Sabitlenmiş Tweet
404 Bakery
77 posts
404 Bakery
@4O4Bakery
Ready to bake your new ERC-404! The first ERC-404 Deployer on Telegram. CA:0x44face2e310e543f6d85867eb06fb251e3bfe1fc
Katılım Ekim 2015
28 Takip Edilen1.1K Takipçiler
Reminder: Airdrop $BAKE Season 1 just started.🥐
Limited amount of entries, register now 👇
twtts.co/bV8c0kR
English
DN-404 is now integrated with $BAKE!
Our developers are always looking for new ERC-404 features, and DN-404 is made by the same team as the ERC-721A. With DN-404, you can deploy your ERC-404 optimizing gas as much as possible.
Bake is going to bake.
English
404 Bakery retweetledi
We recently added ERC-404 support to the #Binance Web3 Wallet.
New to how it works?
Answers here 👉 x.com/BinanceResearc…
Binance Research@BinanceResearch
ERC404 has taken the crypto sphere by storm. What is it and how does it work? A short thread on the basics 🧵
English
Dear community, what collaboration would you like to see in the near future? 🥐
$YES @yesmft
$AVATAR @AvatarERC404
#Defrogs @DeFrogs
#Pandora @Pandora_ERC404
$MNRCH @Monarch_ERC404
$WIF @dogwifcoin
$PORK @PorkCoinETH
#erc404 #ERC404NFT #ERC404专区
English
@Blast_L2 $BAKE 🤝Blast
$Bake Airdrop, which anyone is able to join. 🥐
Feel free to join our whitelist now, days before the airdrop launch ⤵️ ❤️
twtts.co/bV8c0kR
English
@Blast_L2 $BAKE 🥐Blast soon.
$Bake Airdrop is live now, which anyone is able to join. 🥐
Feel free to join our whitelist now, days before the airdrop launch ⤵️ ❤️
twtts.co/bV8c0kR
English
3000 teams have registered for the Big Bang competition.
Now, Final Submissions have opened to select the best (deadline Feb 16).
Winners will be promoted directly to 132,198 users and $1.6B TVL. tally.so/r/w4x40r
English
@bakery_404 $Bake Airdrop, which anyone is able to join. 🥐
Feel free to join our whitelist now, days before the airdrop launch ⤵️ ❤️
twtts.co/bV8c0kR
English
Due to $Bake listing on #MEXC next week, we're thrilled to announce our huge $Bake Airdrop, which anyone is able to join. 🥐
Feel free to join our whitelist now, days before the airdrop launch ⤵️ ❤️
#ERC404 #ERC404NFT
twtts.co/bV8c0kR
English
@0xQuit @0xCygaar @optimizoor @0xjustadev @PopPunkOnChain @AmadiMichaels $BAKE IS HERE! twitter.com/4O4Bakery/stat…
404 Bakery@4O4Bakery
Due to $Bake listing on #MEXC next week, we're thrilled to announce our huge $Bake Airdrop, which anyone is able to join. 🥐 Feel free to join our whitelist now, days before the airdrop launch ⤵️ ❤️ #ERC404 #ERC404NFT twtts.co/bV8c0kR
English
Introducing DN404: a solution to the critical issues arising from the newly popular "ERC404" tokens.
Huge shoutout to the all-star team who has worked around the clock for days to make this a reality:
@0xQuit
@0xCygaar
@optimizoor
@0xjustadev
@PopPunkOnChain
@AmadiMichaels
And a special thanks to our working group who offered feedback and suggestions. Your insights were crucial.
For a deep dive into some of the security concerns with ERC404, check out my earlier thread:
x.com/0xquit/status/…
This post will discuss them from a more high level.
ERC404 sought to merge ERC20 and ERC721 into a unified token standard. While it successfully integrates functionalities from both, issues arise in functions that are shared between the two standards, like transferFrom, which has been redesigned to behave differently based on parameter values.
This redesign birthed several critical vulnerabilities.
transferFrom requires 3 parameters: a source address, a destination address, and a number.
In ERC721, that number is a token ID.
In ERC20 it's an count of tokens (in wei).
The "standard" differentiates between which token path to use (ERC20 or ERC721) based on how large the number is, but protocols can't know that.
In the thread linked above, I outlined an exploit in which a user is effectively able to trick a contract into trading token dust (a tiny fraction of a penny) for an arbitrary number of 404 NFTs. This was a basic and contrived proof of concept, but the reality is that very many protocols currently live on mainnet that work in exactly this way. In fact, I found and reported the bug in the wild to more than one affected protocol, and they were thankfully able to disable the collection before it was exploited.
Perhaps an even simpler example is to consider a Seaport collection offer. You can accept a collection offer for any ID in the collection. ERC721 contracts with revert safely if attempting to accept an offer using a nonexistent ID, but in specific circumstances, a malicious user could accept a collection offer for `(minted + 1)` tokens, and again they are able to trade dust for multiple ether.
The crux of the issue lies in an attacker's ability to maliciously craft calldata to coerce a contract into conflating an NFT with ERC20 tokens given the arbitrary logic switch based on that singular numerical input.
CellMates' ERC20721 attempts to solve this issue by having a set range of ERC20 token supply (0-256), followed by an equal number of NFT IDs. Each token type has it's own namespace, and tokens are not divisible (1 token = 1 NFT). This eliminates the attack vectors above, but opens up a new one, which I discussed with the Cellmates team earlier today (it was a very productive conversation, shout out to them for being so receptive).
Imagine User A has NFT #257, and User B has NFT #258.
User B asks the vault to deposit 1 token, the ERC20 flow is correctly followed and User B properly receives 1 credit within the vault.
User A asks the vault to deposit 257 ERC20 tokens. transferFrom is called and ERC20721 routes it through the ERC721 logic, pulling token #257 to the vault. The call was successful, so the vault provides User A with 257 credits (after all, it asked for an ERC20 transfer).
Now, User A requests a withdrawal for 2 tokens. This is far lower than their allotted credits, so the vault proceeds with his withdrawal and sends not only his own token back, but User B's token as well. After this, User A still has 298 more credits to use.
This is the issue with overloaded functions - either every protocol needs to be rebuilt to account for the new behavior defined by these hybrid tokens, or we accept catastrophic loss on a regular basis.
This means there are two ways we can go:
1) Ask protocols to build around this new standard, in which case we can remove unpredictable branching altogether by coming up with new function signatures unique to 404...a true new standard.
2) Just...use two contracts?
We chose the latter.
DN404 was built from the ground up using a novel approach that separates ERC721 and ERC20 functionalities into distinct contracts, linked from inception. DN404 handles all the logic, storage, and permissions, but only exposes an ERC20 interface. DN404Mirror serves as a passthrough - an ERC721 interface that defers all logic to DN404, but emits its own events.
The result is that everything returns to the way it should be. The ERC721 and ERC20 contracts both exist, and both function as standalone products, but under the hood they run on shared 404 rails. Protocols always know exactly what you're transferring, because each contract address follows just one standard.
I want to be clear - while I had a ton of fun building this, I still see 404 as more of a gimmick than anything else. However, the space has shown a desire to continue using it, and so we decided it was worth making an implementation that was efficient and safe to use.
That's it. For more on the DN404 architecture and optimizations, see Cygaar's thread here: x.com/0xCygaar/statu…
English
Day #4 numbers at the Bakery update:
+3000 Telegram members
+3333 on-chain holders
+10 Youtube videos talking about BAKE 🥐
-Follow the backup X account: @bakery_404
We have much in the works for this week, new chain, HUGE partnership, DN404 support and much more!
English