AI Smart Contract Auditor
Security
shantanhunt/Smart-Contract-Auditor-Tools-and-Techniques
Contribute to shantanhunt/Smart-Contract-Auditor-Tools-and-Techniques development by creating an account on GitHub.
Solidity Gas Optimizations, The Innovative & Dangerous — haruxe
While pushing hard for the lowest possible execution costs is breeding creativity and innovation, it's putting some protocols at risk. Let's take a deep dive.
Search | arXiv e-print repository
Audit Hero
SunWeb3Sec/DeFiVulnLabs: To learn common smart contract vulnerabilities using Foundry!
DiligentDeer
Research | Analysis | Insights | Opinions
Incentives Supply & Demand.
Curve LP Oracle Manipulation: Post Mortem
What if you could manipulate Curve's oracles to exploit major DeFi protocols? Read about the technical details of read-only reentrency attacks.
Decoding $220K Read-only Reentrancy Exploit| QuillAudits
Summary:On the 24th of October 2022, Market.xyz (lending market on QuickSwap DEX) was exploited with a price manipulation attack.
DeFi Hacks Analysis - Root Cause
defi-by-example/read-only-reentrancy at main · stakewithus/defi-by-example
Contribute to stakewithus/defi-by-example development by creating an account on GitHub.
DevCon 6 - Security Track
Share your videos with friends, family, and the world
The Dangers of Surprising Code
The only thing worse than a bug in your code that breaks everything is a bug in your code that subtly breaks one thing
Read-only Reentrency - a Novel Vulnerability Class Responsible for $100m+ Funds at Risk
Replaying Ethereum Hacks - Rari Fuse VUSD Price Manipulation | cmichel
A few days ago, pool 23 of Rari’s Fuse platform was exploited.
In this episode of the Replaying Ethereum Hacks series, we will look at what…
High Risk Bug Disclosure: Across Bridge Double-Spend | iosiro
A high risk vulnerability was disclosed to Risk Labs by iosiro affecting the Across bridge relayer infrastructure and awarded with a $90,000 bounty.
My Smart Contract Audit Process (Part 1)
How to Become a Smart Contract Auditor: https://jacksonkelley.gumroad.com/l/how-to-become-a-smart-contract-auditor/process-one-ytIn this video, I do the firs...
Maximal extractable value (MEV) | ethereum.org
An introduction to maximal extractable value (MEV)
pcaversaccio/reentrancy-attacks: A chronological and (hopefully) complete list of reentrancy attacks to date.
A chronological and (hopefully) complete list of reentrancy attacks to date. - pcaversaccio/reentrancy-attacks: A chronological and (hopefully) complete list of reentrancy attacks to date.
Smart Contract Security / Solidity Security & how to change the bytecode of a deployed contract
Slides: https://drive.google.com/file/d/1-wzuY4U4OKFQ2Mc4ctmwKh2g3fAl4_85/view?usp=sharingFurther to the section on Front Running, I have created a post on E...
Smart Contract Security _ Solidity Security.pdf
The forgotten IPFS vulnerabilities | ConsenSys Diligence
In 2021 we privately disclosed multiple vulnerabilities in the InterPlanetary File System but never really talked about it. Let’s change that 😊!
Perma-brick UUPS proxies with this one trick (devs hate this!) | iosiro
iosiro disclosed a UUPS proxy vulnerability to several teams, affecting over $50m in assets. This post details the technical details and the disclosure to OpenZeppelin.
Discover the World's Top Smart Contract Auditing Companies | SmartContractAudits
Browse distinguished companies providing smart contract auditing services and find contact information, previous reports, client testimonials and more.
DEX Arbitrage, Mathematical Optimisations & Me
How to efficiently maximise arbitrage profit over a set of exchanges via Convex Optimisation
Forked protocols are not battle-tested: Agave Uninitialized Proxy Vulnerability
Having a similar name, Agave.finance is a forked from Aave V2 on the Gnosis chain. One would think that a fork of a battle-tested protocol…
web3 Bug Bounty 101 - Dirk Brink
London Blockchain Security meetup #001 Dirk Brink is a Tech Lead at Graphcore and bug bounty hunter at Immunefi. He studied Electrical and Electronic Enginee...
EVM Deep Dives: The Path to Shadowy Super Coder 🥷 💻 - Part 1
Digging deep into the EVM mechanics during contract function calls
Language feature: disallow state-changing effects after an external call by default · Issue #12996 · ethereum/solidity
Abstract Generally disallowing state-changing effects after an external function call and enabling the possibility to mark functions that specifically do this. Motivation I started this discussion ...
saeidshirazi/Awesome-Smart-Contract-Security: A curated list of Smart Contract Security materials and resources For Researchers
A curated list of Smart Contract Security materials and resources For Researchers - saeidshirazi/Awesome-Smart-Contract-Security: A curated list of Smart Contract Security materials and resources F...