Threshold Encrypted Mempools: Limitations and Considerations.
https://arxiv.org/abs/2307.10878
Crypto bridges sins exposed. Exploiting weak spots of multi-chain protocols by deliriusz.
@Ethsecurity1
https://arxiv.org/abs/2307.10878
Crypto bridges sins exposed. Exploiting weak spots of multi-chain protocols by deliriusz.
@Ethsecurity1
Medium
Crypto bridges sins exposed. Exploiting weak spots of multi-chain protocols.
Every kind of a software system has their own set of problems. Our mission as security consultants (researchers) is to identify weak spots…
-solc Internals Part 3: Quirks & Optimizations.
-Fuzzing on-chain contracts with Echidna.
-A Comprehensive Guide to Arbitrum and its Security Features.
@EthSecurity1
-Fuzzing on-chain contracts with Echidna.
-A Comprehensive Guide to Arbitrum and its Security Features.
@EthSecurity1
Medium
solc Internals Part 3: Quirks & Optimizations
We review quirks & optimizations that solc implemented to output efficient EVM bytecode.
🔥2
Daniel Von Fange - How to understand a hack.
https://www.youtube.com/watch?v=s-CwUn4ZQ5w&list=PLhM7rBgpVV-KN8mM17IRSFIGsL0EaGA_m&index=36
@ethsecurity1
https://www.youtube.com/watch?v=s-CwUn4ZQ5w&list=PLhM7rBgpVV-KN8mM17IRSFIGsL0EaGA_m&index=36
@ethsecurity1
YouTube
Daniel Von Fange - How to understand a hack
"Hacks are the best teachers about the vulnerabilities that matter most - the ones that get past tools, reviews, and audits.
- How to discover what happened during a hack
- How to trace it back to the root vulnerability
- What tools to use"
- How to discover what happened during a hack
- How to trace it back to the root vulnerability
- What tools to use"
👍5
-How to Write Better Smart Contracts By Checking Them With Slither.
-The Blockchain Guardians: Safeguarding the Future of Ethereum Smart Contract Security.
@EthSecurity1
-The Blockchain Guardians: Safeguarding the Future of Ethereum Smart Contract Security.
@EthSecurity1
YouTube
How to Write Better Smart Contracts By Checking Them With Slither | PyChain 2022
This is a video recording of the PyChain 2022 conference sessions.
Speaker: Troy Sargent - Trail of Bits
Checking smart contracts for security issues using Slither static analyzer
The correctness and security of smart contracts is forefront in the mind…
Speaker: Troy Sargent - Trail of Bits
Checking smart contracts for security issues using Slither static analyzer
The correctness and security of smart contracts is forefront in the mind…
I feels everybody in auditing needs know web3 Architectur. here is some courses please feedback me if these courses beneficial for you.
1. Course I: DeFi Infrastructure:
https://youtube.com/playlist?list=PLE1Vu6ctbqa61FqJmPDnoPzDqrnyILHRm
2. Course II: DeFi Primitives:
https://youtube.com/playlist?list=PLE1Vu6ctbqa5kIXZCCpkAJxkI66dXzy61
3. Course III: DeFi Deep Dive:
https://youtube.com/playlist?list=PLE1Vu6ctbqa7Df5YJgMtH1xCcy0yX_dri
4. Course IV: DeFi Risks and Opportunities:
https://youtube.com/playlist?list=PLE1Vu6ctbqa7eZK2gychKr1RGZ3t1qf8S
@EthSecurity1
1. Course I: DeFi Infrastructure:
https://youtube.com/playlist?list=PLE1Vu6ctbqa61FqJmPDnoPzDqrnyILHRm
2. Course II: DeFi Primitives:
https://youtube.com/playlist?list=PLE1Vu6ctbqa5kIXZCCpkAJxkI66dXzy61
3. Course III: DeFi Deep Dive:
https://youtube.com/playlist?list=PLE1Vu6ctbqa7Df5YJgMtH1xCcy0yX_dri
4. Course IV: DeFi Risks and Opportunities:
https://youtube.com/playlist?list=PLE1Vu6ctbqa7eZK2gychKr1RGZ3t1qf8S
@EthSecurity1
⚡8👍1🔥1
A Leap in DeFi UX: The Surge of Telegram Trading Bots 🤖
[ Rise of The Machines ]
In the crypto landscape, user experience (UX) often takes a back seat to developer experience. However, a UX shift in DeFi is unfolding right before our eyes. The game-changer? and the rise of Telegram trading bots.
Trading bots aren't a new concept and are relatively simple to understand and implement - they automate trades based on predefined rules. What really sets the recent wave of trading bots apart is their integration into a convenient and familiar chat interface: the Telegram app.
[ Simplicity Wins ]
These bots simplify the trading process, making DeFi more accessible to the average user. No more navigating complex exchange dashboards or deciphering trading charts. Now, it’s as simple as sending a text message.
