Smart Contract Security with Emin Gün Sirer

A smart contract is a program that allows for financial transactions. Smart contracts are usually associated with the Ethereum platform, which has a language called Solidity that makes it easy to program smart contracts. Someday, we will have smart contracts issuing insurance, processing legal claims, and executing accounting transactions.

Smart contracts involve money, and they are likely to transact with cryptocurrencies. That makes them ripe targets for attackers. What are the vulnerabilities of smart contracts? What can we do to ensure the safety of a high throughput, automated financial system?

In today’s episode, Haseeb Qureshi talks to Emin Gün Sirer, a professor at Cornell University where he is co-director of the Initiative for Cryptocurrencies and Contracts. They discuss how smart contracts work and how to secure them. Haseeb and Emin are both working full-time on cryptocurrencies, which makes for a detailed technical discussion.

In our previous episode about the DAO hack, Emin Gün Sirer was one of the protagonists of the story. You can find that episode as well as all of our old episodes by downloading the Software Engineering Daily app for iOS and for Android. We also have several other episodes with Haseeb.

Transcript

Transcript provided by We Edit Podcasts. Software Engineering Daily listeners can go to weeditpodcasts.com/sed to get 20% off the first two months of audio editing and transcription services. Thanks to We Edit Podcasts for partnering with SE Daily. Please click here to view this show’s transcript.

Sponsors


You are programming a new service for your users. Or, you are hacking on a side project. Whatever you are building, you need to send email. For sending email, developers use SendGrid. SendGrid is the API for email, trusted by developers. Send transactional emails through the SendGrid API. Build marketing campaigns with a beautiful interface for crafting the perfect email. SendGrid is used by Uber, Airbnb, and Spotify–but anybody can start for free and get 100 emails per day. Just go to SendGrid.com/sedaily to get started. Your email is important–make sure it gets delivered properly, with SendGrid, the most reliable email delivery service. Get started with 100 emails per day at SendGrid.com/sedaily.


Every second your cloud servers are running, they are costing you money. Stop paying for idle cloud instances and VMs. Control the cost of your cloud with ParkMyCloud. ParkMyCloud automatically turns off cloud resources when you don’t need them. Whether you are on AWS, Azure, or Google Cloud, it’s easy to start saving money with ParkMyCloud. You sign up for ParkMyCloud, you connect to your cloud provider, and ParkMyCloud gives you a dashboard of all your resources–including their costs. From the dashboard, you can automatically schedule when your different cloud instances get turned on or off – saving you 65% or more. Additionally, you can manage databases, auto scaling groups and set up logical groups of servers to turn off during nights and weekends when you don’t need them–and you can see how much money you are saving. Go to parkmycloud.com/sedaily to get $100 in free credit for ParkMyCloud for SE Daily listeners. ParkMyCloud is used by McDonald’s, CapitalOne, and Fox, and saves customers tens of thousands of dollars every month. Go to parkmycloud.com/sedaily, and cut the cost of your cloud today.


When your application is failing on a user’s device, how do you find out about it? Raygun lets you see every problem in your software and how to fix it. Raygun brings together crash reporting, real user monitoring, user tracking, and deployment tracking. See every error and crash affecting your users right now. Monitor your deployments, to make sure that a release is not impacting users in new ways. And track your users through your application to identify the bad experiences they are having. Go to softwareengineeringdaily.com/raygun, and get a free 14 day trial to try out Raygun and find the errors that are occurring in your applications today. Raygun is used by Microsoft, Slack, and Unity to monitor their customer facing software. Go to softwareengineeringdaily.com/raygun and try it out for yourself.


Thanks to Symphono for sponsoring Software Engineering Daily. Symphono is a custom engineering shop where senior engineers tackle big tech challenges while learning from each other. Check it out at symphono.com/sedaily. Thanks to Symphono for being a sponsor of Software Engineering Daily for almost a year now. Your continued support allows us to deliver content to the listeners on a regular basis.