1-Vulnerability Report: Binance PoR Dummy User Attack https://www.leku.blog/binance_vuln/ 2-Rolling in the Shadows: Analyzing the Extraction of MEV Across Layer-2 Rollups https://arxiv.org/abs/2405.00138 3-Patrick collins & txFusion join
to discuss TxFusion, a set of tools and products designed to improve developers' experience on the ZK ecosystem.
Today, at 7 pm UTC on https://www.youtube.com/watch?v=QUmM7LF4ch0 @EthSecurity1
to discuss TxFusion, a set of tools and products designed to improve developers' experience on the ZK ecosystem.
Today, at 7 pm UTC on https://www.youtube.com/watch?v=QUmM7LF4ch0 @EthSecurity1
www.leku.blog
Vulnerability Report: Binance PoR Dummy User Attack
You can leave comments on the hackMD version of this document here.
This document describes a potential attack on Binance Proof of Reserves (PoR) 123 solution.
TL;DR: According to this attack, Binance has the ability to add dummy (non-existing) users to theirβ¦
This document describes a potential attack on Binance Proof of Reserves (PoR) 123 solution.
TL;DR: According to this attack, Binance has the ability to add dummy (non-existing) users to theirβ¦
β€3π3
Blast integration Bugs https://nirlinsecurity.xyz/p/blast-integration-bugs-part-1
Hamburger Validity Proof
https://xuwinnie.review/research/hamburger-factory-validity @EthSecurity1
Hamburger Validity Proof
https://xuwinnie.review/research/hamburger-factory-validity @EthSecurity1
nirlinsecurity.xyz
Blast Integration Bugs - Part 1
"With each new great protocol, comes new integration bugs" ~ Uncle Nirlin
β€6
Cosmos IBC Reentrancy Infinite Mint https://www.asymmetric.re/blog/cosmos-ibc-reentrancy-infinite-mint @EthSecurity1
Asymmetric Research
Cosmos IBC Reentrancy Infinite Mint
This post discusses a vulnerability in ibc-go, a reference implementation of the Cosmos Inter-Blockchain Communication (IBC) protocol. A reentrancy vulnerability during the handling of timeout messages could have allowed an attacker to mint an infinite amountβ¦
β€4π₯1
sonneFinance Post-mortem Lost 20 m $
https://medium.com/@SonneFinance/post-mortem-sonne-finance-exploit-12f3daa82b06 @EthSecurity1
https://medium.com/@SonneFinance/post-mortem-sonne-finance-exploit-12f3daa82b06 @EthSecurity1
Medium
Post-mortem, Sonne Finance exploit
We are extremely sorry to announce that Sonne Finance (Optimism)has been exploited with known donation attack to Compound v2 forks.
π4
https://reports.yaudit.dev/reports/05-2023-Sonne/#4-high---unclear-protection-against-hundred-finance-attack-vector
Auditors mentioned their unclear approach! @Ethsecurity1
Auditors mentioned their unclear approach! @Ethsecurity1
yAudit Reports
05-2023-Sonne
Sonne yAudit Report
Forwarded from Vladimir S. | Officer's Channel (officercia)
Uncover how DeFi's lending & borrowing pose security challenges. From unchecked repayments to smart contract exploits, see how you can safeguard against vulnerabilities!
Read more
β’ https://wiki.r.security/wiki/Lending/Borrowing
#audit #solidity #web3 #security
Please open Telegram to view this post
VIEW IN TELEGRAM
π₯4π€3β€1π―1
Forwarded from Popeye
π‘ Sonne Finance's Timelock Implementation on Optimism Hack Analysis:
https://x.com/Olympix_ai/status/1792534207769510123
https://medium.com/@olympixai/sonne-finance-exploited-a-detailed-analysis-0b52151d4d2a
https://x.com/Olympix_ai/status/1792534207769510123
https://medium.com/@olympixai/sonne-finance-exploited-a-detailed-analysis-0b52151d4d2a
X (formerly Twitter)
Olympix (@Olympix_ai) on X
On May 14, 2024, @SonneFinance, a non-custodial DEX on @Optimism, suffered a $20M exploit. Thanks to the @_SEAL_Org contributors, a quick response helped save $6.5 million.
πKey Takeaway: Timelock Misalignment Creates Opportunity
The attacker exploitedβ¦
πKey Takeaway: Timelock Misalignment Creates Opportunity
The attacker exploitedβ¦
π4
#Defi_Research Optimized lending protocol for redeemable assets https://gist.github.com/0xngmi/c92ce3fce377a0e72c1e90052db98bf1 Modern DeFi Lending Protocols, how it's made: Euler V2 https://mixbytes.io/blog/modern-defi-lending-protocols-how-its-made-euler-v2 @EthSecurity1
Gist
Lending protocol optimized for redeemable assets
Lending protocol optimized for redeemable assets. GitHub Gist: instantly share code, notes, and snippets.