These bots also offer real-time updates and alerts, keeping users informed about market changes and potential trading opportunities. It's like having a personal trading assistant, always on call.
But it's not just about convenience. These bots also open up new possibilities for strategy and automation. Users can set their own rules, customize their trading strategies, and let the bot do the work.
This shift in UX is a testament to the innovative spirit of crypto. Making DeFi more user-friendly, more accessible, and ultimately, more democratic is a net positive for the space.
[ Closing Thoughts ]
In hindsight, it might seem obvious that the rise of Telegram trading bots marked a new chapter in the DeFi/crypto UX story: A future where transactions are seamlessly integrated into our day-to-day lives.
As with any innovation, there are risks. Always do your own research.
📍 Web2 security engineers incoming to web3 industry
@ethsecurity1
[ Rise of The Machines ]
In the crypto landscape, user experience (UX) often takes a back seat to developer experience. However, a UX shift in DeFi is unfolding right before our eyes. The game-changer? and the rise of Telegram trading bots.
Trading bots aren't a new concept and are relatively simple to understand and implement - they automate trades based on predefined rules. What really sets the recent wave of trading bots apart is their integration into a convenient and familiar chat interface: the Telegram app.
[ Simplicity Wins ]
These bots simplify the trading process, making DeFi more accessible to the average user. No more navigating complex exchange dashboards or deciphering trading charts. Now, it’s as simple as sending a text message.
These bots also offer real-time updates and alerts, keeping users informed about market changes and potential trading opportunities. It's like having a personal trading assistant, always on call.
But it's not just about convenience. These bots also open up new possibilities for strategy and automation. Users can set their own rules, customize their trading strategies, and let the bot do the work.
This shift in UX is a testament to the innovative spirit of crypto. Making DeFi more user-friendly, more accessible, and ultimately, more democratic is a net positive for the space.
[ Closing Thoughts ]
In hindsight, it might seem obvious that the rise of Telegram trading bots marked a new chapter in the DeFi/crypto UX story: A future where transactions are seamlessly integrated into our day-to-day lives.
As with any innovation, there are risks. Always do your own research.
📍 Web2 security engineers incoming to web3 industry
@ethsecurity1
-MEV-Share CTF Writeups
-Gas optimization resources
-blockchain security and AML report
-Whitehacks Kit - A simple template to perform whitehacks safely in a single tx, leveraging Foundry and Flashbots.
@EthSecurity1
-Gas optimization resources
-blockchain security and AML report
-Whitehacks Kit - A simple template to perform whitehacks safely in a single tx, leveraging Foundry and Flashbots.
@EthSecurity1
GitHub
ctf-blockchain/src/MEVShareCTF at main · minaminao/ctf-blockchain
A summary of 200+ CTF blockchain challenges. Contribute to minaminao/ctf-blockchain development by creating an account on GitHub.
👍4⚡1
guys please Do not undestimate resources that I shared here. many of them is enough to turn you in professional or start you desire career.
❤8⚡5🔥2🦄2👍1
Web3 Security Talks Frequent Content Creators
samczsun videos
• Reentrancy patterns Video
DeFi MOOC channel
• Practical Smart Contract Security with samczsun Video
• DeFi risks and attacks with Arthur Gervais Video
Patrick Ventuzelo videos
• Smart contract reverse engineering Video
• Fuzzing with Echidna Video
• Auditing with mythril Video
Mudit Gupta videos
• Livestream #1 Video
• Livestream #2 Video
yAcademy channel
• Formal Verification Video
• Audit Like You Mean It Video
OpenZeppelin channel
• Introduction to backrunning
• OpenZeppelin Secure Development Series
Immunefi channel
• Live bug hunt video
Spearbit channel
Other Lists
Crytic's awesome ethereum security
@Ethsecurity1
samczsun videos
• Reentrancy patterns Video
DeFi MOOC channel
• Practical Smart Contract Security with samczsun Video
• DeFi risks and attacks with Arthur Gervais Video
Patrick Ventuzelo videos
• Smart contract reverse engineering Video
• Fuzzing with Echidna Video
• Auditing with mythril Video
Mudit Gupta videos
• Livestream #1 Video
• Livestream #2 Video
yAcademy channel
• Formal Verification Video
• Audit Like You Mean It Video
OpenZeppelin channel
• Introduction to backrunning
• OpenZeppelin Secure Development Series
Immunefi channel
• Live bug hunt video
Spearbit channel
Other Lists
Crytic's awesome ethereum security
@Ethsecurity1
🔥7⚡1
Yul & Memory Intro | Yul Exploit!
https://www.youtube.com/watch?v=9qLUvtL5uKQ
The Dark Arts of Yul | Solidity Fridays
https://www.youtube.com/watch?v=ew3pfnb2_V8
@EthSecurity1
https://www.youtube.com/watch?v=9qLUvtL5uKQ
The Dark Arts of Yul | Solidity Fridays
https://www.youtube.com/watch?v=ew3pfnb2_V8
@EthSecurity1
YouTube
Yul & Memory Intro | Yul Exploit!
