Blockchain's Biggest Heists - Bridging Gone Wrong

$624 million lost in the Ronin hack. $611 million in the Poly Network exploit. These headlines share a common thread: security failures in the design and implementation of blockchain bridges—critical infrastructure that moves billions in value across networks.

Before you turn away from this talk because it’s about “crypto,” know this: there’s no hype here. This is a technical deep dive into how bridges work, why they break, and what their failures reveal about security engineering in highly adversarial environments. We’ll unpack real-world vulnerabilities, examine architectural trade-offs, and explore defense-in-depth strategies for building more resilient systems.

Beyond the headlines and market noise lies one of the most complex and high-stakes areas in modern security engineering—full of unsolved problems and opportunities for researchers to shape what comes next.

About the Presenter: Maxwell Dulin

Maxwell Dulin (Strikeout) is a Security Engineer at Asymmetric Research and a recipient of a DEFCON 2024 black badge. His background includes publishing extensive research on heap exploitation techniques, web application vulnerabilities, and IoT device security, notably demonstrating hacks against connected sports scoreboards. Strikeout is an experienced speaker, having presented at CanSecWest, ThotCon, TyphoonCon, ToorCon, and DEFCON's IoT Village. He currently focuses his expertise on blockchain security, working to identify and prevent high-impact vulnerabilities that could lead to multi-million dollar losses.