Public Audit Contest🎖️ While auditing 🧑💻 a codebase, after finding 🔎 a confirmed bug🐞, do not get over excited (like me 😉). Try to assess the maximum possible impact on the protocol as a whole. Write coded/narrative PoC and design an optimum and efficient mitigation strategy. This will increase the likelihood that your finding will be confirmed✅ and rewarded 🏆 gracefully . #blockchain #ethereum #evm #solidity #smartcontracts #web3security #web3community #web3education #web3technology
Waqas Muhammad’s Post
More Relevant Posts
-
Public Audit Contests Sometimes during the course of understanding a codebase 👨💻 , while reviewing the test suite and going through each test 🧪 one by one, attack 🚀 plans just pop up into the mind 🧠 . It actually happened to me last night 🌙, so I thought it would be better to share with you guys, so that you may accommodate this tactic in your audit methodology. 😊 #blockchain #ethereum #evm #solidity #smartcontracts #web3security #web3community #web3education #web3technology
-
-
Entrepreneur | Former CTO | Tech Expert | Passionate about Automations, and Business Trends | Telegram bot expert 🤖
Solidity Best Practice: Protecting Your Smart Contracts 🛡️ Security is critical in Solidity development. Here are key practices to keep your contracts safe: 🔹 Use onlyOwner Modifiers: Restrict sensitive functions to the contract owner. 🔹 Validate User Input: Use require() to prevent invalid transactions. 🔹 Avoid Hardcoded Addresses: Store contract addresses in state variables with setter functions. 🔹 Limit External Calls: Minimize reliance on external contracts to reduce attack vectors. Secure coding saves you from costly exploits! What’s your go-to security tip for Solidity? #Solidity #Web3 #Blockchain #SmartContracts
-
As I am getting more and more experienced as a Smart Contract Auditor, I noticed that I am relying more and more on fuzz and invariant testing. I don't know if this is good or bad. Because most of the times you need to think humanly and logically not randomly. However, a lot times bombarding a protocol's functionality with random inputs can give fruitful results. Let's start GRINDING friends!!!! #blockchain #ethereum #evm #solidity #smartcontracts #web3security #web3community #web3education #web3technology
-
-
🌈 What is Liquid Restaking? The primary advantage of #restaking is the reuse of $ETH in the #Ethereum mainnet. This can be done either in #liquidity staking #pools or wrapped #tokens on platforms that employ the Eigenlayer protocol. Through the services of #liquid restaking, EigenLayer transforms from a unique protocol into a whole #ecosystem, capable of constructing a conceptually new model for #blockchain application security. Key advantages of this approach include: 💥 Increased profitability from held $ETH. 💥 New ways to participate in #DeFi protocols. 💥 Incentives and rewards from all links in the liquid restaking #chain. One key driver of the growing interest in restaking is not only the increased staking percentage of $ETH but also the expectation of rewards from EigenLayer itself and #DeFi protocols such as Renzo, KelpDAO, EtherFi, Puffer.fi, Eigenpie, etc.
-
-
Hello hackerz!! Previously, I used to thoroughly study the docs, as a first step in my auditing process of a protocol. After completing the docs, I used to move onto the codebase and then start the review. But now I have changed this. Now I start with the codebase instead of docs and identify the entry points in smart contracts, user interacts with. Then along with following the codepaths I read the docs for that specific functionality. For me it works better. #blockchain #ethereum #evm #solidity #smartcontracts #web3security #web3community #web3education #web3technology
-
-
The only thing that annoys me as a full-time web3 smart contracts auditor and security researcher, is the delayed results of public audit contests. However, most of the times the delays are rationale and legit but eventually it hurts my cashflows 😭 #blockchain #ethereum #evm #solidity #smartcontracts #web3security #web3community #web3education #web3technology
-
-
Co-founder @Monadex Labs | Smart Contract Developer @Positions | Security Researcher | Computer Engineering Student
Currently trying to wrap my brain around liquid restaking with the Mellow protocol audit on Sherlock. With 2000 nSLOC, this is the largest codebase I've ever taken on. Plus, it integrates a lot of other protocols and services - including Chainlink, Lido, Symbiotic bonds, and Uniswap. #blockchain #audit #security #web3 #sherlock #mellowlrt #liquidrestaking
-
-
BACI Event with Hats Protocol – Recording Now Available! 🎥 Thank you once again to everyone who joined us at The Vault earlier this month for our insightful event featuring Nick Naraghi, CEO of Hats Protocol. It was an evening filled with valuable discussions on decentralized governance, DAO security, and the future of on-chain and off-chain integration. For those who couldn't attend or want to revisit the conversation, the full recording is now available! Watch as Nick shares how Hats Protocol empowers DAOs to enhance governance, streamline operations, and ensure compliance, making it an essential tool for today's digital asset ecosystem. We hope you find this recording as insightful as we did and look forward to more events with such impactful discussions. #BACI #HatsProtocol #DAOs #Governance #DigitalAssets #Blockchain #EventRecording #ThankYou
-
Implemented a 𝐓𝐢𝐦𝐞𝐋𝐨𝐜𝐤 contract The TimeLock contract enables users to securely deposit Ether and lock it for a specified period, ensuring funds are only accessible after a predetermined time. This contract is designed with security in mind, utilizing OpenZeppelin's 𝐒𝐚𝐟𝐞𝐌𝐚𝐭𝐡 library to prevent arithmetic overflow and underflow issues. #Solidity #BlockChain
-
