Home / Series / BSides Las Vegas / Aired Order / Season 2018 / Episode 6

Attacking Ethereum dApps

Ethereum dApps (decentralized apps) are a core pillar of why development on the platform has skyrocketed. Many of these dApps work by combining standard web applications with a consensus protocol behind them. In other words, users can interact with a standard web application to issue transactions to a series of Ethereum smart contracts. This produces an expanded attack surface for Ethereum dApps: since smart contracts are publicly visible on the blockchain, an attacker can exploit the dApp either through the web application’s logic or by attacking the smart contracts directly. In this talk, I demonstrate how an Ethereum dApp works from top to bottom. I show what transactions through a dApp look like, how they can be spoofed, and the different attacks we can leverage against a dApp — whether over the web or by targeting the smart contract directly — to try and steal its ether.

English
  • Originally Aired August 7, 2018
  • Created October 31, 2018 by
    Administrator admin
  • Modified October 31, 2018 by
    Administrator admin
Name Type Role
Brandon Arvanaghi Guest Star