Programming Bao
@ProgrammingBao
Co-founder and programmer of @theramennft. Blockchain Security Geek
Bạn có thể thích
Requesting $ETH funds from the #Stakely Faucet on the Ethereum Holesky Testnet blockchain. Request ID: OLCSKZUH stakely.io/faucet/ethereu… .
THANK YOU. Your tolerance and support of me here on X by just interacting with my postings and subscribing if you care to here or my very long form at ReadMultiplex.com helps pays for this. I ain’t got no one else. I love you folks. Gratitude.
Folks, I think we have done it! If overnight tests are confirmed we have OPEN SOURCE DeepSeek R1 running at 200 tokens per second on a NON-INTERNET connected Raspberry Pi. A full frontier AI better than “OpenAI” owned fully by you in your pocket free to use! I will make the Pi…
🌐 Work from anywhere, anytime! 🏖️ CodeCall lets you choose projects, work remotely, and get paid for your contributions. One-click GitHub signup makes it a breeze! 🌬️💨 Join us today! 💪 #RemoteWork #Developers #TechTrends #DigitalNomad #CodingLife
🚀 Hey Developers! Join CodeCall—where skill meets opportunity. Work on impactful projects, earn rewards, gain XP, and climb the leaderboard to get noticed by top companies. One-click signup, no email needed! 🔗 Compete. Learn. Earn. #DevCommunity #Programming #Developer
🚀 Code, Compete, Get Paid—It’s That Simple! 🚀 Earn more, get hired faster, and work on real projects with top businesses. Join us and make your skills count. Launching in October! #TechJobs #DevCommunity #TechCareers #Remotework #codinglife
Startup allowing devs to contribute code and get paid Like bug bounties but for development Launching soon with some MERN based projects with bounties ranging from €5,000 to €160,000 discord.gg/UNdgzxZEJq codecall.xyz
discord.com
Join the Code Call Discord Server!
Connect, collaborate, and grow with top engineers. Dive into projects, earn rewards, and be part of our community. | 634 members
These days, we've managed to uncover a Critical issue stemming from misunderstandings about who is the msg.sender in a nested Uniswap call, all thanks to @TenderlyApp. If you find yourself needing to debug a transaction with numerous nested functions in external contracts,…
If you are doing a smart contract security audit and see this `require(token.balanceOf(address(this)) == ….` You’ve most probably found an issue. Anyone who can get 1 wei worth of `token` can send it to the contract as a front-run attack, forcing the method call to revert
If you deploy smart contracts on multiple chains like Ethereum, Arbitrum, Polygon, Optimism and others you would greatly benefit from this resource. GJ @0xJuancito github.com/0xJuancito/mul…
Special `try-catch` case from Solidity's docs: If the return data decoding throws an error it is not caught by the `catch` block.
My learning technique has always been "just read 10 articles or watch 5 videos on the topic or more until you understand it" You can go very far with just this, especially by remembering that whatever is hard for you is in most cases hard for others as well
In smart contracts, whenever you see ">" (or "<") check that it shouldn't actually be ">=" (or "<=") and vice versa. Off-by-one errors are quite common and can result in a High severity vulnerability. Every experienced security researcher has caught such a bug at least once✌️
Your code might have a critical severity vulnerability, allowing an attacker to steal 100% of the TVL. This is your daily reminder to check each division in your application (especially when it comes to pool/vault shares math) and make sure it rounds down/up AGAINST the user.
Common smart contract attack vector? Flawed/missing input validation. For every `external/public` method check that each of its parameters is sufficiently validated, for example that a `uint256` isn't too small or too big. By just doing this you'll find many bugs as an auditor
Good place to look for smart contract bugs - duplication of code and reimplementation of the same business logic. Often in such code there can be discrepancies/differences, where one part of the code has an important check which is missing in the other. Possibly a Critical bug✌️
Exclusion from this rule is when the `payable` function actually forwards the `msg.value` directly to some recipient
First thing you MUST check when you see a smart contract that has a `payable` function is if the native asset can be withdrawn from it. Imagine deploying a contract, accruing hundreds of ETH of value in it and not being able to withdraw them. Critical severity vulnerability
One of the best ways to learn about previous smart contract hacks, understand them in depth and read the code with which the attack can be executed? Here it is, 10/10 resource github.com/coinspect/lear…
If you are auditing a smart contract and see math calculations for the slippage parameter to be passed to a swap operation, it is highly likely this is a Medium/High severity issue. Slippage parameters should only be calculated off-chain, because of possible sandwich attacks
Allowing deposits and withdraws in the same block for a staking/vault mechanism can be dangerous. An attacker can use a flashloan to deposit a large amount of tokens and withdraw them in the same block, simultaneously claiming the reward accrued (if any), essentially stealing it
United States Xu hướng
- 1. Good Saturday 21.8K posts
- 2. #SaturdayVibes 3,101 posts
- 3. Emiru 10.6K posts
- 4. Ohtani 234K posts
- 5. #dominATE_celebrATE 60.3K posts
- 6. #saturdaymorning 1,533 posts
- 7. World Series 65K posts
- 8. Massie 35.8K posts
- 9. Babe Ruth 3,815 posts
- 10. Carson Beck 17.1K posts
- 11. #HeartofTaehyung 48.3K posts
- 12. Louisville 29.4K posts
- 13. FDV 5min 3,077 posts
- 14. #Dodgers 27K posts
- 15. No Kings Day 48.8K posts
- 16. TOP CALL 10.1K posts
- 17. AI Alert 8,713 posts
- 18. George Santos 93.8K posts
- 19. Nebraska 17.7K posts
- 20. Talus 15.6K posts
Bạn có thể thích
-
Amresh.eth 🔴
@amresheth -
Exceed
@0xExceed -
Cape 👊
@heycape_ -
DefiWiz
@Defi_Wiz_ -
TFG
@TFGmykL -
Rex Woodbury
@rex_woodbury -
Prysm Ethereum Client
@prylabs -
TMC - The Marketing Collage
@TMC_collage -
owl.ron
@OwlOfMoistness -
Solana (NFT, Memecoin, Airdrop) Radar
@solnftradar -
the littles
@thelittlesnft -
Kumo x World 🌈
@kumoxworld -
Dragon World
@DragonWorld__
Something went wrong.
Something went wrong.