HE1M

😎

@0xTendency @HollaWaldfee100 @xiaoming9090 @WatchPug_ Try to explain the codebase for a person who doesn’t know anything about programming, then you will find out something in the middle of discussion that you were not looking at before. It helps to see the codebase from different points of view.

How do you handle a situation where you've been auditing a codebase for an extended period, but can't seem to be able to spot any issues? Tag your favourite researchers 👀👀 @HollaWaldfee100 @xiaoming9090 @0xHE1M @WatchPug_

@MaLucasBC Great to hear that!

@0xHE1M Thanks for the inspiration of this example. I successfully constructed the early return constructor contract with immutable variables by referring to this trick of yours. (*^▽^*) github.com/source-code-sc…

In continuation of Immutables story: They can be initialized more than once or left uninitialized if using the modifier in constructor. In other words, by using modifiers we can run the function (to which the modifier is applied) more than once or even skip it. @solidity_lang

@MaLucasBC True!

@0xHE1M The trinomial operator as well as inline assemblies also allow for assignments more than once. But this is just something that can be used as a trick to implement immutable that can be assigned arbitrary type.

Did you know that IMMUTABLE variables can be initialized **more than once** or even left **uninitialized** (assigning default value)?

I submitted a critical theft of NFTs to a protocol a couple weeks ago. A user can steal an NFT that they had previously deposited that is later deposited by another user. 1) attacker deposits NFT into protocol 2) attacker approves himself as an operator 3) attacker withdraws and sells the NFT 4) new NFT owner deposits 5) attacker can steal Sadly, this was downgraded to high because of the conditionality and that no NFTs were currently at risk of theft. Even sadder, the project only offers rewards for critical severity bugs 😖 Immunefi mediated and confirmed that the project took the correct action. I understand the viewpoint and respect immunefi’s mediation, but have been asking myself: Should I have deposited an NFT myself and then withdraw and transfer to create a valid theft scenario?? I’d like to not have to do this but it seems like some projects only care if currently exploitable funds exist. What do you think?

@usmannk Had the same experience unfortunately!!!

Remember that projects can simply not pay, whitehat. Should I drop the writeup?

Attack scenario: - The whitehat reports the finding. - The project is unresponsive. - @immunefi removes it from the platform. The project is the winner, and the whitehat is the loser!!!

@Smacaud1 @0xriptide @immunefi Are you talking about? etherscan.io/address/0x03fd…

@0xriptide @0xHE1M @immunefi That's unfortunate. It is high time that @immunefi implements escrow-like features, where bounties are deposited. When a bug is found, there should be an intermediary between the white hat and the Protocol team

1) launch bug bounty 2) get bug reports 3) don't pay out 4) milk it until @immunefi kicks your protocol off the platform protocol wins hackers lose

Example 2: In the following code, the body of constructor will be run twice. Each time, a new value will be assigned to the immutable x (0 is assigned in the first time, 7 is assigned in the second time). So, the values of firstValue and secondValue will be 0 and 7, respectively.

Example 1: In the following code, the body of constructor will be skipped, so the immutable x will be left uninitialized. So, it will have default value of 0 instead of 1.

@akshaysrivastv It is fixed in 0.8.20

Another way to keep the IMMUTABLEs uninitialized is to initialize them in a failing "try { }" block In this example the "try" call always fails leaving the immutable var to be uninitialized (set as 0)

Interestingly, if you insert the parameter _counter higher than 10, the code inside FOR loop will not be reached, so the immutable variable ImmVar will be uninitialized and will have the default zero value.

@DevABDee No, it is just insane without any use case!

@0xHE1M Hmmm, nice. Wondering whats the use case is 🤔 have you found this in any protocol's contract sir?

Thanks @code4rena Great project @zksync