•NFTPD• (@projectnftpd) 's Twitter Profile
•NFTPD•

@projectnftpd

Some platypuses that think web3 needs a little more safety.

ID: 1593031050430746624

linkhttps://nftpd.org calendar_today16-11-2022 23:59:44

1,1K Tweet

2,2K Takipçi

365 Takip Edilen

•NFTPD• (@projectnftpd) 's Twitter Profile Photo

Clipboard Hijack Copy wallet. Paste wallet. It’s not your wallet. Malware swaps addresses. Always check first & last characters. #Web3Security

Clipboard Hijack

Copy wallet.
Paste wallet.
It’s not your wallet.

Malware swaps addresses.
Always check first & last characters.

#Web3Security
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Insufficient Access Control Discovered: Private function goes public, trust shattered. Code Evidence: `pragma solidity ^0.8.0; contract TrustFund { address private owner; uint256 private totalFunds; constructor() { owner = msg.sender;

[Detective Log] Case: Insufficient Access Control
Discovered: Private function goes public, trust shattered.
Code Evidence: `pragma solidity ^0.8.0;

contract TrustFund {
    address private owner;
    uint256 private totalFunds;

    constructor() {
        owner = msg.sender;
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Reentrancy Discovered: Money drains twice as fast when you forget to lock the door. Code Evidence: `contract SimpleBank { mapping(address => uint) private balances; bool private locked; function withdraw(uint _amount) public { require(balances[msg.sende

[Detective Log] Case: Reentrancy
Discovered: Money drains twice as fast when you forget to lock the door.
Code Evidence: `contract SimpleBank {
 mapping(address => uint) private balances;
 bool private locked;

 function withdraw(uint _amount) public {
 require(balances[msg.sende
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Reentrancy Discovered: A deadly twist of recursive greed within an innocent-looking fallback function. Code Evidence: `contract Vulnerable {\n mapping(address => uint) public balances;\n \n function withdraw(uint _amount) public {\n require(b

[Detective Log] Case: Reentrancy
Discovered: A deadly twist of recursive greed within an innocent-looking fallback function.
Code Evidence: `contract Vulnerable {\n    mapping(address => uint) public balances;\n    \n    function withdraw(uint _amount) public {\n        require(b
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

Bookmark Malware Scam sites ask: “Bookmark us for quick access.” Later… that bookmark runs code. Not a shortcut — a trap. Only bookmark legit domains. #Web3Security

Bookmark Malware

Scam sites ask:
“Bookmark us for quick access.”

Later… that bookmark runs code.
Not a shortcut — a trap.

Only bookmark legit domains.

#Web3Security
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Integer Overflow Discovered: Overflow Bandit Strikes: Unsuspecting Contract Bleeds Funds Code Evidence: `pragma solidity ^0.8.0; contract OverflowBandit { mapping(address => uint256) public balances; function deposit() public payable { bala

[Detective Log] Case: Integer Overflow
Discovered: Overflow Bandit Strikes: Unsuspecting Contract Bleeds Funds
Code Evidence: `pragma solidity ^0.8.0;

contract OverflowBandit {
    mapping(address => uint256) public balances;

    function deposit() public payable {
        bala
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Unchecked External Call Discovered: A rogue function opened the backdoor to chaos in a smart contract. Code Evidence: `function externalCall(address _to, uint256 _amount) public { require(_to.call.value(_amount)()); }` Field Note: In a world where shadow

[Detective Log] Case: Unchecked External Call
Discovered: A rogue function opened the backdoor to chaos in a smart contract.
Code Evidence: `function externalCall(address _to, uint256 _amount) public {
    require(_to.call.value(_amount)());
}`
Field Note: In a world where shadow
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Reentrancy Discovered: Infinite Minting by Design Code Evidence: ` contract InfiniteMinter { mapping(address => uint256) public balances; bool private locked; function mintToken(uint256 _amount) public { require(!locked, "ReentrancyGuard

[Detective Log] Case: Reentrancy
Discovered: Infinite Minting by Design
Code Evidence: `
contract InfiniteMinter {
    mapping(address => uint256) public balances;
    bool private locked;

    function mintToken(uint256 _amount) public {
        require(!locked, "ReentrancyGuard
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Reentrancy Attack Discovered: The ole' double-dip blues: a slick reentrancy trick in the PaymentHandler contract lets crafty crooks keep withdrawing funds beyond their balance. Code Evidence: `function withdraw(uint _amount) public { require(balances[msg

[Detective Log] Case: Reentrancy Attack
Discovered: The ole' double-dip blues: a slick reentrancy trick in the PaymentHandler contract lets crafty crooks keep withdrawing funds beyond their balance.
Code Evidence: `function withdraw(uint _amount) public {
    require(balances[msg
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

Compromised QR Codes Posters. Flyers. Conference booths. “Scan to mint.” Looks harmless. One scan = wallet drainer. Never scan random QR codes. #Web3Security

Compromised QR Codes

Posters.
Flyers.
Conference booths.

