Back to Blog
EthCC 2026 Cannes: Security Guide for Web3 Builders
Web3 SecurityZealynx

EthCC 2026 Cannes: Security Guide for Web3 Builders

Carlos (Bloqarl)
Carlos (Bloqarl)
9 min
EthCC is back in Cannes for its 9th edition, and this year the energy is different. With institutional adoption accelerating, new L2s shipping weekly, and AI agents entering DeFi, the conversations at EthCC 2026 will shape what gets built for the next two years.
Whether you're a founder preparing for launch, a developer looking to connect with auditors, or an investor evaluating protocols, here's everything you need to know to make your trip count.

TL;DR

  • EthCC[9] runs March 27 to April 5, 2026 in Cannes, France
  • Side events and hackathons extend the week significantly
  • Security conversations are no longer optional for founders raising capital
  • Networking at side events often matters more than the main stage
  • There's a way to earn money at EthCC by referring protocols that need audits

Key Dates and Logistics

Main Conference: March 27 to 29, 2026 EthCC Week (side events + hackathons): March 27 to April 5, 2026 Location: Palais des Festivals, Cannes, France
The main conference runs three days, but the real action happens across the full week. Side events, builder houses, and hackathons fill the calendar from the Monday before through the following weekend.

What to Plan For

  • Accommodation: Book early. Cannes during EthCC fills up fast. Look at Airbnb in Le Suquet (old town) or La Bocca for better rates.
  • Transport: Nice airport (NCE) is the closest. The train from Nice to Cannes takes ~35 minutes. Taxis from the airport run around 80 to 100 EUR.
  • Budget: Cannes is expensive. Budget 50 to 80 EUR per day for food if eating out. Coffee at the Croisette is 5 to 7 EUR.

What to Expect at EthCC[9]

Main Stage Tracks

EthCC typically features tracks covering:
  • Protocol engineering: L2 scaling, MEV, account abstraction, cross-chain messaging
  • DeFi and tokenomics: Lending, DEX architecture, stablecoin design, RWA integration
  • Security and auditing: Vulnerability disclosure, formal verification, AI in auditing
  • Governance and DAOs: On-chain governance, voting mechanisms, treasury management
  • Developer tooling: Foundry, Hardhat updates, testing frameworks, deployment pipelines
The security track has grown significantly year over year. In 2025, multiple sessions focused on AI-assisted auditing and the gap between automated tools and human review. Expect 2026 to go deeper on agentic security systems and real-time monitoring.

Side Events Worth Tracking

The side event calendar is where the real conversations happen. Keep an eye on:
  • Hackathons: ETHGlobal Cannes and smaller chain-specific hackathons often run during the week
  • Builder houses: Protocol teams rent villas and host invite-only sessions. These are where partnerships form.
  • Security meetups: Trail of Bits, OpenZeppelin, and independent auditors often host informal sessions
  • Investor dinners: If you're fundraising, the week before and after the conference is prime time for partner meetings
Pro tip: Follow the EthCC Luma calendar for the most up-to-date side event listings. New events get added daily in the two weeks before the conference.

For Founders: Why Security Should Be on Your EthCC Agenda

If you're attending EthCC as a founder or protocol lead, here's the reality: investors are asking about security earlier in the process than ever before.
In 2025, multiple raises fell through because protocols couldn't demonstrate audit readiness. VCs have seen enough eight-figure exploits to treat unaudited code as a red flag, not a tradeoff.

What You Should Do Before Cannes

  1. Know your audit status. Can you articulate what's been audited, by whom, and what's still open? If not, fix that before your meetings.
  2. Run a pre-audit check. Tools like Krait can give you a free AI-powered security snapshot of your codebase in minutes. Walk into investor meetings with data, not promises.
  3. Have your scope ready. If you're planning to engage an auditor after the conference, know which contracts are in scope, how many lines of code, and your target timeline. This speeds up every conversation.

What Investors Will Ask

Based on conversations with VCs active in Web3:
  • "When was your last audit, and who did it?"
  • "What's your security budget as a percentage of your raise?"
  • "Do you have a bug bounty program?"
  • "What's your incident response plan?"
If you can answer these confidently, you're ahead of 80% of the projects at the conference.

Networking Tips That Actually Work

Before the Conference

  • Set meetings in advance. Don't rely on running into people. Use Telegram, Twitter DMs, or Luma to schedule 15 to 20 minute slots.
  • Have a one-liner. "We're building [X] on [chain], currently in audit, launching in Q2" is better than a five-minute explanation.
  • Bring cards or a QR code. Physical cards still work at conferences. A QR code linking to your website or deck is even better.

During the Conference

  • Skip sessions you can watch later. Most talks are recorded. Use main stage time for meetings and side events.
  • The hallway track is the main track. Some of the best connections happen in the coffee line, not in the audience.
  • Follow up the same day. Send a Telegram message that evening. By the next morning, the person has met 50 more people and your face is gone.

After the Conference

  • Follow up within 48 hours with a concrete next step, not "great to meet you."
  • Reference something specific from your conversation. This is how you stand out from the 200 other follow-ups they receive.

