🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

funny how power works

Findings bugs in smart contract proxy upgrades with reasoning models: 1) monitor Upgraded(address implementation) events 2) call eth_getStorageAt(proxy, eip1967.proxy.implementation) at the block before the upgrade to get old implementation 3) forge clone old impl address 4)

The response from GitHub on my report for this was super fast! The account was banned within 30 minutes 🙌

🚨 ALERT: A rise in scam emails impersonating Coinbase and Gemini has been reported by crypto users, with scammers attempting to trick recipients into setting up wallets using pre-generated recovery phrases that the scammers control. Stay vigilant!

Announcing AR’s Intern Program We’re launching an intern program that’s hands-on, high-impact, and fully remote. Looking for security research types who are curious, skilled, and ready to work on security challenges that matter ↓

So, it turns out that the Nick L Franklin account was run by DPRK, tied to the Radiant attack, and attempting to hack security researchers. If anyone has conversation screenshots, I'd encourage sharing them. If you haven't screenshotted yet, they have probably been deleted. 🧵

gm Ethereum ☀️ It is our great honor to announce the mainnet launch of Privacy Pools! ETH users can now achieve on-chain privacy, while still dissociating from illicit funds It is now up to all of us to Make Privacy Normal Again 🫡 More info in this thread 👇

excited to share that Rekt News is now fully on-chain via Lens chain Lens Chain — you can now collect, comment, and like articles directly on-chain. dashboard and profile features are on the way, letting you track points for future rewards and perks. don’t forget to engage (it’s capped)

I encountered a malicious npm package and decided to look into what it does. Here is what it does and what you can do to protect yourself 🧵

I've noticed that scammers have started buying old abandoned defi domains to replace the frontend with drainers so if you're going to some dead defi project to withdraw some money you put there and forgot about, be careful about that

Save this post if you've been scammed or hacked!!! First things first, you should contact: t.me/seal_911_bot, or Rasit Tavus • Next, for recovering the rest (untouched assets) please use: hackedwalletrecovery.com made by BuidlGuidl.eth ; • Or this tool: app.buidlguidl.com/build/yIj6q9TZ…

Check out the new Ethereum Trillion Dollar Security initiative which aims to improve security in all areas for the Ethereum Ecosystem! :) If you're interested in chatting about this, have some suggestions or ideas then don't hesitate to reach out.

⚡Electisec has shaped many security gigabrains… but we're not done! We're soon kicking off our Smart Contract fellowship to find the next set of security superstars, and we invite you to be a part of this trial-by-fire program. Think you’ve got what it takes? Details below!

We retrieved every contract on Ethereum. Along the way, we found the exact date when 16,000 unique contracts were deployed (the most in one day), the EOA with the most deployed contracts (2.9M), and much more. This is how we did it.🧵 (Spoiler: It’s 69,788,231 contracts!)

This is one of the best playlist to learn about ethereum clients & start contributing to the core code by Ethereum Follow Protocol | efp.eth (link in comment ↓)

One of the beauty of using EIP-7702 is that you can rescue all funds from a compromised wallet using a paymaster and a friendly delegator. There is _no need_ to send ETH to the compromised wallet at all! I decided this morning to write and open-source a fully-fledged Bash script

This is one of the coolest crypto stories I've seen in a while. khalo was trying to bridge his funds from an Ethereum to Base. But he was using an old version of Safe that wasn't multi-chain. To his surprise, he couldn't access the funds after he bridged them onto Base.

So, how can you protect your contracts? ✅ Deploy + initialize in a single tx ✅ Use _disableInitializers() in logic constructors ✅ Never write to legacy proxy slots ✅ Use ERC-7201 namespaced storage ✅ Simulate upgrades + diff storage (forge inspect)

Today, auditors put their money where their mouth is. Announcing, Guardian Defender. → Post-audit bounty coverage, funded by Guardian. → 30-day contest to find critical bugs in the Guardian-secured codebase. The first $100,000 Defender contest with Ethena Labs is live!

dip again. 😂 Keep building!