Basel, Switzerland
December 12-15
Find out more information for Hyperledger Global Forum 2018
Back To Schedule
Thursday, December 13 • 12:20 - 12:30
Security Vulnerabilities in Chaincode - Tobias Kaiser, ChainSecurity

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Chaincode must meet high standards of quality and strict security specifications. Not satisfying these requirements impairs the whole system and can prevent reaching consensus among the peers in the network. Vulnerabilities, unintended behaviors, and system failures can violate such requirements and make entire systems running on top of Hyperledger Fabric unusable.
To address this problem, we identified nine security patterns for chaincode. Moreover, we implemented an automated static analyzer to identify and pinpoint these vulnerabilities. Our analyzer is publicly available at https://chaincode.chainsecurity.com/ and is free to use for non-commercial use. It is the first static analyzer implemented specifically for chaincode programs. In this talk, we discuss the vulnerability patterns and show how the static analyzer identifies them in Hyperledger Fabric chaincode.

avatar for Tobias Kaiser

Tobias Kaiser

Blockchain Engineer, ChainSecurity
ChainSecurity operates in the field of blockchain security. We audit projects implemented for the Ethereum platform or using the Hyperledger Fabric framework. We emphasize automated analysis.One of our tools is a security scanner for chaincode implemented in the Go programming language... Read More →

Thursday December 13, 2018 12:20 - 12:30 CET
  Demo Theater 1