Name: Security Vulnerabilities in Chaincode - Tobias Kaiser, ChainSecurity
Start: 2018-12-13T12:20:00+0100
End: 2018-12-13T12:30:00+0100

Basel, Switzerland
December 12-15
Find out more information for Hyperledger Global Forum 2018

Back To Schedule

Security Vulnerabilities in Chaincode - Tobias Kaiser, ChainSecurity

Feedback form is now closed.

Chaincode must meet high standards of quality and strict security specifications. Not satisfying these requirements impairs the whole system and can prevent reaching consensus among the peers in the network. Vulnerabilities, unintended behaviors, and system failures can violate such requirements and make entire systems running on top of Hyperledger Fabric unusable.
To address this problem, we identified nine security patterns for chaincode. Moreover, we implemented an automated static analyzer to identify and pinpoint these vulnerabilities. Our analyzer is publicly available at https://chaincode.chainsecurity.com/ and is free to use for non-commercial use. It is the first static analyzer implemented specifically for chaincode programs. In this talk, we discuss the vulnerability patterns and show how the static analyzer identifies them in Hyperledger Fabric chaincode.

Speakers

Tobias Kaiser

Blockchain Engineer, ChainSecurity

ChainSecurity operates in the field of blockchain security. We audit projects implemented for the Ethereum platform or using the Hyperledger Fabric framework. We emphasize automated analysis.One of our tools is a security scanner for chaincode implemented in the Go programming language... Read More →

GlobalForum tobias kaiser pdf

Thursday December 13, 2018 12:20 - 12:30 CET
Rio

Demo Theater 1

Experience Level Intermediate
Link to Session Recording https://youtu.be/aFRfojcctDY

Hyperledger Global Forum

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tobias Kaiser