kind of it it would sort of break a lot of the determinism because like who knows like the back ends could be different every time or whatever so you can't really touch the outside world you can only kind of do things on the inside so this concept of Oracle's exists so a lot of people have deployed smart contracts that have you know the price of aetherium to $1 and they are they exist on chain and anybody can read from the contracts but then it's kind of

like how much can you trust that this contract is legit because you know the real world changes frequently and the etherium network only changes every 15 seconds and it's like there's not really a lot of good solutions out there because if you have like a very centralized Oracle a a centralized Oracle means that there's a company that runs it and if this company gets hacked you know their keys get stolen then anybody can put whatever number they want in there and then if they do that and they can cause like some crazy market swing or like automatically trigger a bunch of other crazy stuff and that's kind of bad a lot of a lot of places too so that

they don't have to be responsible for that they have you know very much democratized their articles and so you essentially have the system where like hundreds or thousands of users are essentially voting to see you like what the number should be right which is also kind of crazy because then if you if you like buy up enough influence that you can like shift what the number is supposed to be then you can like maybe you spend a hundred thousand dollars to my name to manipulate the Oracle and then that lets you net like ten million dollars or something and so you have this malleability versus centralization which is kind of this back and forth and

it's always like somewhere in between they're usually for any given Oracle on the network okay I want to talk about decentralized finance so we talked about decentralized exchanges earlier that's essentially you can have decentralized order books where you know I have this asset I want to sell I want this price and then like people can buy it for that price or whatever like people people put in order books and you have like the makers and takers and it can all be kind of on the network without having to have a central like a pool for a lot of this which is kind of cool because then you see a lot of transparency like you can

actually see what's going on and it's not like you know that you're not necessarily being cheated by whatever other system because things are decentralized which is cool automated market makers are certain things like like you know swap is an automated market maker and that's like a instead of having an order book it's like an exchange where it uses some algorithm to automatically determine the price of a given asset so you put one asset in one direction and it pops out the other direction lending markets or another big thing and like where people yeah they can you put out like a certain amount of an asset and then like there can be like interest rate and then whatever and you

take it out and do all that people are making like derivatives and synthetic assets and it's pretty crazy how how this world is going so here's some charts up here this is maker Dow so this is a these are some really nice charts from a group called Alessio which was also part of consensus they do very pretty charts and they have a really good like blocking the floor and financial stuff but anyway this is November 2018 this is less than a year ago this is what that defy space kind of looked like you had a bunch of people doing maker dial stuff there's like some augur prediction markets here's compound which is that you know

put money and money go up it's a pretty anyway so how its kind of evolved over time so this is November 2018 this is May 20 19 and yeah this is we're starting to get into a unis whap you know swap was deployed around December 2018 so you can Aswath started getting up a lot of popularity very quickly grew because it's such like an automated system it was very easy to write a contract that automatically would convert tokens into other tokens or whatever - and so all these contracts are kind of like pointing towards each other and like we'll use each other to do things okay here's August and you can see it's kind of exploded into crazy town and

yeah and this is September so yeah you can see it's um a large number of people and a large number of projects and the amount of money moving through these contracts is kind of insane and there's a really great chart that I couldn't find when I looked for it but they're showing how the actual the stock depth of your average transaction over the past year has skyrocketed so typically you know with the typical contract interaction like you maybe you buy something or like you move something and you get a crypto Kitty or whatever it's maybe one contract which calls another contract maybe that calls another contract but with some of these systems like like the

0x relay isn't like all that you have entire ecosystems that are relying on other ecosystems which are relying on other ecosystems so you can do a single call it actually ends up going like four or five deep and it's just kind of like average back depth has been like hockey sticking in the past few months just super interesting yeah here's the amount of money that is sitting in these contracts right now the maker contracts have three hundred and three million dollars compound currently is a hundred fifty 1 million dollars and you can like read the rest but it's not it's not a trivial amount of money sitting in these smart contracts right now so remember

Oracle's so a lot of a lot of for example the maker stuff depends on collateralized like over collateralized lending which is seems kind of counterintuitive but essentially you lock up $300 to borrow $100 kind of a thing and the idea there is essentially the same kind of thing where you you know take out a second mortgage like you call it you put up your house as collateral so you can go to the casino and win a bunch of money and then you pay your house off and then like you know it's good times had by all right if it's the same kind of general concept but it is very commonly used in the maker system for you know the situation

where I want to buy more aetherium but all I have is aetherium so you lock up a bunch of aetherium and then you get out some die like the US dollar tokens and then you use that die to buy more aetherium which you can then use to buy more die which you can then use to buy more serious so you're essentially you know going along on aetherium and having a highly leveraged position and sort of this decentralized way which is kind of cool and the thing about these depositions is if there is a sudden price shift and you know the 300 to $100 goes below like if the price if the price crashes and suddenly you know the

