sonneFinance Post-mortem Lost 20 m $
https://medium.com/@SonneFinance/post-mortem-sonne-finance-exploit-12f3daa82b06 @EthSecurity1
https://medium.com/@SonneFinance/post-mortem-sonne-finance-exploit-12f3daa82b06 @EthSecurity1
Medium
Post-mortem, Sonne Finance exploit
We are extremely sorry to announce that Sonne Finance (Optimism)has been exploited with known donation attack to Compound v2 forks.
👍4
https://reports.yaudit.dev/reports/05-2023-Sonne/#4-high---unclear-protection-against-hundred-finance-attack-vector
Auditors mentioned their unclear approach! @Ethsecurity1
Auditors mentioned their unclear approach! @Ethsecurity1
yAudit Reports
05-2023-Sonne
Sonne yAudit Report
Forwarded from Vladimir S. | Officer's Channel (officercia)
Uncover how DeFi's lending & borrowing pose security challenges. From unchecked repayments to smart contract exploits, see how you can safeguard against vulnerabilities!
Read more
• https://wiki.r.security/wiki/Lending/Borrowing
#audit #solidity #web3 #security
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥4🤝3❤1💯1
Forwarded from Popeye
💡 Sonne Finance's Timelock Implementation on Optimism Hack Analysis:
https://x.com/Olympix_ai/status/1792534207769510123
https://medium.com/@olympixai/sonne-finance-exploited-a-detailed-analysis-0b52151d4d2a
https://x.com/Olympix_ai/status/1792534207769510123
https://medium.com/@olympixai/sonne-finance-exploited-a-detailed-analysis-0b52151d4d2a
X (formerly Twitter)
Olympix (@Olympix_ai) on X
On May 14, 2024, @SonneFinance, a non-custodial DEX on @Optimism, suffered a $20M exploit. Thanks to the @_SEAL_Org contributors, a quick response helped save $6.5 million.
🔏Key Takeaway: Timelock Misalignment Creates Opportunity
The attacker exploited…
🔏Key Takeaway: Timelock Misalignment Creates Opportunity
The attacker exploited…
👏4
#Defi_Research Optimized lending protocol for redeemable assets https://gist.github.com/0xngmi/c92ce3fce377a0e72c1e90052db98bf1 Modern DeFi Lending Protocols, how it's made: Euler V2 https://mixbytes.io/blog/modern-defi-lending-protocols-how-its-made-euler-v2 @EthSecurity1
Gist
Lending protocol optimized for redeemable assets
Lending protocol optimized for redeemable assets. GitHub Gist: instantly share code, notes, and snippets.
👍3
the problem with eip4337. https://x.com/jtriley_eth/status/1795151789282750481 @EthSecurity1
X (formerly Twitter)
jtriley2p (any/any) (@jtriley2p) on X
the problem with eip4337.
4337 is an account abstraction eip that introduces user operations, bundlers, executors, and a new mempool for propagating user operations across the network to be bundled.
the direction of 4337 is sound. users' actions are moved…
4337 is an account abstraction eip that introduces user operations, bundlers, executors, and a new mempool for propagating user operations across the network to be bundled.
the direction of 4337 is sound. users' actions are moved…
👍4❤1
unassigned pool earnings In the context of the Uniswap V3 protocol, the "unassigned pool earnings" How it works:
When a user deposits their assets into the pool, they earn a share of the pool's earnings.
The pool earns rewards in the form of interest, fees, or other incentives.
The pool's earnings are not yet assigned to any specific user, so they are considered "unassigned".
When a user withdraws their assets from the pool, their share of the unassigned earnings is assigned to them.
Why unassigned pool earnings?
The unassigned pool earnings are a result of the way the Uniswap V3 protocol is designed. When a user deposits their assets into the pool, they earn a share of the pool's earnings. However, the earnings are not yet assigned to any specific user, so they are considered "unassigned".
How are unassigned pool earnings assigned?
When a user withdraws their assets from the pool, their share of the unassigned earnings is assigned to them. This is done by calculating the user's share of the pool's earnings based on their deposited assets and the pool's earnings.
Why is it important?
The unassigned pool earnings are important because they represent the rewards earned by the pool, which are not yet assigned to any specific user. When a user withdraws their assets from the pool, their share of the unassigned earnings is assigned to them, ensuring that they receive their fair share of the pool's earnings. in recent audit protocol ignored unassigned pool earnings https://github.com/sherlock-audit/2024-04-interest-rate-model-judging?tab=readme-ov-file#issue-h-2-unassigned-pool-earnings-can-be-stolen-when-a-maturity-borrow-is-liquidated-by-depositing-at-maturity-with-1-principal
@EthSecurity1
When a user deposits their assets into the pool, they earn a share of the pool's earnings.