π3
the problem with eip4337. https://x.com/jtriley_eth/status/1795151789282750481 @EthSecurity1
X (formerly Twitter)
jtriley2p (any/any) (@jtriley2p) on X
the problem with eip4337.
4337 is an account abstraction eip that introduces user operations, bundlers, executors, and a new mempool for propagating user operations across the network to be bundled.
the direction of 4337 is sound. users' actions are movedβ¦
4337 is an account abstraction eip that introduces user operations, bundlers, executors, and a new mempool for propagating user operations across the network to be bundled.
the direction of 4337 is sound. users' actions are movedβ¦
π4β€1
unassigned pool earnings In the context of the Uniswap V3 protocol, the "unassigned pool earnings" How it works:
When a user deposits their assets into the pool, they earn a share of the pool's earnings.
The pool earns rewards in the form of interest, fees, or other incentives.
The pool's earnings are not yet assigned to any specific user, so they are considered "unassigned".
When a user withdraws their assets from the pool, their share of the unassigned earnings is assigned to them.
Why unassigned pool earnings?
The unassigned pool earnings are a result of the way the Uniswap V3 protocol is designed. When a user deposits their assets into the pool, they earn a share of the pool's earnings. However, the earnings are not yet assigned to any specific user, so they are considered "unassigned".
How are unassigned pool earnings assigned?
When a user withdraws their assets from the pool, their share of the unassigned earnings is assigned to them. This is done by calculating the user's share of the pool's earnings based on their deposited assets and the pool's earnings.
Why is it important?
The unassigned pool earnings are important because they represent the rewards earned by the pool, which are not yet assigned to any specific user. When a user withdraws their assets from the pool, their share of the unassigned earnings is assigned to them, ensuring that they receive their fair share of the pool's earnings. in recent audit protocol ignored unassigned pool earnings https://github.com/sherlock-audit/2024-04-interest-rate-model-judging?tab=readme-ov-file#issue-h-2-unassigned-pool-earnings-can-be-stolen-when-a-maturity-borrow-is-liquidated-by-depositing-at-maturity-with-1-principal
@EthSecurity1
When a user deposits their assets into the pool, they earn a share of the pool's earnings.
The pool earns rewards in the form of interest, fees, or other incentives.
The pool's earnings are not yet assigned to any specific user, so they are considered "unassigned".
When a user withdraws their assets from the pool, their share of the unassigned earnings is assigned to them.
Why unassigned pool earnings?
The unassigned pool earnings are a result of the way the Uniswap V3 protocol is designed. When a user deposits their assets into the pool, they earn a share of the pool's earnings. However, the earnings are not yet assigned to any specific user, so they are considered "unassigned".
How are unassigned pool earnings assigned?
When a user withdraws their assets from the pool, their share of the unassigned earnings is assigned to them. This is done by calculating the user's share of the pool's earnings based on their deposited assets and the pool's earnings.
Why is it important?
The unassigned pool earnings are important because they represent the rewards earned by the pool, which are not yet assigned to any specific user. When a user withdraws their assets from the pool, their share of the unassigned earnings is assigned to them, ensuring that they receive their fair share of the pool's earnings. in recent audit protocol ignored unassigned pool earnings https://github.com/sherlock-audit/2024-04-interest-rate-model-judging?tab=readme-ov-file#issue-h-2-unassigned-pool-earnings-can-be-stolen-when-a-maturity-borrow-is-liquidated-by-depositing-at-maturity-with-1-principal
@EthSecurity1
GitHub
GitHub - sherlock-audit/2024-04-interest-rate-model-judging
Contribute to sherlock-audit/2024-04-interest-rate-model-judging development by creating an account on GitHub.
π₯2π1
#Defi_reasearch Typical vulnerabilities in lending and CDP protocols https://blog.decurity.io/typical-vulnerabilities-in-lending-and-cdp-protocols-e778e540e215 Borrowing on Ethereum: Comparing Architecture Evolution of MakerDAO, Yield, Aave, Compound, & Euler https://hackernoon.com/borrowing-on-ethereum-comparing-architecture-evolution-of-makerdao-yield-aave-compound-and-euler Trustless Yield Aggregator protocol with customized risk profiles based on per-user policies https://gist.github.com/0xngmi/653aa70d3162f0ef4a41d56ced602a6c @EthSecurity1
Medium
Typical vulnerabilities in lending and CDP protocols
This article explains the security of a popular pattern in the decentralized financeβββthe CDP (collateralized debt position)
π3β€2
Velocore Incident Post-Mortem 7 m$ loss
https://velocorexyz.medium.com/velocore-incident-post-mortem-6197020ec3e9 @EthSecurity1
https://velocorexyz.medium.com/velocore-incident-post-mortem-6197020ec3e9 @EthSecurity1
π3
Forwarded from Wu Blockchain News
An OKX user disclosed today that hackers purchased his personal information and used AI to create fake videos. Hackers used these to change the victim's OKX passwords and even 2FA. More than $2 million US were stolen. Be wary of Deepfakes and personal data leaks. β link
π€―8π₯3
$1.5M was hacked from the liquidity pool of yolo on blast.