your the amount that you have locked up is maybe $80 when you have like 100 died or whatever suddenly what that means is like you don't want to repay that but the way that that's dealt with is you have the ability to get liquidated essentially is anybody like as you start nearing your collateralization threshold people can essentially take the pile of money that you have locked up and so the the interesting about that is that they depend heavily on Oracle's like price Oracle's specifically and price Oracle's as we've discussed earlier are very hard and they can be malleable so the they're just great researcher Sam who has been like breaking the crap out of everything

in the etherium Network for the past maybe you're so like a lot of really great work but he posted a blog on like the 30th of December and he showed this a whole bunch of these different systems collateralized loan systems where you can manipulate the price Oracle and then essentially loot and get free money from it and like one of the examples that he had was essentially in a single transaction being able to grab like I think it was like 73 ethereum which is pretty good what's it like one hundred and fifty dollars or something right now per a theory a x yeah it's like it's a good amount of money and that that money

is just kind of like sitting on the network because all you need to do is like you know you can buy up you can manipulate this one like Oracle over here which moves the liquid edition threshold which lets you trigger the liquidation event which lets you run away with all the money and then but anyway so it's a it's a very interesting kind of world that we're going into with all of these like over collateralized positions and everything and you pretty much have to do like if you're doing any lending at the moment the only alternative to over collateralized lending is like lending based on trust and we don't really have good trust networks established on

ethereum it would be very easy for anybody to create a new account take out a loan and run off of all the money right and so right now pretty much all the lending that is happening is all this over collateralized lending which is interestingly vulnerable to whole new classes of weird or come on the population attacks it's kind of cool to sort of completely change topics a bit now that we're all excited about decentralized finance I wanted to talk about mixers so this is a mixer a tornado about cash it exists today you can install meta masks and put in a bunch of etherium and then take out at the during event the way that tornado cash works is it's

using ZK snarks for people that are familiar with a lot of the new zero knowledge magic going on these days and it it's essentially fancy zero knowledge proof that cloak certain information about certain transactions and what you do in turn a toda cache is you put in 0.1 aetherium and you can do this as many times as you want but you put it in point 1 aetherium and you get out essentially a ticket right this little redeemable coupon or something and then you can kind of take that do whatever you want with it like I don't know put it in a lock box for a while and then maybe a few months later maybe a few

years later you can take that ticket and you redeem it and you redeem the ticket and then it withdraws that point one aetherium from the contract and there is no way mathematically to associate the deposit to the withdrawal which is kind of neat obviously if you're depositing and withdrawing to the same address that's not good there's a lot of OPSEC fails you can do here but in general like the math is pretty neat and there's a lot of ways that you can you know that it can introduce a lot of very strong privacy on the network and this is a this is all very new this is the past couple months or so a lot of these

mixers have come back I think there's like four or five now most of them are just on test net which is probably good for testing tornado cache does it does it live on main net which is awesome and they got hacked but but it was neat though it was all it was responsibly disclosed and they figured it all out and it was this really great blog post actually that goes into the the technical details but it was a bug in the circum libraries and circum is essentially it is a set of zero knowledge circuits that are used to do fancy zero knowledge stuff and it is very complicated scary math but from like once you have these like the seer

commissar circuits um it becomes very easy to do basic mathematics you know like a plus B whatever like you can stack together this circuit which then just like you would with a like a typical like electronic circuit and then you compile it like using this whatever fancy code and then it outputs magic zero knowledge proof sauce and that like makes everything invisible and crazy and so there was a bug here where they use equals instead of this like I think it's like a like left wire operator or something like so it because they used the wrong operator it essentially allowed you to forge the receipts I would let you take money out and there have actually been two bugs that are

very similar to this in the past like a few months and this is very first of all this is very new mathematics like the papers that this math comes are like all published in the past couple years um which is crazy and you know it's very new I mean from like just a you know computer science II from like a software side to so there's a lot of really interesting potential security issues here and there's like no tools to detect anything like this which is super interesting so that'll be interesting to keep an eye on over the next you know year or two because I'm thinking like you know as people start developing these tools you know maybe in private

maybe on public or whatever you know you can imagine people are building these misters and they start building it into the defy network right where you have a bunch of other crazy stuff going on and then being able to do some crazy like jiu-jitsu and like taking money out using math that has only existed for a couple years this is a an interesting interesting direction that we're going as a as a global world say where we how cool yep it's a shameless look time okay so I work at a company called consensus in inside of a group that's a like diligence and ethics we do like all the security stuff in there and there's maybe I want to say like 30 ish of us I

