Daily Security
https://dacian.me/series/vulnerability-deep-dives
Vulnerable spots of Lending/Borrowing protocols
https://mixbytes.io/blog/vulnerable-spots-of-lending-protocols
https://dacian.me/lending-borrowing-defi-attacks
https://mixbytes.io/blog/vulnerable-spots-of-lending-protocols
https://dacian.me/lending-borrowing-defi-attacks
mixbytes.io
Vulnerable Spots of Lending Protocols
In this article we will try to go through the core security vulnerabilities common to the lending protocol.
👍1
Forwarded from EthSecurity
nonReentrant modifiers might potentially cause a DoS attack.
https://medium.com/@bloqarl/uncovering-real-life-examples-of-denial-of-service-attacks-on-smart-contracts-8bc220c2cdd0
@EthSecurity1
https://medium.com/@bloqarl/uncovering-real-life-examples-of-denial-of-service-attacks-on-smart-contracts-8bc220c2cdd0
@EthSecurity1
Medium
How to identify Denial of Service attacks on Smart Contracts?
If you have been trying to learn about potential cases of DoS attacks and end up always with the same examples (as I did), you might be…
Forwarded from EthSecurity
Are you familiar with the challenges borrowing and lending protocols face?
#web3sec #defi
Dive into:
- Illiquid liquidations
- Collateral Safeness
- The dangers of governance
- Oracle risk and cost of manipulation
https://tokeninsight.com/en/research/market-analysis/the-7-deadly-sins-of-lending-protocols
@EthSecurity1
#web3sec #defi
Dive into:
- Illiquid liquidations
- Collateral Safeness
- The dangers of governance
- Oracle risk and cost of manipulation
https://tokeninsight.com/en/research/market-analysis/the-7-deadly-sins-of-lending-protocols
@EthSecurity1
Tokeninsight
The 7 Deadly Sins of Lending Protocols
Lending protocols have been a major target for hacks and attacks over the last few years, as many platforms often fail to ensure the security of their code, while others overestimate the safety of their economic designs. However, the industry has been learning…
Forwarded from EthSecurity
Web3 Dev
1)How do you construct a lending protocol that supports arbitrary collateral, has no oracles, and has no expirations?
Read the whitepaper to find out:
paradigm.xyz/2023/05/blend
2) Web3education.dev brought by patrick collins
@EthSecurity1
1)How do you construct a lending protocol that supports arbitrary collateral, has no oracles, and has no expirations?
Read the whitepaper to find out:
paradigm.xyz/2023/05/blend
2) Web3education.dev brought by patrick collins
@EthSecurity1
Paradigm
Blend: Perpetual Lending With NFT Collateral - Paradigm
Paradigm is a research-driven crypto investment firm that funds companies and protocols from their earliest stages.
👍1
Forwarded from EthSecurity
If you see a Solidity method that has an argument of type array, always check for 3 things:
1. What if the array length is 0?
2. What if there are duplicated elements in the array?
3. What if there are zero value elements in the array?
@EthSecurity1
1. What if the array length is 0?
2. What if there are duplicated elements in the array?
3. What if there are zero value elements in the array?
@EthSecurity1
Forwarded from EthSecurity
Heads up! Some Curve ETH pools have a major bug that allows an attacker to manipulate the virtual_price.
https://twitter.com/danielvf/status/1657019677544001536?s=19
@EthSecurity1
https://twitter.com/danielvf/status/1657019677544001536?s=19
@EthSecurity1
X (formerly Twitter)
Daniel Von Fange (@danielvf) on X
Heads up! Some Curve ETH pools have a major bug that allows an attacker to manipulate the virtual_price.
This includes the largest pool on Curve.
1/5
This includes the largest pool on Curve.
1/5
👍1
Audit checklists for CDP( Collaterized Debt Positions)
Give it a star🙏
https://github.com/Decurity/audit-checklists/blob/master/cdp.md
Give it a star🙏
https://github.com/Decurity/audit-checklists/blob/master/cdp.md
👌1
Multichain Auditor
Observations and tips for auditing protocols on multiple chains 🧐
https://github.com/0xJuancito/multichain-auditor
Observations and tips for auditing protocols on multiple chains 🧐
https://github.com/0xJuancito/multichain-auditor
GitHub
GitHub - 0xJuancito/multichain-auditor: Observations and tips checklist for auditing protocols on multiple chains 🧐
Observations and tips checklist for auditing protocols on multiple chains 🧐 - 0xJuancito/multichain-auditor
👍5
Solidity Security: Comprehensive list of known attack vectors and common anti-patterns
This is an in-depth and up-to-date introductory post detailing the past mistakes that have been made by Solidity developers in an effort to prevent future devs from repeating history.
https://blog.sigmaprime.io/solidity-security.html
@ethers_security
This is an in-depth and up-to-date introductory post detailing the past mistakes that have been made by Solidity developers in an effort to prevent future devs from repeating history.
https://blog.sigmaprime.io/solidity-security.html
@ethers_security
Sigma Prime
Solidity Security: Comprehensive list of known attack vectors and common anti-patterns
This post aims to be a relatively in-depth and up-to-date introductory post detailing the past mistakes that have been made by Solidity...
❤3👍2
Typical vulnerabilities in LSD(not a drug, but Liquid Staking Derivatives) protocols. Check it out 😁🙏
https://blog.decurity.io/typical-vulnerabilities-in-lsd-protocols-e52ffe4ee175
https://mixbytes.io/blog/liquid
@ethers_security
https://blog.decurity.io/typical-vulnerabilities-in-lsd-protocols-e52ffe4ee175
https://mixbytes.io/blog/liquid
@ethers_security
Medium
Typical vulnerabilities in LSD protocols
In this article, we will examine the security aspects of widely used Liquid Staking Derivatives (LSD) protocols.
🤣5🔥2👍1