This week's episode features an interview between Patrick Collins and a Web3 Security Engineer at Trail of Bits. They cover: - testing methodologies - fuzzing - static analysis
With Trail of Bits Security Engineer, Troy!
Timestamps 3:10 - Exploring Smart Contract Testing Methodologies with Trail of Bits 5:37 - Testing Strategies for Smart Contracts 8:10 - Fuzz Testing and Invariant-Based Testing Explained 10:56 - Coverage Guided Fuzzing Explained 13:50 - The Benefits of Coverage Guided Fuzzing and the Differences between Echidna, Foundry, & Others 16:27 - Using Coverage Guided Fuzzing with Optic and Echidna 19:12 - Symbolic execution and coverage-guided fuzzing in Echidna 21:57 - Testing Philosophies: Dynamic vs. Static Testing 24:24 - Dynamic vs Static Analysis and the trade-offs of each approach 27:10 - The Importance of Efficient Testing and Using a Variety of Testing Methods 29:57 - The Role of Security Firms and Testing Philosophies 32:33 - Balancing Cost and Efficiency in Security Audits 35:15 - The Importance of Code Reuse in Building Tools and Languages 38:04 - The pitfalls of focusing on language intricacies in programming and the benefits of prioritizing language design and philosophy 40:41 - The Need for More Open Source Tools and Communication in the Ethereum Community 43:22 - Advice for becoming more security-minded in smart contract coding 45:51 - Discussion with Alpha Rush on Testing Compilers and Security Focus Journeys
Podden och tillhörande omslagsbild på den här sidan tillhör
Superfluid. Innehållet i podden är skapat av Superfluid och inte av,
eller tillsammans med, Poddtoppen.