ACM CCS Workshop on
Decentralized Finance and Security
November 19, 2021 — Seoul, South Korea
co-located with the ACM Conference on Computer and Communications Security 2021


Title: A Theory of DeFi?
Tim Roughgarden, Columbia University


Tim Roughgarden is a Professor of Computer Science at Columbia University. Prior to joining Columbia, he spent 15 years on the computer science faculty at Stanford, following a PhD at Cornell and a postdoc at UC Berkeley. His research interests include the many connections between computer science and economics, as well as the design, analysis, applications, and limitations of algorithms. For his research, he has been awarded the ACM Grace Murray Hopper Award, the Presidential Early Career Award for Scientists and Engineers (PECASE), the Kalai Prize in Computer Science and Game Theory, the Social Choice and Welfare Prize, the Mathematical Programming Society's Tucker Prize, and the EATCS-SIGACT Gödel Prize. He was an invited speaker at the 2006 International Congress of Mathematicians, the Shapley Lecturer at the 2008 World Congress of the Game Theory Society, and a Guggenheim Fellow in 2017. His books include Twenty Lectures on Algorithmic Game Theory (2016) and the Algorithms Illuminated book series (2017-2019).


The workshop will take place as a virtual event on November 19.

The following times are on Korean Standard Time.

13:00–13:10 Opening and Welcome
13:10–14:00 Keynote: A Theory of DeFi?
14:00-16:00 Paper Presentation
Better Keep Cash in Your Boots - Hardware Wallets Are the New Single Point of Failure
Authors: Adrian Dabrowski (University of California, Irvine), Katharina Pfeffer (SBA Research), Markus Reichel (Vienna University of Technology), Alexandra Mai (SBA Research), Edgar R. Weippl (University of Vienna), Michael Franz (University of California, Irvine)
A Note on Optimal Fees for Constant Function Market Makers
Author: Robin Fritsch (ETH Zürich)
Concentrated Liquidity in Automated Market Makers
Author: Robin Fritsch (ETH Zürich)
Analyzing Target-Based Cryptocurrency Pump and Dump Schemes
Authors: JT Hamrick (The University of Tulsa), Farhang Rouhi (University of New Mexico), Arghya Mukherjee (The University of Tulsa), Marie Vasek (University College London), Tyler Moore (The University of Tulsa), Neil Gandal (Tel Aviv University)
16:00–17:00 Social Events
17:00–17:45 Panel - DeFi Security
Moderator: Roger Wattenhofer
Panelist: Andrea Baronchelli, Travin Keith, Benjamin Livshits, Patrick McCorry
17:45–18:00 Closing remarks

Call for Papers

Important Dates

  • Paper(Abstract) registration deadline: 1 August, 2021 (11:59 PM Anywhere on Earth (UTC-12))
  • Submission deadline: 10 August 17 August, 2021 (11:59 PM Anywhere on Earth (UTC-12))
  • Author notification: 10 September 7 September, 2021
  • Camera-ready: 27 September, 2021
  • Workshop dates: November 19


Trusted intermediaries have dominated economic interactions for centuries. With the advent of decentralized ledgers, such as Bitcoin and Ethereum, people can now trade and interact without trusting centralized custodians. Recently, Decentralized Finance (DeFi) grew to a USD +$100 Billion economy covering exchanges, borrowing/lending, margin trading, derivatives, and more.

The security properties of DeFi have to date not received much scrutinity or attention. Yet, as was shown by recent work, transaction bribing attacks and Miner Extractable Value (MEV) destabilize the blockchain's consensus security, and appears as a nearly inevitable by-product of DeFi. As such, the blockchain application layer design and utilization is critical to the security of the blockchain network. Moreover, network layer overheads, due to competitive DeFi trading, may further destabilize the blockchain's consensus and occupy unnecessary chainspace, rendering transaction fees excessive, as we have witnessed on permissionless blockchains.

The purpose of this workshop is to unite researchers with deep knowledge in the many subfields of DeFi (network, consensus, game theory, programming language, economics and security), to jointly revisit their security and privacy properties. The primary aim of the workshop is to elaborate on how we can protect DeFi users from malicious trading entities and what kind of attacks those could mount. The workshop, therefore, aims to solicit novel works that refine the fundamental tensions between security, privacy, usability, economic efficiency and performance of DeFi. Second, the workshop aims to provide an academic forum for scholars to exchange, through breaks in virtual social places as well as to participate in an open panel discussion by the end of the workshop.

