Proposed gathering of the Security community

Hi, Hugh from Nexus Mutual. We’d love to participate and can hopefully provide some views/opinions on using insurance as a second layer safety net, after you’ve done all your audits etc
We don’t have much capacity to help with hands on coordination but we can help with a small amount of funding if you consider it appropriate (definitely don’t want to mess with the For Us, By Us feel). Let me know.

1 Like

I am co-coordinating with @jpitts to get a meeting wiki started and I am making a summary doc that will help us coalesce on agenda, venue, date etc. Great energy here.

1 Like

Hi Hugh, would LOVE to have you in attendance and give a talk about insurance as a safety net against bugs and subsequent losses. You can audit out 99% of known bugs, but there is still human error at play, and the unknown future state of insecure patterns. I was chatting with someone about insurance solutions for smart contracts, and I think the biggest discussion points are “who makes decisions on event classification?” and “how would the funds even be used?”. I think there are actually some opportunities here to create alternative business models for auditing firms, both in event response contracts and bug prediction markets. Would be a super facinating perspective to hear from!

We would definitely appreciate some funding for the event. We’ll try to lock up some logistics in order to estimate costs, but we definitely want this to remain a free event for all to participate in, so sponsorships will be important!

Hi Makato, would love to have you! We are definitely thinking about it being at ETH Berlin, would like to do it prior to the event (maybe Sept 5th or 6th?) so we can get good attendance at the event as many people would attend.

I would also like to do it before so we can get a time slot in the ETH Berlin talks and summarize what happened as well as the highlights so more people can know about the event and our collective efforts to organize the smart contract security space.

Great! We definitely see insurance as a supplement to auditing and I can ramble on for a while on those topics, so hopefully you all find it useful :slight_smile:

Very briefly, our model effectively decentralises the claims decision making process and the model also offers a supplement to the auditing model where you can earn funds on contracts you deem secure (like underwriting). If you want to dive deeper you can check out our website

Really looking forward to it and do let me know on sponsorship.

1 Like

Here’s the example of the agenda that @jpitts did Proposed agenda for the “Council of Berlin”, set for July 14-15

We’re doing this for the first time too, so great to have another working group getting started at the same time.

Hi all, I’m Nick from, we would be happy to contribute talks/content and help with logistics/sponsorship!

Personally, would really like to see discussion on tools that improve the manual auditing process (e.g. lower the cost of context switching when reading contracts with unwieldy levels of inheritance). Also think we should have a conversation about who we, as auditors, are ultimately accountable to. Nominally it’s the clients, but I believe there’s a higher responsibility to the users of a smart contract I’ve audited. I’d like to hammer out what that means in practice.

Hi, Logan from ChronoLogic, we’re working on decentralized scheduling of transactions on Ethereum. We rebooted the Ethereum Alarm Clock project and are working on a next-gen version called Chronos. We architect with smart contracts so we know first hand the importance of eliminating bugs from code. It’s maybe a bit askew to the topic, but we can bring some insights about how to make security tradeoffs between on-chain and off-chain and how to use economic incentives to secure a protocol, since this is what we’re working on currently with the transaction claiming mechanism.

Would love to attend!

It would definitely be interesting to hear about the development experience of a few developers of complex applications. We may not want to dive too deep into cryptoeconomic security mechanisms, but would totally be interested in hearing about on-chain vs. off-chain security and the different problems you face with both.

Arash from New Alchemy here. My team and I can definitely contribute to this event. Similar to others, can’t provide much organizational/logistics help, but happy to engage in developing the agenda and discussion topics.

I would also be interested in discussing security of standard frameworks that exist out there, cryptographic assessment and game theory analysis as well as key management.

I’d like to propose we leave cryptoeconomic assessment mostly out of the discussion. It does play a role in the overall security discussion, but analysis of economic mechanisms outside of driving security is out of scope in my opinion.

Hey :wave:
Philip from Brickblock here. We’re currently undergoing an audit of a relatively complex smart contract system.

We’d be happy to pitch in some resources, be it financial or other. Let me know what we can do to help.

1 Like

Excellent, we need developer participation also so this is awesome. As for assistance we will know more in the coming weeks as we put things together. Looking forward to seeing you. We will be in touch

@mariapaulafn I was hoping that we could present a summary of this event to those in attendance at ETH Berlin at a talk given during the event. There is a lot of interest to attend, but we would like to focus this event for more invested individuals and teams. I think giving a presentation would allow others to learn about what we discovered after we’ve had a chance to digest our findings for the wider community.

We would then suggest that those who do not currently work full-time either on smart contract development or as smart contract auditors consider attending that session so we can save more space for these parties and create a high level of discussion. I hate to suggest exclusivity, but I think the right audience for this gathering is critical to it’s success.

What do you all think?

1 Like

Hi, we are taking speaker submissions at the moment for ETHBerlin, this event is something separate of course.
Who you decide to invite is up to you, I am just facilitating resources and organization. I am a big fan of inclusion, hence never a supporter of exclusivity, but I will not put any restrictions as I respect your POV.

1 Like

:Grigore from Runtime Verification (RV) here. We would also like to participate in this event. We do formal verification of smart contracts; see our approach here: This is also the approach we are following to verify Casper, as part of this grant: We can give a presentation about formal verification in general and about our approach in particular.


All, it is imperative we choose a date ASAP so we can reserve the venue which may be available at very low cost!! I was thinking Thursday 6 Sept, the day before EthBerlin. Someone mentioned 5 Sept also. Comments?

The learning from previously is — pick a date, everyone will then attend or not :wink:

1 Like

Then this event will take place on Sept 6. I will now 100% the Full Node space.

1 Like

Grigore - you are 100% on topic and that would be great to hear about! This would be very helpful. Looking forward to seeing you.