How to Earn at EthCC Without a Booth

Not everyone at EthCC is building a protocol or raising capital. Many attendees are advisors, community leaders, or ecosystem participants who know founders and teams personally.
If you know protocols that are preparing for launch, expanding to new chains, or handling significant TVL without a recent audit, there's a straightforward way to monetize those connections.

The Zealynx Referral Program

Zealynx Security runs a referral program specifically designed for the EthCC community:
  • $1,000 base reward for every referred protocol that completes an audit
  • Up to 20% commission on the audit value (minimum $5,000 audit)
  • No cap on the number of referrals

Zealynx Security Brief

Monthly vulnerability spotlights, exploit breakdowns, and security insights. Join security-conscious devs.

No spam. Unsubscribe anytime.

The math is simple. One successful referral on a 15,000audit=15,000 audit = 1,000 base + 3,000commission=3,000 commission = **4,000** for an introduction.

How It Works

  1. Sign up at zealynx.io/ethcc-referral
  2. Get your referral link and toolkit with QR codes, pitch scripts, and talking points at zealynx.io/ethcc-referral/toolkit
  3. Introduce the protocol to Zealynx (via the form or a direct Telegram intro to @vendrell46)
  4. Get paid when the audit closes
Zealynx covers Solidity, Solana, Rust, Cairo, and TypeScript audits, plus AI red teaming and DeFi tokenomics review. If the protocol writes smart contracts, they're a potential referral.
Full program details and terms: zealynx.io/ethcc-referral/terms

What Zealynx Is Doing at EthCC

Our team will be in Cannes for the full week. Here's what we're up to:
  • Open for in-person meetings. If you want to discuss your protocol's security posture, scope an audit, or just talk shop, reach out on Telegram: @vendrell46
  • Free Krait scans. Bring your GitHub repo and we'll run our AI auditing engine on it live. No strings attached. Try it yourself first.
  • Referral program active. The program runs through the entire ETHCC week and beyond.

Packing List for Web3 Builders

Beyond the obvious, here's what experienced EthCC attendees recommend:
  • Portable charger: You'll be on your phone all day scheduling and messaging
  • Comfortable shoes: Cannes is walkable but you'll cover serious distance between venues
  • Sunscreen: It's the French Riviera in late March. The sun is real.
  • A light jacket: Evenings by the water get cool
  • Business cards or NFC tag: For quick contact exchanges
  • Your elevator pitch: Rehearsed, under 30 seconds

Final Thoughts

EthCC is one of the few conferences where the quality of conversations justifies the travel. The key is preparation: set meetings early, know your security story, and follow up fast.
If you're building something that handles user funds, the security conversation isn't optional anymore. Whether you engage with Zealynx or another auditor, walk into Cannes with a plan.
See you there.

FAQ

1. When is EthCC 2026?
The main conference runs March 27 to 29, 2026 at the Palais des Festivals in Cannes, France. Side events and hackathons extend the week from March 27 through April 5, 2026.
2. Where is EthCC 2026 held?
Palais des Festivals in Cannes, France. The same venue that hosts the Cannes Film Festival. The surrounding area hosts dozens of side events, builder houses, and hackathons throughout the week.
3. How much does EthCC cost?
Ticket prices vary by tier and when you purchase. Early bird tickets are significantly cheaper. Most side events are free or low cost. Budget 50 to 80 EUR per day for food and 80 to 100 EUR for a taxi from Nice airport.
4. Is EthCC worth attending for security professionals?
Yes. The security track has grown each year, and the hallway conversations with protocol teams are where audit engagements often start. If you're an auditor or security researcher, EthCC is one of the highest-ROI conferences in the space. Multiple sessions in 2026 will cover AI-assisted auditing and agentic security systems.
5. What should founders prepare before attending EthCC?
Know your audit readiness status, have your scope defined (which contracts, how many lines of code), and be ready to answer investor questions about your security posture. Running a free pre-audit scan with tools like Krait gives you concrete data to bring to meetings.
6. How can I earn money at EthCC?
The Zealynx referral program pays $1,000 plus up to 20% commission for every protocol referral that leads to a completed audit. If you know founders building on any EVM chain, Solana, or other smart contract platforms, each introduction could be worth thousands. Sign up at zealynx.io/ethcc-referral.

Glossary

TermDefinition
Audit ReadinessThe state of a protocol's codebase and documentation being prepared for a formal security audit, including frozen code, test coverage, and documented invariants.
Bug BountyReward program incentivizing security researchers to find and report vulnerabilities before malicious exploitation.
Incident ResponseA structured plan for detecting, containing, and recovering from security breaches or exploits in a live protocol.
Security PostureThe overall security status of a protocol, encompassing audit history, bug bounty programs, monitoring, incident response, and ongoing security practices.
TVLTotal Value Locked. The aggregate value of crypto assets deposited in a DeFi protocol's smart contracts.
View complete glossary →

Are you audit-ready?

Download the free Pre-Audit Readiness Checklist used by 40+ protocols preparing for their first audit.

No spam. Unsubscribe anytime.

oog
zealynx

Smart Contract Security Digest

Monthly exploit breakdowns, audit checklists, and DeFi security research — straight to your inbox

REQUEST AN AUDIT

Quick Links

Services

Company

Resources

© 2026 Zealynx