Topics of Interest

Topics of interest include (but are not limited to):

  • Systematizations of DeFi
  • Existing and new DeFi attacks
  • Forensics
  • Security relevant DeFi measurements and empirical studies
  • Security of DeFi smart contracts
  • Security of the DeFi application logic
  • Formal analysis, correct by design, security frameworks
  • Security of DeFi governance (manipulation resistance)
  • DeFi composability (e.g., it's security and economic implications)
  • Security of over and under-collateralized Lending
  • New financial concepts and their security implications (e.g., flash loans)
  • Manipulation resilience of Stablecoins
  • Exchange Security (manipulation resilience, front-running, sandwich)
  • Derivatives
  • Insurances
  • Secure margin and leverage trading
  • DeFi on Layer 2
  • Miner Extractable Value
  • Security impact of DeFi on other layers (e.g., consensus, network layer)
  • DeFi scalability issues and solutions
  • Security and economic trade-offs
  • User studies
  • DeFi Privacy (e.g., transaction graph analysis, mixer)
  • Token models
  • Censorship resistance

Submissions Policy

Any link to previously published or concurrently submitted papers by any of the writers must be clearly documented in all submissions, i.e., submissions must be original work. Your submission will be rejected if you fail to define and explain contribution overlaps. It is not allowed to send the same paper to another venue with proceedings or a journal at the same time, as this would result in a desk reject. Please contact the program committee chairs if you have any questions.


Papers on Systemization of Knowledge (SoK) are welcome. These aren't surveys of previous academic work, but rather a set of findings that have been presented informally by the open-source community or used in operational projects. SoK submissions should have an “SoK:” prefix in the title.

Anonymous Submission

Papers must be provided in a way that allows for anonymous reviews: no author names or affiliations should appear on the title page, and the submission should not disclose the authors' identities in the document. When referring to your prior work, please pretend that prior work is written by someone else. Then blind the references itself if a third-person reference isn't possible (unusual). This policy is not breached if the paper is released as a technical report or in an online archive. If you have any concerns, please contact the program chairs. Papers that are not anonymized correctly should be rejected without its content being reviewed.

Conflict of Interest

When submitting a research paper, the submission site will inquire about any possible conflicts of interest between the paper's authors and members of the program committee (PC). According to the following definition, it is the sole duty of all authors of a paper to recognize all possible conflict-of-interest PC participants. When one or more of the following criteria apply, a paper author has a conflict of interest with a PC member:

  • The PC member is a co-author of the submitted paper.
  • The PC member was in the last two years in the same company or university as a co-author of the submitted paper.
  • The PC member collaborated with a co-author in the last two years.
  • No matter how long ago, the PC member is or was a co-author's primary thesis advisor.
  • No matter how long ago, a co-author is or was the PC member's primary thesis advisor.
  • The author's PC member is a relative or close personal friend.

Whenever a PC member or co-chair is in conflict with a paper, the PC member or co-chair must not review the paper nor have access to the reviews or discussions. Any other case in which the authors believe they have a dispute or conflict with a PC member, they must proactively explain the reason to the PC chairs, who will mark the conflict if necessary. As of the submission date, papers with incorrect or incomplete conflict of interest details will be automatically refused. When one of the program co-chairs is unable to decide on a paper, the other co-chair would become responsible. When all program co-chairs are in conflict, the paper will be delegated to a neutral committee member. Co-chairs of the program are not permitted to be authors or co-authors on any submission.

Human Subjects and Ethical Considerations

Papers that perform human subject studies, evaluate data extracted from human subjects (even anonymized data), or otherwise place humans in danger or affect their financial condition must:

  • If appropriate, state whether the study obtained approval or a waiver from each author's institutional ethics review board (IRB).
  • Examine the measures taken to ensure that participants and those who could have been hurt by an experiment were treated ethically and respectfully.

If the submission reveals novel bugs or vulnerabilities (for example, software flaws in a program or design flaws in a hardware system), the authors must explain the steps they have taken or intend to take to fix these flaws in detail (e.g., by disclosing vulnerabilities to the vendors). If the submission includes personally identifiable information (PII) or other forms of confidential data, the same rules apply. If a paper poses serious ethical or legal issues, it may be rejected.

Page Limit and Formatting

We welcome papers of up to 6 pages, excluding references and bibliographies, in the double column ACM CCS format. Submissions will be judged based on the quality per page. Only PDF files will be accepted. Submissions should be anonymized. Authors of accepted papers must guarantee that one of the authors will register and present the paper at the workshop.

Submission Server

Papers must be submitted at


Workshop Co-Chairs

Program Committee


Send direct queries via email to [email protected].