New Video from @BlackHatOfficialYT: Proactive Security Measures for DeFi Protocols

In this video, Andy, co-founder of Black Hat and professor at the University of Zan, presents his team's recent work on proactive prevention of security exploits in the field of decentralized finance (DeFi). The video highlights the challenges and solutions for securing DeFi protocols, which are increasingly targeted by hackers due to economic incentives and inherent vulnerabilities in these systems. Andy begins by emphasizing the importance of security in DeFi protocols, citing alarming statistics on financial losses due to DeFi hacks. For example, in 2021, losses from DeFi hacks reached nearly three billion dollars. He explains that hackers are attracted to these protocols because they can directly obtain cryptocurrencies, easily convertible to US dollars, without needing to sell data or use ransomware. The reasons why DeFi hacks are so frequent are manifold. Firstly, there is a lack of qualified security developers, as developers often focus on features rather than security. Secondly, the composability of DeFi protocols creates additional attack surfaces, as even a secure protocol can be compromised by vulnerable dependencies like price oracles. Thirdly, the openness of smart contracts on the blockchain allows anyone to analyze and exploit their vulnerabilities. Finally, the anonymity of the blockchain makes it difficult to trace hackers. To address these issues, Andy proposes a two-category approach: preventive methods and post-deployment methods. Preventive methods include security audits, penetration testing, and formal verification. However, these methods are not sufficient as they cannot detect all vulnerabilities, especially those introduced by external dependencies. The post-deployment solution proposed by Andy involves detecting and blocking malicious transactions during the time window between the broadcast and confirmation of the transaction on the blockchain. This window is typically 12 seconds on Ethereum and 2 to 3 seconds on Binance Smart Chain. The idea is to simulate each transaction to determine if it is malicious, then generate a rescue transaction that replaces the hackers' profit addresses with those of the security team. This rescue transaction is then broadcast with a gas prioritization strategy to ensure it is confirmed before the malicious transaction. Andy explains the technical challenges of this approach, including extracting the attack logic, locating and replacing profit addresses, and identifying the preconditions of an attack. He describes how his team developed techniques to overcome these challenges, such as constructing balance change tables to identify profit addresses and using mappings to redirect jump targets in smart contracts. The effectiveness of this method was evaluated on two datasets: a set of historical hacks and real hacks. Out of 84 historical hacks, the team was able to reconstruct the smart contracts of 78 of them. In one year, their system blocked more than 20 hacks, saving over 20 million dollars across various protocols. In terms of performance, the system can generate a rescue transaction in less than 25 milliseconds in over 80% of cases, which is fast enough to block hacks on Ethereum and Binance Smart Chain. In conclusion, Andy emphasizes that DeFi hacks remain a serious problem, but post-deployment security measures can be very effective in detecting and blocking them. This technique has been commercialized in their product called Falcon. For more details, you can watch the full video at the following address: https://www.youtube.com/watch?v=Gqxc9zf0OZY