90% funds returned @EthSecurity1
90% funds returned @EthSecurity1
π€3π±3
seems certik(The blackhat team) will going to jail. some people think they are same Lazarus.
π€―8
EthSecurity
seems certik(The blackhat team) will going to jail. some people think they are same Lazarus.
Post the @krakenfx breach, have detected similar activity on @base, @BNBCHAIN, @Optimism, @arbitrum, @avax, @LineaBuild and @0xPolygon trying to target @okx, @BingXOfficial, @gate_io, and @binance and others and some unknown addresses.
Here is poc: https://x.com/danielvf/status/1803780167027871878?s=61
@Ethsecurity1
Here is poc: https://x.com/danielvf/status/1803780167027871878?s=61
@Ethsecurity1
β€2π2
THREAD: How are Thefts from Mt. Gox, the Blockchain Bandit, Ethereum Foundation all tied to one another?
https://x.com/BoringSleuth/status/1800407010611003903
@EthSecurity1
https://x.com/BoringSleuth/status/1800407010611003903
@EthSecurity1
X (formerly Twitter)
TruthLabs π«‘ (@BoringSleuth) on X
π¨THREAD: How are Thefts from Mt. Gox, the Blockchain Bandit, Ethereum Foundation all tied to one another? Read thru until the end, as there are new Revelations.
I cannot stress this enough. Ethereum's foundation was built on the corrosive nature of corruption.β¦
I cannot stress this enough. Ethereum's foundation was built on the corrosive nature of corruption.β¦
π1
Two blazing web3sec repos
https://github.com/immunefi-team/Bounty_Boosts
https://github.com/SunWeb3Sec/DeFi-Security-Breach-RCA
@Ethsecurity1
https://github.com/immunefi-team/Bounty_Boosts
https://github.com/SunWeb3Sec/DeFi-Security-Breach-RCA
@Ethsecurity1
GitHub
GitHub - immunefi-team/Past-Audit-Competitions: Bug reports from Immunefi Bounty Boosts
Bug reports from Immunefi Bounty Boosts. Contribute to immunefi-team/Past-Audit-Competitions development by creating an account on GitHub.
β‘3π₯1
Guest Spotlight Article: How to analyze reports and become a great auditor
https://hatsfinance.medium.com/guest-spotlight-article-how-to-analyze-reports-and-become-a-great-auditor-8429e20df2c2
Concentrated liquidity Managers vulners
https://dacian.me/concentrated-liquidity-manager-vulnerabilities @ethsecurity1
https://hatsfinance.medium.com/guest-spotlight-article-how-to-analyze-reports-and-become-a-great-auditor-8429e20df2c2
Concentrated liquidity Managers vulners
https://dacian.me/concentrated-liquidity-manager-vulnerabilities @ethsecurity1
Medium
Guest Spotlight Article: How to analyze reports and become a great auditor
The following content has been kindly guest contributed by bogo, as part of the Security Researcher Content Contributor Programme.
π¦5β‘2
When call and delegatecall return false
A crucial point to understand is when the success value will be true or false. Essentially, it depends on whether the function being executed will revert or not. There are three ways an execution can revert:
β’ if it encounters a REVERT opcode,
β’ if it runs out of gas,
β’ if it attempts something prohibited, such as dividing by zero.
If the function being executed via delegatecall (or call) encounters any of these conditions, it will revert, and the return value of the delegatecall will be false
A question that often confuses developers is why a delegatecall for a non-existent contract doesn't revert and still reports that the execution was successful. an empty address will never meet one of the three conditions for reverting, so it will never revert.
@EthSecurity1
A crucial point to understand is when the success value will be true or false. Essentially, it depends on whether the function being executed will revert or not. There are three ways an execution can revert:
β’ if it encounters a REVERT opcode,
β’ if it runs out of gas,
β’ if it attempts something prohibited, such as dividing by zero.
If the function being executed via delegatecall (or call) encounters any of these conditions, it will revert, and the return value of the delegatecall will be false
A question that often confuses developers is why a delegatecall for a non-existent contract doesn't revert and still reports that the execution was successful. an empty address will never meet one of the three conditions for reverting, so it will never revert.
@EthSecurity1
β€3