Sentiment got hacked for 1m $. Reentrancy Root cause

https://www.coindesk.com/business/2023/04/05/developers-fork-uniswap-v3-protocol-attracts-123m-in-total-value-locked/

What mystery behind growth of forked dapp?

Mev-boost is now semi-permissioned.

A validator blacklist was added as part of the fix last week.

I'm highlighting it because I can find no public announcement or community discussion about this.
github.com/flashbots/mev-…
@EthSecurity1

It seems the @SushiSwap RouterProcessor2 contact has an approve-related bug, which leads to the loss of >$3.3M loss (about 1800 eth)

If you have approved etherscan.io/address/0x044b…, please *REVOKE* ASAP!

One example hack tx: etherscan.io/tx/0xea3480f1f…
@EthSecurity1

Tether geting blacklisting mevbots

FTX held 100 million $ ETH in simple txt :))))

Proxy tools for pentesters https://github.com/ph4ntonn/Stowaway/blob/master/README_EN.md

There was misconfigured in yearnfinance. It made 10 m $ hack today

It seems like the iearn USDT token (yUSDT) has been broken since deploy, which was *checks notes* over 1000 days ago. It was misconfigured to use the Fulcrum iUSDC token instead of the Fulcrum iUSDT token.

Are you familiar with the challenges borrowing and lending protocols face?
#web3sec #defi
Dive into:
- Illiquid liquidations
- Collateral Safeness
- The dangers of governance
- Oracle risk and cost of manipulation

https://tokeninsight.com/en/research/market-analysis/the-7-deadly-sins-of-lending-protocols
@EthSecurity1

The #Cairo Programming Language Book, a comprehensive documentation of the Cairo 1 programming language cairo-book.github.io
Blockchain dark forest selfguard handbook. Master these, master the security of your #cryptocurrency. #web3sec #web3 #DeFi
darkhandbook.io
@EthSecurity1

sort of great DB https://dune.com/pcaversaccio/smart-contract-deployment-statistics https://dune.com/pcaversaccio/minimal-proxies https://dune.com/pcaversaccio/selfdestruct @EthSecurity1