The forgotten IPFS vulnerabilities https://consensys.net/diligence/blog/2022/09/the-forgotten-ipfs-vulnerabilities/
Fuzzing Tutorial: How to get started testing your smart https://consensys.net/diligence/blog/2023/04/fuzzing-tutorial-how-to-get-started-testing-your-smart-contracts/
Benchmarking Smart-Contract Fuzzers https://consensys.net/diligence/blog/2023/04/benchmarking-smart-contract-fuzzers/ @EthSecurity1

Auditing resources part 1:

Search for Audit reports
Audit Reports DeFi Yield
Past Audit Reports Solodit
Solutions to Blockchain Security CTF
Audit Findings Audit Hero
Security resources by Immunifi
Quill Audits Roadmap
Quill Auditing Mindmap
Quill Attack Vectors
web3 security
Metamask Signature Types
officercia.eth
SWC Registry
Security Guide by Crytic
DeFiHackLabs by Sunsec
DeFiVulnLabs
Smart Contract Best Practices by Consensys
Past Secureum Races
Certora Reports
Chain Security Audit Reports
Learn Advanced EVM/
Macro DAO Audit Reports
@EthSecurity1

New paper “Automated Market Making and Arbitrage Profits in the Presence of Fees” by jason_of_cs ciamac Tim_Roughgarden
@EthSecurity1
https://moallemi.com/ciamac/papers/lvr-fee-model-2023.pdf

Auditing resources part 2:
Security Compedium
Audit Reports - CD Security
YAcademy - DeFi Bugs
List of Reentrancy Attacks
Oracle Manipulation
Secure Contracts - Trail Of Bits
Immunify Bug Bounty Writeups
Audit Reports by Web3Sec News
Coinspect EVM Attacks
Solidity Notes by Chinmaya
Auditing Process by GA
Web3 Bugs
Secureum Mindmap @EthSecurity1

In CollateralizedDebt.sol, the mint() function calls _safeMint() which has a callback to the "to" address argument. Functions with callbacks should have reentrancy guards in place for protection against possible malicious actors both from inside and outside the protocol.@EthSecurity1

Impact:
Critical. The user can call withdrawAllWithRedirect(uint256 _id) multiple times and drain token defined in the stream from the contract.

Recommendation:
The function should set redeemables[id] to 0 after LlamaPayV2Payer.sol#L276.

uint256 toRedeem = redeemables[_id] / tokens[stream.token].divisor;
redeemables[_id] = 0;
https://reports.yacademy.dev/docs/12-2022-LlamaPayV2/#1-critical---infinite-withdrawals-using-function-withdrawallwithredirectuint256-_id-spalen @EthSecurity1

Impact:

In passThruGate function, msg.value is checked to be greater than the required cost, but the excess amount is not returned to the sender.
mitigation:
Return excess eth to sender
function passThruGate(uint index, address) override external payable {
uint price = getCost(index);
require(msg.value >= price, 'Please send more ETH');

// bump up the price
Gate storage gate = gates[index];
// multiply by the price increase factor
gate.lastPrice = (price * gate.priceIncreaseFactor) / gate.priceIncreaseDenominator;
// move up the reference
gate.lastPurchaseBlock = block.number;

// pass thru the ether
if (msg.value > 0) {
// use .call so we can send to contracts, for example gnosis safe, re-entrance is not a threat here
(bool sent, bytes memory data) = gate.beneficiary.call{value: msg.value}("");
require(sent, 'ETH transfer failed');
}
} @EthSecurity1

Demystifying Exploitable Bugs in Smart Contracts https://www.cs.purdue.edu/homes/zhan3299/res/ICSE23.pdf @EthSecurity1

https://dacian.me/exploiting-developer-assumptions @EthSecurity1

https://medium.com/@balakhonoff_47314/how-to-access-real-time-smart-contract-data-from-python-code-using-lido-as-an-example-38738ff077c5
@EthSecurity1

Somebody: Hey all, I made this simple flashbots bundler app to help people with white hat recoveries of compromised accounts http://flashbots-bundler.surge.sh/

You can use the UI to generate a new flashbots rpc, build the bundle by sending eth for gas, then the recovery TX, then withdraw remaining funds. Then when you hit submit bundle it goes through a relayer i maintain

I’ve used it to help a few people that had leaked wallets and sweeper bots. If you know anyone who has this issue feel free to send them my way!

