“Vulnerability Details
The Pools.swap function does not check if base is one of the base tokens. One can transfer tokens to the pool and set base=token and call swap(token, token, member, toBase=false).
The _actualInput = getAddedAmount(base, token); will return the token amount added but use the ratio compared to the base reserve calcSwapOutput(_actualInput=tokenInput, mapToken_baseAmount[token], mapToken_tokenAmount[token]); = tokenIn / baseAmount * tokenAmount which yields a wrong swap result.”
@securlydevv
The Pools.swap function does not check if base is one of the base tokens. One can transfer tokens to the pool and set base=token and call swap(token, token, member, toBase=false).
The _actualInput = getAddedAmount(base, token); will return the token amount added but use the ratio compared to the base reserve calcSwapOutput(_actualInput=tokenInput, mapToken_baseAmount[token], mapToken_tokenAmount[token]); = tokenIn / baseAmount * tokenAmount which yields a wrong swap result.”
@securlydevv
👍1
ERC 4337 is
1. Key recovery
2. Wallet 2FA
3. Transaction bundling
4. Pay with any token
5. Security and fraud monitoring
6. Decentralized wallet recovery
7. Autopay crypto
8. Sponsored transactions
10. Multiple parties to sign a transaction
1. Key recovery
2. Wallet 2FA
3. Transaction bundling
4. Pay with any token
5. Security and fraud monitoring
6. Decentralized wallet recovery
7. Autopay crypto
8. Sponsored transactions
10. Multiple parties to sign a transaction
❤6
Code security scanning tool (SAST) that discover, filter and prioritize security risks and vulnerabilities leading to sensitive data exposures (PII, PHI, PD).
https://docs.bearer.com/
@EthSecurity1
https://docs.bearer.com/
@EthSecurity1
Bearer CLI
Bearer CLI: Documentation
Bearer CLI is a free and open code security scanning tool that natively filters and prioritizes security risks by business impact
Happy persian new year
2582 achaemenid
"noroz be shadi sal 2582 hakhamaneshi"
Zan zendegi azadi
Woman life freedom
2582 achaemenid
"noroz be shadi sal 2582 hakhamaneshi"
Zan zendegi azadi
Woman life freedom
❤4
Awesome Iran Freedom
Handy for residents of all countries where there are Internet restrictions.
Telegram Proxies lists
Free VPS Providers
VPN/Proxy apps for Android, iOS, Windows, MacOS
Tor, Psiphon, Ultrasurf...
and more.
https://github.com/hiddify/awesome-iran-freedom
Contributor twitter.com/hiddify_com
@Ethsecurity1
Handy for residents of all countries where there are Internet restrictions.
Telegram Proxies lists
Free VPS Providers
VPN/Proxy apps for Android, iOS, Windows, MacOS
Tor, Psiphon, Ultrasurf...
and more.
https://github.com/hiddify/awesome-iran-freedom
Contributor twitter.com/hiddify_com
@Ethsecurity1
GitHub
GitHub - hiddify/awesome-freedom: In this repository we have collected all awesome tools for iranian people
In this repository we have collected all awesome tools for iranian people - hiddify/awesome-freedom
Awesome #ChatGPT
Main principles
Prompts
Web Apps
Chrome Extensions
Video Courses
Official Resources
Github Projects
and more.
https://github.com/OpenMindClub/awesome-chatgpt
Main principles
Prompts
Web Apps
Chrome Extensions
Video Courses
Official Resources
Github Projects
and more.
https://github.com/OpenMindClub/awesome-chatgpt
GitHub
GitHub - OpenMindClub/awesome-chatgpt: ⚡ Everything about ChatGPT
⚡ Everything about ChatGPT. Contribute to OpenMindClub/awesome-chatgpt development by creating an account on GitHub.
the Mullvad Browser - built by the Tor Project. A browser allowing anyone to take advantage of the privacy protections of Tor Browser without Tor.
👀 Learn more here: https://t.co/TW9MfXFrK5
👀 Learn more here: https://t.co/TW9MfXFrK5
blog.torproject.org
We've Teamed Up With Mullvad VPN to Launch the Mullvad Browser | Tor Project
We have partnered with Mullvad VPN to develop the Mullvad Browser - a Tor Browser without Tor
👍1
https://www.coindesk.com/business/2023/04/05/developers-fork-uniswap-v3-protocol-attracts-123m-in-total-value-locked/
What mystery behind growth of forked dapp?
What mystery behind growth of forked dapp?
CoinDesk
Developers Fork Uniswap V3, Protocol Attracts $123M in Total Value Locked
Decentralized exchange (DEX) Uniswap has been forked by developers after its Business Source License (BSL) expired on April 1.
Mev-boost is now semi-permissioned.
A validator blacklist was added as part of the fix last week.
I'm highlighting it because I can find no public announcement or community discussion about this.
github.com/flashbots/mev-…
@EthSecurity1
A validator blacklist was added as part of the fix last week.
I'm highlighting it because I can find no public announcement or community discussion about this.
github.com/flashbots/mev-…
@EthSecurity1