SEA Community Hub Proposal: Web3 Security Researchers Hub

Community Hubs
1

Summary of Proposal

The Web3 Security Community Hub is a collaborative platform for security researchers to share knowledge, participate in competitions, and explore job opportunities. Over four days, attendees will engage in panels, workshops, and a high-stakes hacking competition to enhance the security of Web3 protocols.
Motivation and Rationale

Enhancing Attendee Experience:

The Web3 Security Community Hub offers a unique, interactive experience for attendees to engage deeply with Web3 security. It provides hands-on opportunities to learn from experts, participate in real-world hacking competitions, and network with peers and industry leaders. This hub creates a focused environment for learning, collaboration, and professional growth.

Complementing the Main Programme at Devcon:

While Devcon covers a broad range of topics, the Web3 Security Community Hub zeroes in on the critical area of Web3 security. This specialized focus complements the main programme by providing an in-depth exploration of security challenges and solutions, which are essential for the growth and trustworthiness of Web3 technologies.

Significance of the Topic:

Web3 security is crucial as the adoption of decentralized technologies grows. Security breaches can have devastating impacts, making robust security measures imperative. The community hub format fosters a collaborative atmosphere where researchers can dive deep into security issues, share insights, and develop innovative solutions. This hands-on, community-driven approach is more effective than a traditional talk or workshop.

Implementation

The space with 32 sq m with about 20-25 chairs for people to sit.

Team

Akhil - Founder of Defenders Den

Defenders Den: Web3 security community

Alex - Founder of Opensense

Opensense: Web3 security community

PLAN (Down Below):

Day 1: Web3 Security Community Hub Kickoff

Morning to Afternoon

  1. 9:00 AM - 9:30 AM: Welcome and Introductions
  • Brief overview of the community’s purpose and goals.
  • Introduction of participants.

Discussion on below topics within security researchers:

  1. 9:30 AM - 10:30 AM: Job Opportunities and Salaries in Web3 Security
  • Discussion on career paths, roles, and compensation.
  • Q&A session.
  1. 10:45 AM - 11:45 AM: Auditing Platforms and Beyond
  • Overview of existing platforms (e.g., OpenZeppelin, CertiK).
  • Discussion on alternative approaches (formal verification, manual reviews).
  1. 12:00 PM - 1:00 PM: Seal Organization and Best Practices
  • Guest speaker from a Seal organization.
  • Case studies and success stories.
  1. 1:00 PM - 2:00 PM: Lunch Break

Afternoon to Evening

  1. 2:00 PM - 3:00 PM: Web3 Newsletters and Bug-Finding Tools
  • Recommended newsletters.
  • Popular bug-finding tools (Mythril, Slither, Echidna).
  1. 3:15 PM - 4:15 PM: Layer 2 Security Challenges
  • Deep dive into Layer 2 solutions.
  • Security considerations.
  1. 4:30 PM - 5:30 PM: Preventing Reentrancy Attacks
  • Code examples and best practices.

Day 2 & Day 3: Team Bug-Hunting Sessions

  1. 9:00 AM - 12:00 PM: Team Formation and Protocol Assignments
  • Divide participants into teams (5 members each).
  • Assign specific web3 protocols to each team.
  1. 1:00 PM - 4:00 PM: Bug Exploration and Knowledge Sharing
  • Teams explore their assigned protocols.
  • Researchers share bug-finding techniques.

Day 4: Networking and Private Auditing Opportunities

  1. 10:00 AM - 11:30 AM: Networking Session
  • Icebreakers and informal discussions.
  • Exchange contact information.
  1. 11:45 AM - 1:00 PM: Private Auditing Opportunities
  • Experienced auditors guide participants.
  • Real-world auditing scenarios.
  1. 2PM - 4:00 PM => Explore the event

I approached a auditing platform. They have problem with number of people finding bugs in that contest. [They want more people to participate (>>>> 25 people)]

Updated with the perfect plan - [with the same auditing competition in a different way (shadow audit within the teams)].

@Shyam_Sridhar

1 Like
2

Hey @akhilmanga! Thanks for putting this together, and your interest in hosting a community hub at Devcon SEA.

General Update on the Process

  • The RFP is open until the end of August.
  • Shortly after this (early first week of September), we will share which Community Hub proposals got accepted and will work with those accepted teams to fine-tune the proposals/hubs and how we can best meet their production requirements.

Thanks!

1 Like
4

Hi!

Thank you so much for your patience as we review all the community hub proposals. A quick update: We have extended the deadline to submit a community hub application by one week, to the 7th of September 2024 (AoE time). You can now expect to hear from us about the outcome of your proposal by mid-September.

Thank you again! In the meantime, if you have any questions, please feel free to reach out to me.

5

Hello guys, the agenda is very nice. I’d like to propose a talk or panel discussion on the future of the audit business. I drafted an abstract for the talk.

ABSTRACT
As the blockchain industry grows and matures, the demand for smart contract audits has never been greater. In this talk, we will explore the future of the smart contract audit business, examining emerging trends, evolving technologies, and the increasing complexity of decentralized applications.

We will discuss how auditors’ roles are shifting from mere code review to becoming integral partners in the development lifecycle, helping to build more secure and resilient systems from the ground up. With the rise of AI-driven tools, formal verification, and automated auditing processes, we will explore how these innovations transform the landscape, enhance efficiency, and improve accuracy in identifying vulnerabilities.

Additionally, the talk will address audit firms’ challenges and opportunities, including the need for continuous learning, staying ahead of new attack vectors, and adapting to regulatory changes in an increasingly globalized market. We will also consider the ethical implications of auditing in a decentralized world and the evolving relationship between auditors, developers, and the wider blockchain community.

This session is designed for auditors, developers, blockchain entrepreneurs, and anyone interested in understanding how the smart contract audit business will evolve in the coming years and what it will take to succeed in this rapidly changing field.

1 Like
6

Hey, that’s a very nice initiative, thanks for that. If you would like to help with some topics, I think I could contribute well in terms of static analysis and fuzzing.

1 Like
7

Hi there,

First of all, we would like to thank you for putting together this proposal!

The space allocated to Community Hubs is limited which means we can only accept a limited number of proposals.

Many of the proposals we received were very high quality and, unfortunately, we had to take hard decisions. There is simply not enough space to accommodate all of them.

With this post, I’d like to inform you that your proposal was not selected for this year’s Community space.

Again, thank you for showing initiative to contribute to the Devcon SEA experience and we hope to see you there soon nonetheless.

Best Regards,

Shyam & The Devcon team