ETHSecurity Community
/eth-security1271
This is the farcaster instantiation of the great and lindy ETHSecurity community which exists on Telegram and elsewhere.
Does anyone else get tired of ignoring this?
Ready to elevate your Web3 bug bounty game? In this video, we’re diving into the Top 5 Tools for Web3 Security Researchers that every hacker and developer should know ⬇️
https://youtu.be/zS9e8uIq_go?si=ZupuI6Y2pIZz1go-
https://youtu.be/zS9e8uIq_go?si=ZupuI6Y2pIZz1go-
LOL @ Ogle getting called out by John Oliver for helping Trump with his shitty crypto platform. Seriously, I have all the respect in the world for the awesome shit that Ogle has done for the community, but this Trump exchange nonsense is ridiculous.
SEAL ISAC has a database of individual threat actors identified as DPRK operatives.
Also apparently asking the candidate to say “Kim Jong Un sucks” is an effective screening mechanism…
https://isac.securityalliance.org/news/DPRK_OpenToWork
Also apparently asking the candidate to say “Kim Jong Un sucks” is an effective screening mechanism…
https://isac.securityalliance.org/news/DPRK_OpenToWork
this too is heterogeinus sharding
My first (and let's hope not last) contribution to Solidity has been merged!
A little revision: address.codehash can produce two results for an account with zero code, depending on whether the account has balance or not (among other factors), which caused a couple of issues at least on @code4rena .
My proposal added a warning to the documentation to reduce confusion among developers.
Thanks to everyone who participated in the discussion!
https://github.com/ethereum/solidity/pull/14793
A little revision: address.codehash can produce two results for an account with zero code, depending on whether the account has balance or not (among other factors), which caused a couple of issues at least on @code4rena .
My proposal added a warning to the documentation to reduce confusion among developers.
Thanks to everyone who participated in the discussion!
https://github.com/ethereum/solidity/pull/14793
This Week's Security News & Bounties
Penpie suffered a ~$27M exploit
@godsflaw revealed L2 DAI deployer compromised
@areta launched a $2.5M Arbitrum Subsidy Fund
@eulerfoundation launched a $1M bug bounty program
details and more:
https://web3builder.news/security-and-bounties-09-02-24/
Penpie suffered a ~$27M exploit
@godsflaw revealed L2 DAI deployer compromised
@areta launched a $2.5M Arbitrum Subsidy Fund
@eulerfoundation launched a $1M bug bounty program
details and more:
https://web3builder.news/security-and-bounties-09-02-24/
Hello, hello, hi.
Today we announced that Zellic and Code4rena are joining forces.
Personally, I'm pretty excited about this. Working with Luna and Jazzy and their incredible team has already been an amazing experience. I'm thrilled to be aligned with researchers so focused and excellent at advancing security outcomes in the space.
Another benefit: maybe now that the acquisition is done, I'll get to cast more 😅
Thanks to everyone who has been super-supportive and understanding of my slow response times (especially @phil for single-handedly making the /books channel epic along with everything else he does) AND ALSO those who continue to talk to me even though my banger casts have been few and far between (honestly will leave that to @christin and @cameron from now on anyway)
And if you have any questions about the acquisition, feel free to DM! I like 1:1 chats :)
Today we announced that Zellic and Code4rena are joining forces.
Personally, I'm pretty excited about this. Working with Luna and Jazzy and their incredible team has already been an amazing experience. I'm thrilled to be aligned with researchers so focused and excellent at advancing security outcomes in the space.
Another benefit: maybe now that the acquisition is done, I'll get to cast more 😅
Thanks to everyone who has been super-supportive and understanding of my slow response times (especially @phil for single-handedly making the /books channel epic along with everything else he does) AND ALSO those who continue to talk to me even though my banger casts have been few and far between (honestly will leave that to @christin and @cameron from now on anyway)
And if you have any questions about the acquisition, feel free to DM! I like 1:1 chats :)
Securty in web3 Industry report is out via onether:
https://onether.notion.site/Security-in-the-Web3-Era-e516068bf9724047b2a3e0d75eaaefb9
Thanks @rareandro and @ioannis for contributing <3
https://onether.notion.site/Security-in-the-Web3-Era-e516068bf9724047b2a3e0d75eaaefb9
Thanks @rareandro and @ioannis for contributing <3
I have been waiting for 4 months after submitting a bug.
Result:
Result:
Last Week’s Security updates
Hacks 🐛
@astroport suffered a $6.4M exploit
@convergence suffered a $210K exploit
Education 📖
Ackee Blockchain Security introduced the Solana Auditors Bootcamp 2024
Solidity introduced the Underhanded Solidity Contest 2024
dev_chinmayf published “The risks of EIP-712”
Click and Subscribe for more details: https://web3builder.news/web3-builder-news-07-29-24/
Hacks 🐛
@astroport suffered a $6.4M exploit
@convergence suffered a $210K exploit
Education 📖
Ackee Blockchain Security introduced the Solana Auditors Bootcamp 2024
Solidity introduced the Underhanded Solidity Contest 2024
dev_chinmayf published “The risks of EIP-712”
Click and Subscribe for more details: https://web3builder.news/web3-builder-news-07-29-24/
Folks, repeat after me:
𝑻𝒐𝒌𝒆𝒏 𝒈𝒐𝒗𝒆𝒓𝒏𝒂𝒏𝒄𝒆 𝒊𝒔 𝒂𝒏 𝒂𝒏𝒕𝒊-𝒑𝒂𝒕𝒕𝒆𝒓𝒏
https://x.com/euler_mab/status/1817645749808889904
𝑻𝒐𝒌𝒆𝒏 𝒈𝒐𝒗𝒆𝒓𝒏𝒂𝒏𝒄𝒆 𝒊𝒔 𝒂𝒏 𝒂𝒏𝒕𝒊-𝒑𝒂𝒕𝒕𝒆𝒓𝒏
https://x.com/euler_mab/status/1817645749808889904