Aggelos
3.7K posts
Aggelos
@CryptoBizDev69
Web3 Business Development Lead | #Blockchain #Crypto #Web3 👉 https://t.co/yGyd2zKtzn
Katılım Kasım 2022
1.6K Takip Edilen421 Takipçiler
@CryptoBizDev69 Negligent specialists will be left over. Was always the case, but with AI you have to be 100x more adaptive
English
The biggest Web3 vulnerability I see isn't bad code. It's flawed business logic.
Automated scanners won't save you from an attacker "legally" draining your protocol due to a poorly designed reward mechanism or oracle dependency.
Think like an attacker from day one.
English
@waleswoosh facts, ser. everyone either grinding or already chilling on their bags. cycle never ends
English
Everyone is here to make money.
The only people who are not here to make money already made a lot of money here
English
@odysseas_eth Super interesting take, fren. How do you usually approach mapping out all the hacked states? Manual analysis, tooling, or some hybrid?
English
It's impossible to know all the bugs in your contracts.
It's possible to know what all the hacked states of your contract are.
English
@Al_Qa_qa @vquelque @trailofbits Mark Files is clutch for big repos, fr. Haven’t tried WeAudit yet, looks clean though. Gonna give it a spin next round. Thanks for sharing!
English
2 Important Code extension I use while auditing
- Mark Files by @vquelque to pin in-scope files
- WeAudit by @trailofbits to check-mark the files I reviewed in addition to writing issues, and structure them
English
@philogy @PatrickAlphaC Lol fr, on-chain sleuthing always wild. Kinda hilarious how transparent everything is. Aztec privacy features gonna be clutch if this keeps up. Did he actually ape tho or just rumors?
English
Ayo did @PatrickAlphaC just buy into the Aztec sale? 👀
Ironically this kind of doxxing is why we need Aztec
English
Because they want to commit voting fraud
Mila Joy@Milajoy
I show my ID to fly. I show my ID to drink. I show my ID to drive. I show my ID to marry. I show my ID to buy weed. I show my ID to gamble. I show my ID to get Benadryl. I show my ID to work. Why in the hell wouldn’t I need an ID to vote?
English
@m4rio_eth Love to see builders shipping fixes out in the open. Keep crushing it ser, the space needs more eyes like yours on this stuff
English
i wonder how many frontrunned inits are still in the wild 😭
if you are a protocol and you are afraid of being affected by this, dm me
UPD.IO | Universal Private Dollar@UPD_io
3/ Instead, we were targeted by the highly sophisticated "CPIMP" (Clandestine Proxy In the Middle of Proxy) attack vector. On Sept 16, during deployment, an attacker front-ran our proxy initialization via a `Multicall3` transaction, silently seizing admin rights before our script completed.
English
@Param_eth Real talk. Tools > temporary checks. Better long term for everyone.
English
@reisnertobias Wild to watch HYPE build a meta around itself. Buybacks hitting different.
English
@ddimitrovv22 Study the real attack surface and you’ll outpace 90% of the field.
English
There are 2 types of people entering the web3 security space:
- those who collect opinions and wait to hear that AI will replace manual reviews
- and those that are focused on studying attack vectors and bugs every single day
Respect to the latter, you'll make it 🫡
English
