212585
ndx π
@ndx.eth #212585
founder dragonscale.xyz ens.auction harvest.art β’ solidity / nextjs / web3 developer β’ X: netdragon0x
937 Follower 316 Following
This week I built / deployed v4 of Harvest.art with @base support!
It's a major update I've been working on over the last 5-6 months that I hope people find really easy to use when offloading NFTs. It also includes features like EFP (Ethereum Follow Protocol) support and a unique reward system for onchain auctions.
It's a major update I've been working on over the last 5-6 months that I hope people find really easy to use when offloading NFTs. It also includes features like EFP (Ethereum Follow Protocol) support and a unique reward system for onchain auctions.
Solid ENS names available this weekend on ens.auction.
If you haven't tried it yet, what are you even doing?
If you haven't tried it yet, what are you even doing?
Smart contract (Solidity) bug bounty: review the upcoming Harvest.art v3.1 contracts for vulnerabilities. While the original contracts have been well tested, this update includes significant new features.
Only medium-severe Solidity issues will be considered (e.g. reentrancy, denial of service, balance manipulation, etc). Exploits should include a PR in a forked repo w/ a failing exploit test in the appropriate test file.
Suggested areas of focus:
- Harvest.sol: ERC20 support
- Auctions.sol: reentrancy
- Auctions.sol: outbidding rewards
- Auctions.sol: reward distribution
- Auctions.sol: loss of user funds
- Auctions.sol: stuck auctions
Out of Scope:
- BidTicket.sol
- Deployment scripts
- Minor gas optimizations
Github: https://github.com/x3labs/harvest-art
1.0 ETH total reward pool
Deadline 08/24/2024
@bountybot
Only medium-severe Solidity issues will be considered (e.g. reentrancy, denial of service, balance manipulation, etc). Exploits should include a PR in a forked repo w/ a failing exploit test in the appropriate test file.
Suggested areas of focus:
- Harvest.sol: ERC20 support
- Auctions.sol: reentrancy
- Auctions.sol: outbidding rewards
- Auctions.sol: reward distribution
- Auctions.sol: loss of user funds
- Auctions.sol: stuck auctions
Out of Scope:
- BidTicket.sol
- Deployment scripts
- Minor gas optimizations
Github: https://github.com/x3labs/harvest-art
1.0 ETH total reward pool
Deadline 08/24/2024
@bountybot
so glad i lost the artificial turf argument so i could spend the next 7 years being told that our grass is dying and i should look into it
gm. letβs get it, ape fam.
this may be best for L3s (app chains), but I want a special wallet mode where, say, you only need to approve a contract once per session⦠and subsequent session transactions require zero confirmation popups.
e.g. play a game and every tx is seamlessly signed behind the scenes to avoid tx signing fatigue
e.g. play a game and every tx is seamlessly signed behind the scenes to avoid tx signing fatigue
google docs is behind the times
healthy eatin'
doing my part.
My /dad-jokes streak arc has begun, so Iβm gonna start off with my best dad joke that absolutely everyone thinks is funny:
New update, who dis? Get in before Friday.
this would probably be the best channel to streak in
it would probably feel way more natural
it would probably feel way more natural
Anyone else have issues with RainbowKit and prefetch next/link? I had to switch everything to <a> instead of <Link> to fix an issue with wallet not being connected on prod. prefetch seems to be the likely culprit. Is there an easy way to get back that prefetch speed?
Thanks to everyone who helped test the next version of @ensauction!
π₯ π₯ π₯ on the leaderboard received 30k, 20k, and 10k $DEGEN and I also fired off a few payloads of 5k $DEGEN to users with feedback I found helpful both on the bounty page and in my DMS: @intensodefi, @lorenzo-007, @gabrieltemtsen
On the smart contract side, @cooki had a great find with what would have been a very annoying exploit, and I've sent him 0.33 of the ETH pool.
I also sent @thenumb.eth 0.1 ETH for being the first to discover "Buy Now" could be called directly from the seller wallet. While there's no great way to truly protect from sybil attacks, that was dumb thing for me to miss.
ETH bug bounty will stay open for now for sleuths that are still testing.
Thanks all!
π₯ π₯ π₯ on the leaderboard received 30k, 20k, and 10k $DEGEN and I also fired off a few payloads of 5k $DEGEN to users with feedback I found helpful both on the bounty page and in my DMS: @intensodefi, @lorenzo-007, @gabrieltemtsen
On the smart contract side, @cooki had a great find with what would have been a very annoying exploit, and I've sent him 0.33 of the ETH pool.
I also sent @thenumb.eth 0.1 ETH for being the first to discover "Buy Now" could be called directly from the seller wallet. While there's no great way to truly protect from sybil attacks, that was dumb thing for me to miss.
ETH bug bounty will stay open for now for sleuths that are still testing.
Thanks all!
I let someone know their [firstname].eth was available with low premium instead of snagging it myself and trying to get them to buy it from me. What am I even doing?
a gas optimization story in two screenshots.
h/t to @Cooki who found a solid exploit for the @ensauction 1 eth bounty pool that's still going: https://warpcast.com/ndx.eth/0x3e2c5fcf
h/t to @Cooki who found a solid exploit for the @ensauction 1 eth bounty pool that's still going: https://warpcast.com/ndx.eth/0x3e2c5fcf
If any solidity devs have time to hunt for vulnerabilities this weekend, I'll put a 1 ETH bounty pool on the contract. Only interested in serious vulns that could result in loss of funds/balance/ENS names etc. No low/mid issues (e.g. saving gas). PR/demo or hmu plz.
Github: https://github.com/netdragonx/ens-auction-contract
Github: https://github.com/netdragonx/ens-auction-contract
Someone rolled up to our quiet street in the outskirts of San Diego at 1:30am and found my wifeβs car unlocked. He didnβt find anything to take so I think this is the right channel to cast in.
Help test the new version of @ensauction before it goes live!
Rack up some points on the leaderboard and send me some useful feedback. Earning points through bidding, selling, etc. will require some testnet ether on Sepolia. If you have more free time than I do this weekend you can even register some testnet ENS names to use on the site.
Testnet app: https://testnet.ens.auction
Sepolia faucet: https://www.alchemy.com/faucets/ethereum-sepolia
Variable Awards:
30k $DEGEN for π₯ on Leaderboard
20k $DEGEN for π₯ on Leaderboard
10k $DEGEN for π₯ on Leaderboard
5k $DEGEN for the most useful feedback
Deadline: 06/23/2024 8PM ET
@bountybot
Rack up some points on the leaderboard and send me some useful feedback. Earning points through bidding, selling, etc. will require some testnet ether on Sepolia. If you have more free time than I do this weekend you can even register some testnet ENS names to use on the site.
Testnet app: https://testnet.ens.auction
Sepolia faucet: https://www.alchemy.com/faucets/ethereum-sepolia
Variable Awards:
30k $DEGEN for π₯ on Leaderboard
20k $DEGEN for π₯ on Leaderboard
10k $DEGEN for π₯ on Leaderboard
5k $DEGEN for the most useful feedback
Deadline: 06/23/2024 8PM ET
@bountybot
"i have a truck. is this available?" is a superpower on craigslist et al