Spellcast
@spellcastwtf
Securing Web3 | Tweeting about smart contract security
You might like
A Solidity smart contract auditor that doesn’t know how the EVM works makes for a weak auditor. Here are 3 resources to get up to speed ↓ Pro-tip: Start high-level and then go deeper
In #Web3Gaming news: #SEGA teams up with @finschia Foundation! They plan on using Sega's iconic game IPs to create new web3 games! 🎮🌐🤝 We're almost there. folks! 🚀˚。⁺🪐༘⋆ ✩°。🌕
Infinite approvals… the ultimate leap of faith. Users of @SocketDotTech's Bungee bridge lost a total of $3.3M yesterday thanks to a known vector. Have you checked your approvals lately? rekt.news/socket-rekt/
Looking forward to this
Tomorrow I am going to interview the @code4rena OG Warden and Lookout @0xSorryNotSorry. It's going to be an inspiring interview full of insights, especially because he doesn't come from a tech-heavy background! What would you like me to ask him?
Looking for new Ethereum items to learn? Here are some ideas: • Latest Ethereum EIPs: EIP-6541, EIP-6963 • New Ethereum opcodes: CREATE ABL - Always Be Learning
Secret weapon Web3 devs have over Web2 devs: Open source codebases This means that whenever a Web3 dev is building a project, they can find an open source codebase to either fork or get inspiration from. Web2 devs do not have this luxury, so don’t squander it as a Web3 dev.
Ever wondered how SushiSwap works? Here’s a deep-dive analysis of the algorithm: medium.com/coinmonks/anal…
Base Layer 2 launched by Coinbase has overtaken Optimism in daily active users Definitely keep an eye on it 👀 But most importantly, be aware of scams and rugpulls We’ve been seeing a lot of those
Web2 engineers looking to get into Web3 engineering must first understand the architectural differences This figure shows the difference between centralized architecture (Web2) and decentralized architecture (Web3)
The crazy thing is that if a security auditor does not understand your protocol Their recommendations can actually introduce new bugs into the codebase This is why you must do your research on the auditors and consider getting multiple audits Always opt for more eyes on code👀
Be careful with the Twitter X rebrand Social media scams have been growing in popularity. These days, hackers are exploiting the Twitter rebrand, using fake emails and too-good-to-be-true deals to lure projects into clicking their phishing links. Keep your social medias safe
Bookmark this
What powers my solo smart contract security audits: - Github - VS Code - Manual reading through code - Blackhat mindset - Communication with devs What doesn't: - Complex processes - Systems & code tools - Artificial Intelligence Start simple. Add complexity later (maybe).
Solidity engineers and auditors alike Remember, upgrading smart contracts can introduce new bugs, potentially putting millions at risk. Check out Diffusc A differential fuzzer created by Trail of Bits, that compares two smart contracts to uncover any unexpected changes.
ERC-6551 Familiarize yourself with this new standard It’s an interface and registry for smart contract accounts owned by NFTs. Many projects are adopting it as it allows NFTs to own assets + interact with apps, without requiring changes to the existing smart contracts.
Ever wonder how NFTs are stored on Ethereum? Here’s a technical deep dive that covers how it happens levelup.gitconnected.com/technical-deep…
Many technical folks are still getting into the Web3 space Even in a crypto bear market 💪 Here’s a solid Web3 study list put together by @s3rgiomazari3go: sergiomazariego.notion.site/sergiomazarieg…
Deep dive into EVM with these resources.
A Solidity smart contract auditor that doesn’t know how the EVM works makes for a weak auditor. Here are 3 resources to get up to speed ↓ Pro-tip: Start high-level and then go deeper
Post audit security This is becoming more and more important as the number of hacks on audited projects increases. How can you protect your smart contracts after launch? Make sure to set up a bug bounty program and look into Forta for automated network monitoring.
United States Trends
- 1. Epstein 512K posts
- 2. Steam Machine 17.2K posts
- 3. Virginia Giuffre 23.3K posts
- 4. #NASDAQ_NXXT N/A
- 5. Rosalina 54.1K posts
- 6. Boebert 7,564 posts
- 7. Valve 13.1K posts
- 8. Steam Frame 12.3K posts
- 9. Brie Larson 19.8K posts
- 10. H-1B 84.7K posts
- 11. Bowser Jr 16.7K posts
- 12. The Devil Wears Prada 2 36.7K posts
- 13. AJ Brown 7,424 posts
- 14. #NASDAQ_MYNZ N/A
- 15. Michael Wolff 11.9K posts
- 16. SteamOS 2,580 posts
- 17. Steam Controller 10.8K posts
- 18. Steam Deck 5,621 posts
- 19. GabeCube N/A
- 20. Jeezy 11.6K posts
You might like
-
Radoslav Radev
@radev_eth -
Mr Anon
@ShieldifyAnon -
Kiki
@Kiki_developer -
0xasen
@asen_sec -
Jeff Security
@jeffsecurity -
Cyfrin Solodit 🟪
@SoloditOfficial -
Saksham | Zokyo
@SakshamGuruji -
Martin
@ShieldifyMartin -
dravee.eth
@BowTiedDravee -
0xnevi
@0xnevi -
OpenSense ₿
@opensensepw -
Bloqarl | Zealynx
@TheBlockChainer -
nirlin
@0xnirlin -
BK | ⌘
@BKWeb3 -
Arabadzhiev
@arabadzhiev_
Something went wrong.
Something went wrong.