01-30, 15:10–15:30 (Europe/Zurich), Sepolia Stage
Static code analysis is a cornerstone of blockchain security, helping developers identify vulnerabilities early in development. However, traditional tools often need help to catch subtle errors or adapt to evolving attack patterns. In this talk, I’ll introduce how we address these challenges with the Wake Framework—a modern approach to static analysis.
We’ll explore key concepts like the Data Dependency Graph (DDG) to showcase how Wake provides deeper insights into code structures. Additionally, we’ll explore the role of AI in static analysis, discussing where AI excels and where it falls short. I’ll provide a perspective on combining AI-driven insights with useful techniques by highlighting practical examples and lessons learned.
Whether you’re a developer, auditor, or security professional, this session will provide a fresh perspective on enhancing blockchain code security and give you an overview of tools to solve risks efficiently.
Static code analysis plays a critical role in ensuring security in all programming fields, especially in blockchain development. In this talk, I’ll share fresh ideas and techniques that are improving the static analysis process.
We’ll start with a quick refresher on how static code analysis works before diving into some of the common challenges developers and auditors face. I’ll then walk you through how we solve these issues during the auditing process, using practical examples highlighting our approach.
You’ll learn how concepts like Data Dependency Graphs improve code analysis, and where AI can be applied effectively—and where it can’t. By the end of this session, you’ll have a clear understanding of modern techniques for static analysis and how to use them to write more secure and reliable code.
Ethereum security researcher at Ackee Blockchain Security. His main focus is on auditing Ethereum DeFi projects and building static analysis tooling to secure the blockchain network.