search

Web3-Conf-India / Proposal-2022

MIT License
24 stars 10 forks source link

Bullet-proof your protocols Or Make a Million Dollars: Guide to an AntiFragile testing framework #71

Open saxenism opened 2 years ago

saxenism commented 2 years ago

Bullet-proof your protocols

Hackers had a big year in 2021, stealing $3.2 billion worth of cryptocurrency. And in 2022, they’re shaping up to steal even more.

In the first three months of this year, these digital thieves have stolen $1.3 billion from exchanges, platforms, and private entities—and the victims are disproportionately in DeFi ♟️

The very obvious solution being advocated against these hacks is even more stringent auditing by audit firms, putting pressure of protocols to get audits from multiple firms and so on. DeFi insurance has also emerged as a pretty viable solution for a dooms-day scenario (big hacks/ de-pegging instances).

However all these solutions are surface level solutions, since auditing is still largely susceptible to human error, modifications post the audits and insurances are really the worst case scenarios 📉
So, to really ensure a safe DeFi environment, we have to step up our DeFi protocol testing game and follow certain industry standards before we even think of shipping a protocol for use by the users 🎌

In my current role as a full-stack blockchain developer at Sublime.Finance, I have been heavily involved in the designing and implementation of the testing framework for our protocol. During this time, I have come across several best practices ⭐ regarding testing by hunting them down one by one directly from the biggest (by TVL) DeFi protocols today 🏟️

Our current testing framework is not just robust, but anti-fragile, implying that not only does it sustain extreme edge-case based testing, but every time we come across a scenario that does not produce the expected results 📈 , our testing framework only becomes superior 🚀 I would like to even go out on a limb and claim that it is one of THE most advanced and exhaustive testing framework in the entirety of DeFi 😮‍💨

Hydra Thus to make your protocol hack-proof (as much as possible), you have to design your testing framework to be anti-fragile, which not only sustains any adversity but grows from it. Much like the mythical creature called Hydra 🐉 from the Greek mythology that grows two heads every time someone severs one of its head. Or like Raktbeej who became more powerful the more he was made to bleed.

Raking up a cool million dollars with this knowledge

Auditing is probably one of THE most profitable venture in the whole of DeFi ecosystem 💰 So much so that the leading auditing firms take north of $250k USD for a single audit and are still over-booked even in this bear market 😱 What if you could get a piece of this action, wouldn't it be so damn awesome? 😃

In this part of the presentation we will talk about what open-source auditing is, how you can get involved, what to expect, the timelines and most importantly, how much money you could expect to make meanwhile making the entire DeFi a little bit more secure, one protocol at a time 💪🏻

PS: The top gun in this domain has already crossed a million dollar mark quite some time back and he is a curious individual just like you and me 😮 🙏🏻

Highlights

The highlights of this 60-minute workshop would be to

  1. Discuss and establish a general testing framework and a testing mindset 🧠
  2. Making the testing framework specific to your protocol 🔧
  3. Identifying possible attack vectors ⚔️
  4. Breaking up the protocol code for the most effective testing ⚒️
  5. A discussion on various testing tools (and why I prefer Forge/Dapp.tools) 🗺️
  6. A practical demonstration of all discussed concepts 🖥️
  7. And finally, even if you are not a protocol owner or engineer, how you can leverage this knowledge to make tons of money 🤑

Style of Session

60-90 min Teach Me Something Workshop

Audience Type:

Intermediate-Advanced. Development experience (in Solidity) pre-requisite

About Me

I am full stack blockchain engineer at Sublime Finance. You can know more about me by visiting [my website] (https://flowcv.me/rahul-saxena)

LinkedIn: https://www.linkedin.com/in/saxena-rahul/ Twitter: https://twitter.com/saxenism

Web3ConfIndia commented 2 years ago

Hello, @saxenism Congratulations on getting shortlisted for a talk at Web3Conf India. Please share your email so that we can take it further.

adiig7 commented 2 years ago

Hey @saxenism! Looks like you haven't reached out to us yet. If you do not respond by 30th June, we'll not be considering your proposal and will be going forward with others.

saxenism commented 2 years ago

Lol, I don't know how it happened, but I had replied but it is not here anymore :P

You can reach out to me on

saxenism.crypto@gmail.com

saxenism commented 1 year ago

Hey, you can mail me on:

@.***

On Wed, 22 Jun 2022, 21:55 Web3ConfIndia, @.***> wrote:

Hello, @saxenism https://github.com/saxenism Congratulations on getting shortlisted for a talk at Web3Conf India. Please share your email so that we can take it further.

— Reply to this email directly, view it on GitHub https://github.com/Web3-Conf-India/Proposal-2022/issues/71#issuecomment-1163338309, or unsubscribe https://github.com/notifications/unsubscribe-auth/AHYEDI7JOSKRWUMH527RGCTVQM47ZANCNFSM5XJTG3TA . You are receiving this because you were mentioned.Message ID: @.***>