Price & Reward Manipulation Attacks Distilled by Officercia
Numerical Analysis - Security Tips and Tricks for DeFi Audits by Spearbit.
Saving $100M at risk in KyberSwap Elastic by 100 Proof.
Election Fraud? Double Voting in Celer’s State Guardian Network by Felix Wilhelm.
@EthSecurity1
Numerical Analysis - Security Tips and Tricks for DeFi Audits by Spearbit.
Saving $100M at risk in KyberSwap Elastic by 100 Proof.
Election Fraud? Double Voting in Celer’s State Guardian Network by Felix Wilhelm.
@EthSecurity1
Medium
Price & Reward Manipulation Attacks Distilled
Today, we’re going to take a look at a variety of different attacks, dissect the ways in which they differ from one another, and discuss…
🔥2🦄2❤1
Satacom delivers browser extension that steals cryptocurrency by Kaspersky
Towards Understanding Crypto Money Laundering in Web3 Through the Lenses of Ethereum Heists
@EthSecurity1
Towards Understanding Crypto Money Laundering in Web3 Through the Lenses of Ethereum Heists
@EthSecurity1
Securelist
Recent Satacom campaign delivers cryptocurrency-stealing addon
A recent campaign by Satacom downloader is delivering a cryptocurrency-stealing extension for Chromium-based browsers, such as Chrome, Brave and Opera.
Struggling with codebases? Try this:
1) Manage workload in bite-size sections daily
2) Interact with code through comments
3) Understand the code before the docs
4) Use state machines to track variable changes. Stay organized, stay efficient.
@EthSecurity1
1) Manage workload in bite-size sections daily
2) Interact with code through comments
3) Understand the code before the docs
4) Use state machines to track variable changes. Stay organized, stay efficient.
@EthSecurity1
🔥4
huff vs yul
inline assembly???
In a way, yes. Yul is an assembly language, but it is designed to be used in conjunction with Solidity as a lower-level alternative to Solidity's high-level syntax. but Huff is not inline assembly
optimization???
Huff provides even greater efficiency and optimization at the cost of more complex programming. it is great to manage jumps and stacks
@EthSecurity1
inline assembly???
In a way, yes. Yul is an assembly language, but it is designed to be used in conjunction with Solidity as a lower-level alternative to Solidity's high-level syntax. but Huff is not inline assembly
optimization???
Huff provides even greater efficiency and optimization at the cost of more complex programming. it is great to manage jumps and stacks
@EthSecurity1
❤5
6 security sins of Web3 bridges by Damian Rusinek.
Catch me if you can! Learning about edge cases of Solidity's try/catch while I explored Account Abstraction by matta.
@EthSecurity1
Catch me if you can! Learning about edge cases of Solidity's try/catch while I explored Account Abstraction by matta.
@EthSecurity1
Smart Contract Audits - Composable Security 🇵🇱⛓
Bridge exploits account for ~50% of all decentralized finance exploits since September 2020, totaling ~$2.5B in lost assets, according to…
❤5
All things reentrancy! workshop by Jsec Security.
Intro to Smart Contract Security Audit — Front Running by SlowMist
ArbiNet is the MEV detection model that doesn't require knowledge about DeFi smart contracts.
@EthSecurity1
Intro to Smart Contract Security Audit — Front Running by SlowMist
ArbiNet is the MEV detection model that doesn't require knowledge about DeFi smart contracts.
@EthSecurity1
GitHub
GitHub - jcsec-security/all-things-reentrancy: Workshop about the different types of reentrancy attacks
Workshop about the different types of reentrancy attacks - jcsec-security/all-things-reentrancy
👍5
Forwarded from Vladimir S. | Officer's Channel (officercia)
GM! Check out my latest piece!
I'll describe Web3 audits, CTFs, and compare the corresponding security methodologies in it.
Also presenting a new project from my friend’s team r(dot)xyz - go check it out as well fam!
• officercia.mirror.xyz/VmSJDoV3c8xKDMRjTOl4DQ7KPgBTlb8cVdcTlOJxj1g
#security #web3
I'll describe Web3 audits, CTFs, and compare the corresponding security methodologies in it.
Also presenting a new project from my friend’s team r(dot)xyz - go check it out as well fam!
• officercia.mirror.xyz/VmSJDoV3c8xKDMRjTOl4DQ7KPgBTlb8cVdcTlOJxj1g
#security #web3
intro to zkp Security.this promoted by spearbit
https://www.youtube.com/watch?v=8wsR7o0rOxU&feature=youtu.be
@EthSecurity1
https://www.youtube.com/watch?v=8wsR7o0rOxU&feature=youtu.be
@EthSecurity1
🔥3
Demystifying Ethereum Assembly by Joshua Riley | Devcon Bogotá
https://www.youtube.com/watch?v=btDOvn8pLkA
@EthSecurity1
https://www.youtube.com/watch?v=btDOvn8pLkA
@EthSecurity1
YouTube
Demystifying Ethereum Assembly by Joshua Riley | Devcon Bogotá
Visit the https://archive.devcon.org/ to gain access to the entire library of Devcon talks with the ease of filtering, playlists, personalized suggestions, decentralized access on Swarm, IPFS and more.
https://archive.devcon.org/archive/watch/6/demystifying…
https://archive.devcon.org/archive/watch/6/demystifying…
❤4
https://blog.openzeppelin.com/openzeppelin-security-report-top-security-incidents-and-insights-from-april-june-2023 @EthSecurity1
Openzeppelin
Security Report: Top Incidents and Insights from April - June 2023
By shedding light on various vulnerabilities and risks, the OpenZeppelin Security Report aims to dissect some of the key incidents and lessons learned for blockchain security researchers. In this edition, we will explore exploits from critical logic errors…
-How To Reproduce A Simple MEV Attack
-Your Sandwich Is My Lunch: How To Drain MEV Contracts V2
@EthSecurity1
-Your Sandwich Is My Lunch: How To Drain MEV Contracts V2
@EthSecurity1
Medium
How To Reproduce A Simple MEV Attack
Introduction
😁3🔥2
What does a math-related critical bug look like in Polygon's zkEVM?
https://twitter.com/SpearbitDAO/status/1679189382907953180?s=20
@EthSecurity1
https://twitter.com/SpearbitDAO/status/1679189382907953180?s=20
@EthSecurity1
❤5
https://www.helpnetsecurity.com/2023/07/17/quantum-based-attacks-video/?utm_content=257253710&utm_medium=social&utm_source=twitter&hss_channel=tw-906029628
@EthSecurity1
@EthSecurity1
Help Net Security
Real-world examples of quantum-based attacks
In this video, Tommaso Gagliardoni, Global Practice Lead in Quantum Security at Kudelski Security, discusses quantum-based attacks.