BlockChain

A high risk vulnerability was disclosed to Risk Labs by iosiro affecting the Across bridge relayer infrastructure and awarded with a $90,000 bounty.

Uniswap V3 Development Book # Welcome to the world of decentralized finances and automated market makers! This book will be your guide in this mysterious and amusing world! Together, we’ll build one of the most interesting and important applications, which serves as a pillar of today’s decentralized finances–Uniswap V3! This book will guide you through the development of a decentralized application, including: smart-contract development (in Solidity); contracts testing and deployment (using Forge and Anvil from Foundry); design and mathematics of a decentralized exchange; development of a front-end application for the exchange (React and MetaMask).

How to Become a Smart Contract Auditor: https://jacksonkelley.gumroad.com/l/how-to-become-a-smart-contract-auditor/process-one-ytIn this video, I do the firs...

An introduction to maximal extractable value (MEV)

A chronological and (hopefully) complete list of reentrancy attacks to date. - pcaversaccio/reentrancy-attacks: A chronological and (hopefully) complete list of reentrancy attacks to date.

Slides: https://drive.google.com/file/d/1-wzuY4U4OKFQ2Mc4ctmwKh2g3fAl4_85/view?usp=sharingFurther to the section on Front Running, I have created a post on E...

In 2021 we privately disclosed multiple vulnerabilities in the InterPlanetary File System but never really talked about it. Let’s change that 😊!

Chaos Labs, a cloud security platform for DeFi applications, has released open source tooling for developing with Uniswap v3 TWAP Oracles.

iosiro disclosed a UUPS proxy vulnerability to several teams, affecting over $50m in assets. This post details the technical details and the disclosure to OpenZeppelin.

Browse distinguished companies providing smart contract auditing services and find contact information, previous reports, client testimonials and more.

Guidelines and training material to write secure smart contracts - GitHub - crytic/building-secure-contracts: Guidelines and training material to write secure smart contracts

function renderKatex(element) { renderMathInElement(document.body, { delimiters: [ { left: '$$', right: '$$', display: true }, { left: '$', right: '$', display: false }, { left: '\\(', right: '\\)', display: false }, { left: '\\[', right: '\\]', display: true } ], throwOnError: false }); } \[ \] You’ll find the complete code of this chapter in this Github branch. First Swap # In this milestone, we’ll build a pool contract that can receive liquidity from users and make swaps within a price range.

Stay current with latest DeFi/NFT events, hacks & innovations from around the globe. Don't fall behind! Click to read HashingBits, by QuillAudits, a Substack publication with hundreds of readers.

DefiLlama is a DeFi TVL aggregator. It is committed to providing accurate data without ads or sponsored content, as well as transparency.

How to efficiently maximise arbitrage profit over a set of exchanges via Convex Optimisation

Learn about Merkle tree and merkle proof using Solidity. Code: https://solidity-by-example.org/app/merkle-tree Remix IDE: http://remix.ethereum.org Solidity: https://solidity.readthedocs.io Follow on Twitter: @ProgrammerSmart https://twitter.com/ProgrammerSmart Website: https://smartcontractprogrammer.com

Life of a DeFi developer: Say `gm`. Scroll crypto twitter and commiserate about the bear market. Architect new and complex financial and governance systems. Their robustness is so vitally critical

Having a similar name, Agave.finance is a forked from Aave V2 on the Gnosis chain. One would think that a fork of a battle-tested protocol…

London Blockchain Security meetup #001 Dirk Brink is a Tech Lead at Graphcore and bug bounty hunter at Immunefi. He studied Electrical and Electronic Enginee...

GitHub Gist: instantly share code, notes, and snippets.

In this article, let's look at how you can perform off-chain computation using Ethereum signatures. Cryptographic signatures can be used to validate the origin and integrity of messages. Then, we'll examine real-life use cases of off-chain computation such as decentralized exchanges, state channels, and meta transactions.

A compilation of patterns and best practices for the smart contract programming language Solidity - fravoll/solidity-patterns: A compilation of patterns and best practices for the smart contract pr...

Digging deep into the EVM mechanics during contract function calls

Best resources for Solidity gas optimizations ⛽. Contribute to iskdrews/awesome-solidity-gas-optimization development by creating an account on GitHub.

A curated list of awesome things related to learning Zero-Knowledge Proofs (ZKP). - matter-labs/awesome-zero-knowledge-proofs: A curated list of awesome things related to learning Zero-Knowledge Pr...

Abstract Generally disallowing state-changing effects after an external function call and enabling the possibility to mark functions that specifically do this. Motivation I started this discussion ...

A curated list of Smart Contract Security materials and resources For Researchers - saeidshirazi/Awesome-Smart-Contract-Security: A curated list of Smart Contract Security materials and resources F...

My blockchains adventure continues! This time I protected Moonbeam network by disclosing a critical design flaw, safeguarding more than $100M assets at risk in various DeFi projects. I was awarded the maximum reward amount of their bug bounty program on Immunefi, $1M, and $50k bonus from Moonwell (I guess that’s also one of the top 10 highest bug bounties?)