Smart Contract Exploitation Automation


Project overview:

  • Location: Amsterdam
  • Time frame: 3 - 6 months
  • Starting: September 2022
  • Complexity: Medium - High
  • Team: Security Specialists
  • Supervisor: Antonios Papadopoulos

As a student, you have:


Education:

  • MSc student in computer science in the cyber security field or cryptography.


Technical skills:

  • Proven affinity with security and pentesting
  • Affinity with blockchain technology.
  • Basic knowledge of Cryptography and Ethereum (or willingness to learn).
  • Basic knowledge of Solidity (or willingness to learn)
  • Good knowledge of Python or Javascript.
  • Ability to look at existing testing processes and extrapolate a similar way of working for a different technology
  • Affinity with blockchain technology


Soft skills:

  • Structured and organized way of working, good writing skills
  • Ability to work well in an international team environment
  • Good communication skills, self-organization.

The project you will be working on:

Smart contracts are specialized programs stored on the blockchain, typically used for automating the execution of an agreement so that all parties can be certain of the outcome, without the need of trust between the parties.

Secura is looking for a bachelor/master student who is interested in the topic of smart contract security and would like to develop automated scripts for identifying and exploiting vulnerabilities on existing and new contracts on the Ethereum network. Most of the work will be performed in a locally hosted Ethereum blockchain (using Ganache/Truffle Suite), with some testing also performed in the Ethereum Testnets.

A general outline of the project can be seen below:

  • Familiarize with the different technologies.
  • Literature review on current smart contract exploitation research.
  • Designing a proof-of-concept script for exploiting a specific vulnerability from Decentralized Application Security Project (DASP) Top 10.
  • Perform research on more vulnerabilities, flag interesting contracts for manual review, migrate the script(s) in a cloud platform (e.g. Lambda in AWS) for scheduled scanning of the blockchain and more.
  • Writing a report of the outcomes of this research.


Contact us

We would like to receive your CV and motivation letter by mail via jobs@secura.com.

Send email keyboard_arrow_right