Here’s a video walkthrough https://www.youtube.com/watch?v=itPz35FGGJk

If you use it, I recommend paying around 3x the gas price to get included. And make sure your bundle is over 42k gas or it will be ignored by the network or see http://whitehat.flashbots.net
@EthSecurity1

Zipped contracts
Compressed contracts that automatically self-extract when called
https://github.com/merklejerk/zipped-contracts

GasBad is an open-source project that evaluates gas efficiency in Solidity libraries
https://github.com/ciwines/gas-bad
@EthSecurity1

https://medium.com/@spearbit/numerical-analysis-tips-and-tricks-for-defi-audits-9965db8ac5de

https://blog.decurity.io/typical-vulnerabilities-in-lending-and-cdp-protocols-e778e540e215
@EthSecurity1

We reached to 1000 members thank you all.
Special thanks to officercia.eth who support me at first.

Hey team, I am working on https://web3sec.news which is an open source initiative for web3 security. It tracks of all latest hacks, news, events, roadmaps, challenges, blogs etc for the community as an aggregator. It would be very helpful if you can help me getting the community feedbacks & spreading the cause together 💪🏻🔥

Ethereum investigation tools. #osint Google Dorks
Blacklists
Storage Platforms
Explorers
Scoring
https://github.com/moonIighted/OSINT-MindMaps/blob/main/Ethereum%20Investigation.png
Transaction monitoring @Ethsecurity1

Auditing resources part 3:
Immunify Forge POC
EVM Security ReposPractice Secureum Races
Web3 Security DAO
Tomo Labo Bugs - Medium | High
Auditor Roadmap by Razzor
All things Reentrancy
Checks while Hacks
rareskills common vulners
@EthSecurity1

Here are some key auditing tips and insights :
1. Understand the System: Before starting the audit, it's important to understand the
system you're auditing. This includes understanding the high-level overview of the system, how it works, and what makes it unique. In the case of Asteria, understanding the roles of different players in the system, how vaults exist, how loans are represented, and how liquidations work was crucial.
2. Identify Complexities: Identify the complexities in the system. For example Asteria, the
complexities included calls going back and forth between contracts, the system being almost entirely stateless, and the need for accurate total assets of the vault.
3. Look for Vulnerabilities: Look for vulnerabilities in the system. In the case of Asteria, vulnerabilities were found in the delegate role, the stateless system, the Seaport auctions, and the ERC4626 calculations.
4. Learn from Mistakes: Learn from the mistakes made in the system. For Asteria, mistakes were made in not using EC recover properly, having a lot of data inputted, having many different entry points using shared back-end logic, and not resetting variables when changing hands.
5. Implement Fixes: Implement fixes for the vulnerabilities found. For Asteria, fixes included adding checks, getting rid of certain functions, adding unchecked blocks, and changing the way the Seaport liquidations work.
6. Test Thoroughly: Ensure thorough testing is done to cover all edge cases. In the case of Asteria, while they had done the hard parts of testing, they could have done more thorough testing to ensure all edge cases were covered.
7. Rebuild if Necessary: If the product has evolved a lot and more features have been added, it might be beneficial to rebuild or rethink the system from first principles. This
can help ensure that all functionalities are encoded in shared logic and that all validations are rock solid.
8. Stay Updated: Stay updated with the latest vulnerabilities and fixes in the blockchain and smart contract space. This can help you identify potential vulnerabilities in the system you're auditing.
Remember, auditing is a complex process that requires a deep understanding of the system, a keen eye for detail, and a thorough approach to testing. @EthSecurity1

On May 28, @jimbosprotocol
fell victim to a significant flash loan attack, resulting in a staggering loss of $7.5M.

In this article we offer a concise analysis, unveiling key details and implications of this incident. https://medium.com/@auditone.io/the-7-5-million-flash-loan-unveiled-analyzing-jimbos-protocol-attack-25cf7fd55079 @EthSecurity1