​Description

​In the fast-paced world of cryptocurrencies, secure multi-party computation (MPC) and zero-knowledge proofs (ZKPs) form the bedrock of secure digital asset management. This talk delves into the insights gleaned from Cure53's audit of Coinbase's CB-MPC cryptographic library. Highlighting vulnerabilities ranging from high-severity elliptic curve subgroup attacks to subtle deviations in Ed25519 nonce generation, we'll unpack how these issues were identified, addressed, and resolved. Through this deep dive, attendees will gain valuable lessons on ensuring protocol correctness, preventing subtle cryptographic pitfalls, and maintaining security rigor in open-source cryptographic libraries.

​Speaker Info

​As a Senior Applied Cryptography Auditor at Cure53, Nadim leverages his extensive experience in software security audits to ensure the integrity of critical cryptographic systems. Nadim has contributed to over 250 software security audits, both independently and through partnerships with Cure53. Additionally, he is the Director at Symbolic Software, where he publishes research software for applied cryptographers and indie video game projects. Nadim is passionate about advancing the field of cryptography and making it more accessible to developers and researchers.