Can you spot the bug that lets an attacker drain all the funds? This contract looks simple, but there's a exploit hiding in plain sight. Credits to The Ethernaut by OpenZeppelin. Why is it vulnerable, and how would you exploit it? If you enjoy the challenge, we'll post more

📌 Accounting that relies on .balance may be vulnerable to this attack 🧐

📌

Imagine this: 🔹 Alice approves Bob to spend 5000 tokens 🔹 She later lowers it to 2500 🔹 But Bob front-runs her tx and drains all 5000 before the new approval lands Why? We tested this on a live contract (Vether4) using a Foundry mainnet fork. What we found was a classic

I’ve been asked this so many times that I decided to turn it into an EthCC - Ethereum Community Conference talk See you there! ☀️

Sigma Prime is hiring 🚀 We’ve just added 3 roles to our GitHub - Blockchain Security Intern - Rust Engineer - DevOps Engineer Help shape the future of web3 with us 👇

We will be taking on 3-4 security interns this round. 6-8 weeks paid internship. I will be acting as one of the mentors Apply here

We’re incredibly proud of M3D's performance in the Sherlock-Burve audit (SHERLOCK). He placed 8th overall and uncovered 3 of the final 9 validated vulnerabilities. But the most impressive thing is how he got there and the things he learned. In his first major

Why do protocols bring in 2, 3, or even 5 audit firms? Let's compare a protocol to a building project. You wouldn’t trust just one engineer to check the entire structure. You’d want the electrical system checked separately, structural integrity reviewed, and plumbing

LEND.finance | Testnet...$ETH $BASE $S $MONAD jokr rajeshkotaru Fred Oliveira 🧠 h2134 trtrth t.aksoy Aman Khan 🔊 Xiaoming9090 Patitonar zxriptor Kirkeelee Waydou newspace wickie Zurab Anchabadze heavyw8t 0XEL MIGUEL Obakeng mussucal Zero TheWeb3Mechanic Tigerfrake Dystopia 😈 DemoreXTess Frank Hecker Sarvesh Limaye | sarveshlimaye.eth ifeco445 🏆 LEND.finance | Testnet...$ETH $BASE $S $MONAD Audit Contest Results 🏆 46. zraxx - $43 47. 0xpetern - $43 48. The Real Fade - $42 49. hard1k - $41 50. Mario - $39 51. chaos304 - $37 52. M3D - $36

Excited to share my results from the Sherlock audit contest for LEND! Ranked #52 out of 517, with some solid findings. Always learning and growing! #blockchainsecurity #auditing

Tonight ret2basic.eth shared dacian's repository with me: github.com/devdacian/ai-a…. This reminded me that perhaps fine-grained checklists are also the direction for the future. Some checklists can be used for overall scanning, some should be specifically used for invariant

I'm looking to deploy $100,000 USDC as an angel investor in July. I love to invest into projects where we partner up and my team handles their security as well! Did this back in April, invested ~$60k. Please like/RT to help me reach great builders. Pre-seed/seed only, DM me🫡

Great new results from the Sherlock audit contest for Dodo! Ranked #39 out of 471, with an excelent finding. Always pushing forward! #blockchainsecurity #auditing SHERLOCK DODO

Finding a solo medium on a competition. 🥲

🎂 Today is my 1 year work anniversary as a SR! In that time, I have: - 💰 Earned ~$200k - 🏆 Won 1st place on 2 audit competitions - 🪐 Joined the Cantina fellowship - 🤝 Landed my first solo client - 👨‍⚖️ Became a judge - 🧠 Completed my first Spearbit audit - 🐛 Found my first

📌 Precision gas control can turn logic failures into profits. Be careful🫡

If you're a founder of a DeFi protocol and are nearing deployment, but you don't trust the work your developers are doing, we can help you. Thanks to our broad knowledge and expertise, we can assist you if you find yourself in such a situation. We will: 1. Conduct a

It's now or never guys. I've decided to challenge myself and I'm glad that SHERLOCK made this opportunity for me to audit the neutrl protocol codebase. I humbly accept this challenge Spearbit Mike Leffer 🙏🏿

Deep dive into Curve Finance: Core Mechanics, Security, and Integration Insights zealynx.io/blogs/curve-fi… credits to M3D