Hari Suthan
@codehari662
🔍 Smart Contract Auditor | Sharing daily audit insights & lessons 🛡️ Blockchain & DeFi security | Real bugs, real mistakes, real learning
❓ Question: What is the bug or risk in this code when used in a real production smart contract?
In my recent audit, I missed a subtle detail. ⚠️ The contract used: currentTime - userJoinTime But the docs said rewards should start only after the campaign begins: If a user joined before the campaign, the wrong formula gives extra rewards.
Imagine trying to buy a concert ticket… 🎟️ Your transaction is pending, someone sees it, jumps ahead, and buys it first. That’s front-running in smart contracts. Attackers see your tx → act first → gain an unfair edge or cause user loss. #Web3 #SmartContracts #DeFi
💡 Dev Tip: Before letting an external contract (like Uniswap) pull tokens, don’t forget approve()! Skipping it = failed txs & broken contracts. ✅ Small step, big safety. #SmartContracts #DeFi #BlockchainDev
My Recent Auditing Mistake 🔍 I flagged a missing blocklist check in a transfer function ❌. Later realized the token contract already enforced it in _beforeTokenTransfer ✔️. I just missed it. Lesson: Always check the full flow before calling something a bug.
United States Trends
- 1. Notre Dame 93.6K posts
- 2. Tulane 32.2K posts
- 3. Miami 414K posts
- 4. Redzone 11.1K posts
- 5. Daniel Jones 1,904 posts
- 6. #CFPRankings 2,323 posts
- 7. #HardRockBet 3,710 posts
- 8. Pearl Harbor 49K posts
- 9. ESPN 79.5K posts
- 10. #CFBPlayoff 10.5K posts
- 11. #HereWeGo 1,664 posts
- 12. Tee Higgins 3,086 posts
- 13. Aaron Rodgers 2,911 posts
- 14. Titans 15.3K posts
- 15. Texas 199K posts
- 16. Oregon 34.6K posts
- 17. Canes 14.7K posts
- 18. Brady Cook N/A
- 19. Ty Johnson N/A
- 20. Franz 5,570 posts
Something went wrong.
Something went wrong.