don't know but yeah one of the early tools that came out of our group was written by Bernard and he wrote mithril mithril is a symbolic execution engine you essentially pointed at a blob of EVM code or source code and it uses really fun like SMT magic to like solve some cool stuff and one of the things that we've built on mithril is Karl Karl is really neat because you point it at a blockchain and this was written by my coworker Daniel and Daniel and Bernard gave a really awesome talk at Def Con I don't know if the video is up yet but like the moment it goes up you totally watch it because Daniel wrote

this thing where it essentially watches any given blockchain waits for contracts to be deployed that have money in them and then it can go off on like a test net and then try to steal money by the test net and then if that works it can then just steal the money directly from the main net it's a pretty cool tool right and so you can just run this all day long and just like wait for a vulnerable contracts and it keeps a log of the vulnerabilities that it finds like if it's a you know if it's like a like an INT overflow or whatever it'll record that but there's a detector in there for you know anybody can take all

the money which is kind of a neat thing to detect so another tool that they demoed at their talk at Def Con was CEO D U is kind of a more interactive like the like the Metasploit of a theory of exploitation and what CEO allows you to do is listen it gives you a lot of additional options for like interactively exploiting the stuff and you can things that have been found from Karl you can then import into Theo and then like exploit them they gave a really great demo the summer where they had set up this exploitable honeypot which is a aetherium contract that looks like you can steal money from it and the funny thing about those is that there's

a ton of them that go up online and they make it so maybe you have to put in like one aetherium to to exploit it but you know you can do all the tests and it looks like you can totally exploit it and I totally lived it and they did and they put some money into it and they were waiting for somebody to exploit it and then somebody attempted to exploit it but the neat thing about this honeypot that they put up is that the contracts or the the function for exploiting it was also front runnable so he had this Theo set up to do front running and so it waited for the transaction to come in on the network

and then it shoved and like the moment it saw the exploit transaction hitting the network it put in another transaction on the network and if you pay more gas for your transaction it will get ordered first and so it happens before the victim but and so yeah and so it was you front run it to change the owner and then the second transaction goes in anyway because that and that puts on the deposit and so that put in the money and then he could withdraw to take the money out and it was funny and it worked and he ended up giving the money back and we don't know who that was that did that but it was it was a

hilarious thing and they they they show all the hijinks on the DEF CON thing and like my time is almost up here so but definitely go watch that DEF CON video you have the chance legion's is a new tool the co-worker Cheyenne wrote it it is for essentially scanning the ethereum network itself it will connect to the different nodes on the network and you can check their configuration status like version numbers like do all sorts of really crazy stuff and like a lot of people will configure their node maybe incorrectly that lets you do things that maybe shouldn't be allowed to do and so yeah he he wrote a bunch of really fun stuff their co-worker martin 10/10 web

he wrote this vs code plugin it's very beautiful it it does a bunch of syntax highlighting with it and also does like call graph flow graph analysis stuff and it's very pretty and like you click it and it's animated and everybody should install that like if you're doing anything with aetherium you should just install his a vs code plugin and it pulls in a bunch of other vs code plugins that are also cool and then it lets you do fun stuff with it also the more the stuff that I'm working on is like this security as a service mythix platform where you essentially you can throw a source code throw bytecode at it and then it spits back a bunch of

vulnerabilities and it's got this nice pretty web dashboard that tells you all the homer abilities stuff and I've been recently writing a bunch of tools for doing throwing - continuous integration so like when you like any time that anything changes on github it can like automatically scan and then like re-upload everything to mythix and then you get all the newest security issues and everything so I don't know it's a pretty fun project - and it says it's freemium - so it uh it's free for anyone to use it actually integrates really well with remix like if you want to use that web IDE that I said earlier there's like a little button where you say like you know add

the myth X plug-in and then you can just like hit a button it uploads all your code to an FX and then scans it if you don't pay us money we will only scan it for something I think it's like 30 seconds or something um but that will find a lot of issues especially in small contracts but for larger contracts like as we do all sorts of like fuzzing and like symbolic execution can sometimes take a long time if there's a lot of branches but if you if you pay more money you essentially like it'll scan for like say like a half hour instead of just like a handful of seconds then you'll go a lot deeper and find more

bugs and these good stuff so we get you hooked with the early easy bugs and then yeah anyway good stuff everybody should go play with that here's here's this like tools website that has the tools that I just talked about and everybody should go there and download and play with the tools follow me on Twitter hit the bell capture the ether play these CTF these are fun CTS also it can questions are there questions