When Arseny Reutov, a web application security specialist at Positive.com, set to test out potential attack points in games of chance that run on the Ethereum blockchain, he expected to find some flaws in the system, maybe.
What he didn’t expect was that half of what he tested had vulnerabilities that could be exploited to do what rarely can be done in a physical casino: beat the house.
“I thought that the security of random number generators should be much higher,” Reutov said. Reutovpresented these findings at OWASP AppSec California in January and PHDays 2018 last month.