Read-only Reentrancy vulnerability
https://youtube.com/watch?v=0fgGTRlsDxI
https://youtube.com/watch?v=0fgGTRlsDxI
YouTube
Read Only Reentrancy | Hack Solidity (0.8)
Example of read only reentrancy hack in Solidity
0:00 - Intro
0:55 - Initialize Foundry
1:16 - Code Hack contract
4:01 - Curve remove_liquidity function
8:31 - Write test
9:57 - Execute test
11:15 - Code Target contract
14:44 - Update Hack contract
17:21…
0:00 - Intro
0:55 - Initialize Foundry
1:16 - Code Hack contract
4:01 - Curve remove_liquidity function
8:31 - Write test
9:57 - Execute test
11:15 - Code Target contract
14:44 - Update Hack contract
17:21…
👍2
⚙️Connect Missing Dots with Secureum
Secureum Solidity 101 https://secureum.substack.com/p/solidity-101?s=r
Secureum Solidity 201 https://secureum.substack.com/p/solidity-201?s=r
⚙️Gas Optimizations
Aggregated Tricks by pcaversaccio and Harikrishnan Mulackal https://forum.openzeppelin.com/t/a-collection-of-gas-optimisation-tricks/19966/6
#web3 #web3sec #development #javascript
Secureum Solidity 101 https://secureum.substack.com/p/solidity-101?s=r
Secureum Solidity 201 https://secureum.substack.com/p/solidity-201?s=r
⚙️Gas Optimizations
Aggregated Tricks by pcaversaccio and Harikrishnan Mulackal https://forum.openzeppelin.com/t/a-collection-of-gas-optimisation-tricks/19966/6
#web3 #web3sec #development #javascript
Secureum
Solidity 101
101 key aspects of Solidity
Upgradeable Contracts
⚙️Smart Contract Programmer - Upgradeable Contracts
https://youtube.com/watch?v=JgSj7IiE4jA&t=157s
⚙️Smart Contract Programmer - Risks of Upgradeable
Contracts
https://youtube.com/watch?v=XmxfB5JOt1Q&t=3s
⚙️Smart Contract Programmer - Upgradeable Contracts
https://youtube.com/watch?v=JgSj7IiE4jA&t=157s
⚙️Smart Contract Programmer - Risks of Upgradeable
Contracts
https://youtube.com/watch?v=XmxfB5JOt1Q&t=3s
YouTube
Open Zeppelin Upgradeable Contracts
This video walks throught an simple example of transparent upgradeable contract using HardHat, ethers.js and Open Zeppelin.
0:00 - Overview
1:44 - Project setup
4:28 - Deploy Box V1 script
7:10 - Execute deploy script
8:29 - Verify Box V1 on Etherscan
9:48…
0:00 - Overview
1:44 - Project setup
4:28 - Deploy Box V1 script
7:10 - Execute deploy script
8:29 - Verify Box V1 on Etherscan
9:48…
anon, not sure u know about it but there is a maximum limit on how many transactions an account can make. The theoretical allowed limit, based on EIP-2681, for an account nonce is 2**64-2:
https://eips.ethereum.org/EIPS/eip-2681. After that, the EVM implementations like Geth would revert.
https://eips.ethereum.org/EIPS/eip-2681. After that, the EVM implementations like Geth would revert.
🤯1
Detecting nondeterministic payment bugs in #Ethereum smart contracts - Good Read! 🧐
https://t.co/D2Kf7L62cz https://t.co/kdd3YzfqpZ
https://t.co/D2Kf7L62cz https://t.co/kdd3YzfqpZ
ResearchGate
[PDF] Detecting nondeterministic payment bugs in Ethereum smart contracts
PDF | The term “smart contracts” has become ubiquitous to describe an enormous number of programs uploaded to the popular Ethereum blockchain system.... | Find, read and cite all the research you need on ResearchGate
It's extremely easy to create a "spoof" token to trick users into thinking a real token has been transferred.
In fact, it only took 16 lines of code to create this fake USDT token below.
Here's how spoof tokens work and how you can avoid being fooled going forward 🧵: https://twitter.com/0xCygaar/status/1592248453970952192
In fact, it only took 16 lines of code to create this fake USDT token below.
Here's how spoof tokens work and how you can avoid being fooled going forward 🧵: https://twitter.com/0xCygaar/status/1592248453970952192
I've been a user of algo for a while for rolling my own https://github.com/trailofbits/algo
GitHub
GitHub - trailofbits/algo: Set up a personal VPN in the cloud
Set up a personal VPN in the cloud. Contribute to trailofbits/algo development by creating an account on GitHub.
just discovered this bridge transactions explorer: https://socketscan.io. Pretty neat - give it a try.
GreatFire AppMaker What this tool does is very interesting It designs an internal filter breaker for the blocked website and then delivers the website as an apk You can give it the link of Twitter, even Web Telegram, YouTube, Instagram... and after a minute or two, it will give you a download link that doesn't need a filter anymore. https://appmaker.greatfire.org/ This is an open source and anti-censorship project called Great Fire, which is used in China to defeat the powerful firewall of this country.
So apparently some signers of the WBTC multisig lost their keys. That's more than just slightly concerning IMHO... https://github.com/WrappedBTC/DAO/pull/12
GitHub
Migrate WBTC big DAO multisig to a new one with safer active signers by tranvictor · Pull Request #12 · WrappedBTC/DAO
Issue
The current big DAO multisig (0xd409db68d0e6e97e1cb1f3eb0bd38de278bc3c68) has 18 signers and requires 11 to form a consensus and process a transaction. Now that nearly 4 years have passed, se...
The current big DAO multisig (0xd409db68d0e6e97e1cb1f3eb0bd38de278bc3c68) has 18 signers and requires 11 to form a consensus and process a transaction. Now that nearly 4 years have passed, se...
I would like to quickly highlight that Polygon has still an enforced minimum 30 gwei priority fee - i.e. if you send a transaction with e.g. the default 1.5 gwei priority fee you are essentially screwed because the tx is underpriced.
wen fix? https://github.com/maticnetwork/bor/blob/develop/builder/files/config.toml#L56
wen fix? https://github.com/maticnetwork/bor/blob/develop/builder/files/config.toml#L56
GitHub
bor/config.toml at develop · maticnetwork/bor
Official repository for the Matic Blockchain. Contribute to maticnetwork/bor development by creating an account on GitHub.