The blockchain is expected to provide a secure and transparent financial environment, yet in recent years, malicious actors have exploited it for money laundering and fraud. This presentation delves into a thorough analysis by the blue team, revealing a crucial aspect of these illicit activities - the hidden fund flows within cryptocurrency exchanges. We will uncover the concealed illegal transactions and financial fraud activities within cryptocurrency exchanges, while also discussing how the blue team can effectively utilize anti-money laundering techniques to track these illicit activities.

With the development of the times, Various types of digital evidence have emerged one after another in the trial process. Therefore, it is a new challenge for the judiciary to build a "Digital evidence" storage system to ensure identity and maintain the ability of evidence. Judicial Yuan, Ministry of Justice, Taiwan High Prosecutors Office, National Police Agency and Ministry of Justice Investigation Bureau jointly plan and build a "Blockchain-applied Judicial Alliance for Digital Era" in response to the digital evidence storage, authentication and verification in the digital era, with the goal of gaining people's trust and judicial credibility.

Currently, in the web3 industry, defense-oriented products are still in the early stages. Compared to web2, there is a general shift from IDS (Intrusion Detection Systems) to IPS (Intrusion Prevention Systems). Suggest protocol follow the fundamentals of DevSecOps in Web3 ensure that every stage, including planning, development, testing, release, and monitoring, is encompassed by security measures. These measures include smart contract auditing before release, post-release monitoring for potential attacks, and a robust, well-rehearsed incident response plan to ensure the optimal course of action is always taken.

In this session, we will discuss the security of cryptocurrency exchanges from the perspectives of users and industry players. First, we analyze common cryptocurrency security risks. Then we share how to protect user assets from the perspective of exchange operators and share our experience. We use actual cases to show how exchanges protect user assets. In the end, we provide users guide that how to choose a secure and safe exchange.

The TVL of DeFi has surpassed $100 billion for the first time since 2022, with several notable security incidents occurring up to this point, such as Mixin Network (with losses of approximately $200 million), Euler Finance (with losses of approximately $200 million), and KyberSwap (with losses of approximately $48 million), among others. The losses from these DeFi security incidents are significant.

This topic will cover well-known DeFi security incidents and common attack vectors in DeFi, including manipulation of price oracles, reward manipulations, private key leaks, inadequate permission controls, and logical errors, among others. This session aims to enhance the understanding of blockchain security issues among Web 3 developers and security professionals through sharing problems frequently encountered in blockchain security audits and case analyses of security incidents. By doing so, it hopes to promote the construction of safer blockchain projects.

With the rapid development of Web3, we are stepping into a completely new digital world. This world is based on decentralization, blockchain technology, and cryptocurrencies, opening up endless possibilities. However, these innovations also bring unprecedented security challenges. In this presentation, we will delve into the key security issues in the Web3 environment, including vulnerabilities in smart contracts, the security of decentralized applications (DApps), and weaknesses in blockchain networks.