The pool earns rewards in the form of interest, fees, or other incentives.
The pool's earnings are not yet assigned to any specific user, so they are considered "unassigned".
When a user withdraws their assets from the pool, their share of the unassigned earnings is assigned to them.
Why unassigned pool earnings?
The unassigned pool earnings are a result of the way the Uniswap V3 protocol is designed. When a user deposits their assets into the pool, they earn a share of the pool's earnings. However, the earnings are not yet assigned to any specific user, so they are considered "unassigned".
How are unassigned pool earnings assigned?
When a user withdraws their assets from the pool, their share of the unassigned earnings is assigned to them. This is done by calculating the user's share of the pool's earnings based on their deposited assets and the pool's earnings.
Why is it important?
The unassigned pool earnings are important because they represent the rewards earned by the pool, which are not yet assigned to any specific user. When a user withdraws their assets from the pool, their share of the unassigned earnings is assigned to them, ensuring that they receive their fair share of the pool's earnings. in recent audit protocol ignored unassigned pool earnings https://github.com/sherlock-audit/2024-04-interest-rate-model-judging?tab=readme-ov-file#issue-h-2-unassigned-pool-earnings-can-be-stolen-when-a-maturity-borrow-is-liquidated-by-depositing-at-maturity-with-1-principal
@EthSecurity1
GitHub
GitHub - sherlock-audit/2024-04-interest-rate-model-judging
Contribute to sherlock-audit/2024-04-interest-rate-model-judging development by creating an account on GitHub.
🔥2👍1
#Defi_reasearch Typical vulnerabilities in lending and CDP protocols https://blog.decurity.io/typical-vulnerabilities-in-lending-and-cdp-protocols-e778e540e215 Borrowing on Ethereum: Comparing Architecture Evolution of MakerDAO, Yield, Aave, Compound, & Euler https://hackernoon.com/borrowing-on-ethereum-comparing-architecture-evolution-of-makerdao-yield-aave-compound-and-euler Trustless Yield Aggregator protocol with customized risk profiles based on per-user policies https://gist.github.com/0xngmi/653aa70d3162f0ef4a41d56ced602a6c @EthSecurity1
Medium
Typical vulnerabilities in lending and CDP protocols
This article explains the security of a popular pattern in the decentralized finance — the CDP (collateralized debt position)
👍3❤2
Velocore Incident Post-Mortem 7 m$ loss
https://velocorexyz.medium.com/velocore-incident-post-mortem-6197020ec3e9 @EthSecurity1
https://velocorexyz.medium.com/velocore-incident-post-mortem-6197020ec3e9 @EthSecurity1
👍3
Forwarded from Wu Blockchain News
An OKX user disclosed today that hackers purchased his personal information and used AI to create fake videos. Hackers used these to change the victim's OKX passwords and even 2FA. More than $2 million US were stolen. Be wary of Deepfakes and personal data leaks. — link
🤯8🔥3
seems certik(The blackhat team) will going to jail. some people think they are same Lazarus.
🤯8
EthSecurity
seems certik(The blackhat team) will going to jail. some people think they are same Lazarus.
Post the @krakenfx breach, have detected similar activity on @base, @BNBCHAIN, @Optimism, @arbitrum, @avax, @LineaBuild and @0xPolygon trying to target @okx, @BingXOfficial, @gate_io, and @binance and others and some unknown addresses.
Here is poc: https://x.com/danielvf/status/1803780167027871878?s=61
@Ethsecurity1
Here is poc: https://x.com/danielvf/status/1803780167027871878?s=61
@Ethsecurity1
❤2👍2
THREAD: How are Thefts from Mt. Gox, the Blockchain Bandit, Ethereum Foundation all tied to one another?
https://x.com/BoringSleuth/status/1800407010611003903
@EthSecurity1
https://x.com/BoringSleuth/status/1800407010611003903
@EthSecurity1
X (formerly Twitter)
TruthLabs 🫡 (@BoringSleuth) on X
🚨THREAD: How are Thefts from Mt. Gox, the Blockchain Bandit, Ethereum Foundation all tied to one another? Read thru until the end, as there are new Revelations.
