In a transaction displacement attack, an attacker inserts their transaction ahead of a legitimate one, to steal rewards associated with the legitimate transaction. Transaction displacement attacks can be subtle, and designing a smart contract API that avoids them is not easy. This talk will describe recent work on a displacement attack detector for Manticore, Trail of Bits' symbolic execution tool.
Sam Moelius is a security engineer at Trail of Bits.
Presented at
Resources
Authored by
- Sam Moelius