“Scan to mint.”
Looks harmless.
One scan = wallet drainer.

Never scan random QR codes.

#Web3Security
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Reentrancy Attack Discovered: The Double Dip Debacle Code Evidence: `contract VulnerableBank { mapping(address => uint) public balances; function deposit() public payable { balances[msg.sender] += msg.value; } function withdraw(uint

[Detective Log] Case: Reentrancy Attack
Discovered: The Double Dip Debacle
Code Evidence: `contract VulnerableBank {
    mapping(address => uint) public balances;

    function deposit() public payable {
        balances[msg.sender] += msg.value;
    }

    function withdraw(uint
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Unchecked Delegation Discovered: When the loyalty of code can be bought for a handful of gas, chaos ensues. Code Evidence: `contract Delegation { address public owner; function Delegation() public { owner = msg.sender; } function forward(address

[Detective Log] Case: Unchecked Delegation
Discovered: When the loyalty of code can be bought for a handful of gas, chaos ensues.
Code Evidence: `contract Delegation {
  address public owner;
  function Delegation() public {
    owner = msg.sender;
  }
  function forward(address
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

Our portal gives you an opportunity to talk to Walter and hear what his opinions are on safety and security and how we will better the space, connect your account and chat with him! #Web3Security

Our portal gives you an opportunity to talk to Walter and hear what his opinions are on safety and security and how we will better the space, connect your account and chat with him!

#Web3Security
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Reentrancy Discovered: Phantom Withdrawals in the Midnight Club Code Evidence: `contract MidnightClub { mapping(address => uint) public balances; bool locked; function deposit() public payable { balances[msg.sender] += msg.value; }

[Detective Log] Case: Reentrancy
Discovered: Phantom Withdrawals in the Midnight Club
Code Evidence: `contract MidnightClub {
    mapping(address => uint) public balances;
    bool locked;

    function deposit() public payable {
        balances[msg.sender] += msg.value;
    }
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Unhandled Exception Discovered: A slip in the solidity code, thrown into chaos by an unhandled exception. Code Evidence: `contract ShadyDeal { function executeDeal(address payable recipient, uint amount) public { require(amount > 0, "Amount must

[Detective Log] Case: Unhandled Exception
Discovered: A slip in the solidity code, thrown into chaos by an unhandled exception.
Code Evidence: `contract ShadyDeal {
    function executeDeal(address payable recipient, uint amount) public {
        require(amount > 0, "Amount must
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Reentrancy Attack Discovered: An insidious reentrancy flaw in a DeFi protocol allowed a rogue to drain half a million in a single night. Code Evidence: `function withdraw(uint _amount) public { require(balance[msg.sender] >= _amount); (bool success,) = msg

[Detective Log] Case: Reentrancy Attack
Discovered: An insidious reentrancy flaw in a DeFi protocol allowed a rogue to drain half a million in a single night.
Code Evidence: `function withdraw(uint _amount) public {
 require(balance[msg.sender] >= _amount);
 (bool success,) = msg
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

[Detective Log] Case: Unchecked Call Value Discovered: The Trojan Airdrop Code Evidence: `function airdropTokens(address[] memory recipients, uint256 amount) public payable { for (uint i = 0; i < recipients.length; i++) { (bool sent, ) = recipients[i].call{value: am

[Detective Log] Case: Unchecked Call Value
Discovered: The Trojan Airdrop
Code Evidence: `function airdropTokens(address[] memory recipients, uint256 amount) public payable { 
    for (uint i = 0; i &lt; recipients.length; i++) { 
        (bool sent, ) = recipients[i].call{value: am
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

Malicious Wi-Fi Free airport Wi-Fi. Café hotspot. NFT conference Wi-Fi. Scammers run fake networks. You connect. They snoop. Avoid public Wi-Fi for wallets. #Web3Security

Malicious Wi-Fi

Free airport Wi-Fi.
Café hotspot.
NFT conference Wi-Fi.

Scammers run fake networks.
You connect.
They snoop.

Avoid public Wi-Fi for wallets.

#Web3Security
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

Phishing PDFs Email arrives. “Claim NFT drop — details inside.” The PDF looks normal. The link inside? Malicious. Never trust links hidden in files. #Web3Security

Phishing PDFs

Email arrives.
“Claim NFT drop — details inside.”

The PDF looks normal.
The link inside? Malicious.

Never trust links hidden in files.

#Web3Security
•NFTPD• (@projectnftpd) 's Twitter Profile Photo

Malicious Browser Pop-ups A random pop-up says: “Your wallet is disconnected — reconnect now.” You click. You’re compromised. Never connect through pop-ups. Always open your wallet manually. #Web3Security

Malicious Browser Pop-ups

A random pop-up says:
“Your wallet is disconnected — reconnect now.”

You click.
You’re compromised.

Never connect through pop-ups.
Always open your wallet manually.

#Web3Security