I cannot stress this enough. Ethereum's foundation was built on the corrosive nature of corruption.…
I cannot stress this enough. Ethereum's foundation was built on the corrosive nature of corruption.…
👍1
Two blazing web3sec repos
https://github.com/immunefi-team/Bounty_Boosts
https://github.com/SunWeb3Sec/DeFi-Security-Breach-RCA
@Ethsecurity1
https://github.com/immunefi-team/Bounty_Boosts
https://github.com/SunWeb3Sec/DeFi-Security-Breach-RCA
@Ethsecurity1
GitHub
GitHub - immunefi-team/Past-Audit-Competitions: Bug reports from Immunefi Bounty Boosts
Bug reports from Immunefi Bounty Boosts. Contribute to immunefi-team/Past-Audit-Competitions development by creating an account on GitHub.
⚡3🔥1
Guest Spotlight Article: How to analyze reports and become a great auditor
https://hatsfinance.medium.com/guest-spotlight-article-how-to-analyze-reports-and-become-a-great-auditor-8429e20df2c2
Concentrated liquidity Managers vulners
https://dacian.me/concentrated-liquidity-manager-vulnerabilities @ethsecurity1
https://hatsfinance.medium.com/guest-spotlight-article-how-to-analyze-reports-and-become-a-great-auditor-8429e20df2c2
Concentrated liquidity Managers vulners
https://dacian.me/concentrated-liquidity-manager-vulnerabilities @ethsecurity1
Medium
Guest Spotlight Article: How to analyze reports and become a great auditor
The following content has been kindly guest contributed by bogo, as part of the Security Researcher Content Contributor Programme.
🦄5⚡2
When call and delegatecall return false
A crucial point to understand is when the success value will be true or false. Essentially, it depends on whether the function being executed will revert or not. There are three ways an execution can revert:
• if it encounters a REVERT opcode,
• if it runs out of gas,
• if it attempts something prohibited, such as dividing by zero.
If the function being executed via delegatecall (or call) encounters any of these conditions, it will revert, and the return value of the delegatecall will be false
A question that often confuses developers is why a delegatecall for a non-existent contract doesn't revert and still reports that the execution was successful. an empty address will never meet one of the three conditions for reverting, so it will never revert.
@EthSecurity1
A crucial point to understand is when the success value will be true or false. Essentially, it depends on whether the function being executed will revert or not. There are three ways an execution can revert:
• if it encounters a REVERT opcode,
• if it runs out of gas,
• if it attempts something prohibited, such as dividing by zero.
If the function being executed via delegatecall (or call) encounters any of these conditions, it will revert, and the return value of the delegatecall will be false
A question that often confuses developers is why a delegatecall for a non-existent contract doesn't revert and still reports that the execution was successful. an empty address will never meet one of the three conditions for reverting, so it will never revert.
@EthSecurity1
❤3
in Solidity if you make a delegate call to an Externally Owned Account the return value is always true @Ethsecurity1
🦄4🔥2
scroll token hacked in may, Root cause was underflow beside using solidity 0.8.19. anybody knows why this happend? POC: https://github.com/SunWeb3Sec/DeFiHackLabs/blob/main/src/test/2024-05/SCROLL_exp.sol Attacker : 0x55Db954F0121E09ec838a20c216eABf35Ca32cDD
// Attack Contract : 0x55f5aac4466eb9b7bbeee8c05b365e5b18b5afcc
// Vulnerable Contract : 0xe51D3dE9b81916D383eF97855C271250852eC7B7
// Attack Tx : https://etherscan.io/tx/0x661505c39efe1174da44e0548158db95e8e71ce867d5b7190b9eabc9f314fe91
// Vulnerable Contract Code : https://etherscan.io/address/0xe51D3dE9b81916D383eF97855C271250852eC7B7#code @EthSecurity1
// Attack Contract : 0x55f5aac4466eb9b7bbeee8c05b365e5b18b5afcc
// Vulnerable Contract : 0xe51D3dE9b81916D383eF97855C271250852eC7B7
// Attack Tx : https://etherscan.io/tx/0x661505c39efe1174da44e0548158db95e8e71ce867d5b7190b9eabc9f314fe91
// Vulnerable Contract Code : https://etherscan.io/address/0xe51D3dE9b81916D383eF97855C271250852eC7B7#code @EthSecurity1
GitHub
DeFiHackLabs/src/test/2024-05/SCROLL_exp.sol at main · SunWeb3Sec/DeFiHackLabs
Reproduce DeFi hacked incidents using Foundry. Contribute to SunWeb3Sec/DeFiHackLabs development by creating an account on GitHub.
🤔4
Forwarded from DL News | News Feed
DL News
A CertiK-linked platform posts bug reports publicly. Researchers say it’s ‘insanely irresponsible’
A bug bounty platform has been posting bug reports publicly. It's "insanely irresponsible," a security researcher says. The platform also lists projects' bug bounties without their permission.
😱2⚡1😁1