Are you a security researcher looking to join a world-class team? Apply to open positions at Guardian here: https://guardianaudits.com
Interested in getting hands-on training to become an expert security researcher in a matter of months?
Get the guide to…
Interested in getting hands-on training to become an expert security researcher in a matter of months?
Get the guide to…
👍1
What bad hooks look-like
https://uniswap.notion.site/Research-What-bad-hooks-look-like-b10256c445904111914eb3b01fb4ec53
A Novel Defense Against ERC4626 Inflation Attacks
https://blog.openzeppelin.com/a-novel-defense-against-erc4626-inflation-attacks
@EthSecurity1
https://uniswap.notion.site/Research-What-bad-hooks-look-like-b10256c445904111914eb3b01fb4ec53
A Novel Defense Against ERC4626 Inflation Attacks
https://blog.openzeppelin.com/a-novel-defense-against-erc4626-inflation-attacks
@EthSecurity1
Uniswap Foundation on Notion
Research - What bad hooks look like | Notion
Overview
🔥4
Solidity Interview Questions
https://www.rareskills.io/post/solidity-interview-questions
Unmasking the Phantom: The Intricate Shadow Transactions Attack Deciphered
Ciaofficer auditors advice in 3 parts
blog.pessimistic.io/auditors-advice-math-solidity-gas-optimizations-part-1-3-a99c478d2ebb
@ethsecurity1
https://www.rareskills.io/post/solidity-interview-questions
Unmasking the Phantom: The Intricate Shadow Transactions Attack Deciphered
Ciaofficer auditors advice in 3 parts
blog.pessimistic.io/auditors-advice-math-solidity-gas-optimizations-part-1-3-a99c478d2ebb
@ethsecurity1
rareskills.io
Over 150 interview questions for Ethereum Developers | RareSkills
Over 150 interview questions for Ethereum Developers All of these questions can be answered in three sentences or less. Easy What is the difference between private, internal, public, and external...
❤2⚡2🔥2
TWAMM introducing
https://www.paradigm.xyz/2021/07/twamm
L2 Sequencer and Stale Oracle Prices Bug
https://medium.com/@lopotras/l2-sequencer-and-stale-oracle-prices-bug-54a749417277?source=social.tw
Web3 Bug Bounty Collection
https://github.com/JeffCX/collection-web3-bug-bounty
@ethsecurity1
https://www.paradigm.xyz/2021/07/twamm
L2 Sequencer and Stale Oracle Prices Bug
https://medium.com/@lopotras/l2-sequencer-and-stale-oracle-prices-bug-54a749417277?source=social.tw
Web3 Bug Bounty Collection
https://github.com/JeffCX/collection-web3-bug-bounty
@ethsecurity1
Paradigm
TWAMM - Paradigm
Paradigm is a research-driven crypto investment firm that funds companies and protocols from their earliest stages.
❤3
That is one of High level course about ZK Audit i have seen it. Feedback me if it is useful
https://www.youtube.com/playlist?list=PLeUIc0UZxuuF8_ueHNt1TuEyNhcsmzu_g
@ethsecurity1
https://www.youtube.com/playlist?list=PLeUIc0UZxuuF8_ueHNt1TuEyNhcsmzu_g
@ethsecurity1
🔥5⚡1
Protocol Diagramming
• ethereum-graph-debugger - A graphical EVM debugger. Displays the entire program control flow graph.
• Slither - Slither can map method visibility and modifiers, state variables that are read and written, calls, and can print the inheritance graph of a smart contract
• Solgraph - Generates DOT graphs with function control flow of a solidity contract
• Surya - Generates various visual outputs of function call graphs
• sol-function-profiler - Solidity contract function
Jonatas
Write-up
Auditor’s Advice: EVM Limitations & Assembly Auditing Tips | Part 3/3.
@ethsecurity1
• ethereum-graph-debugger - A graphical EVM debugger. Displays the entire program control flow graph.
• Slither - Slither can map method visibility and modifiers, state variables that are read and written, calls, and can print the inheritance graph of a smart contract
• Solgraph - Generates DOT graphs with function control flow of a solidity contract
• Surya - Generates various visual outputs of function call graphs
• sol-function-profiler - Solidity contract function
Jonatas
Write-up
Auditor’s Advice: EVM Limitations & Assembly Auditing Tips | Part 3/3.
@ethsecurity1
GitHub
GitHub - fergarrui/ethereum-graph-debugger: Ethereum solidity graph plain debugger. To have the whole picture when debugging.
Ethereum solidity graph plain debugger. To have the whole picture when debugging. - fergarrui/ethereum-graph-debugger
🔥3❤1
Forwarded from Vladimir S. | Officer's Channel (officercia)