Robert Chen

512 posts

Robert Chen

Robert Chen

@NotDeGhost

founder @osec_io | web/pwn with @redpwnctf + @dicegangctf | prev @dfsec_com

Katılım Eylül 2018
675 Takip Edilen7.4K Takipçiler
Michael Coates
Big Update for me - a new chapter and I'm now CISO of @SolanaFndn . I've always been drawn to fast moving new frontiers. Head of Security of Mozilla during the height of the browser wars, the first CISO of Twitter as they burst onto the world's stage, and even as a startup founder innovating on data security for enterprise SaaS as cloud deployments skyrocketed. Years ago through the acquisition of our startup, Altitude Networks, to CoinList I found my way into crypto. I'm excited to share that I'm continuing the crypto adventure as CISO of Solana Foundation. Why Solana? This is the chain doing tens of billions of dollars in stablecoin volume a day. It's the chain where SpaceX's tokenized shares went live the same day as its Nasdaq debut. It's processing more transactions daily than most of crypto combined. Solana is establishing itself as the future of financial infrastructure, at massive scale. Now, this is not without its challenges. I'm keenly aware of the adversaries' incentive to separate people from their crypto. I'm aware of the rising threats from malicious use of AI (something I testified to Congress about earlier this year), and the massive power for defense when harnessed effectively. And I’ve felt the push and pull when innovative new approaches meet established traditional businesses. I'm thrilled to work across the foundation and the entire Solana ecosystem to help tackle these challenges head on. That means building security into this industry, from operational and appsec fundamentals to the crypto-specific challenges, working with policymakers and standards bodies to get cybersecurity regulation right, and bringing the lessons and battle scars I've picked up along the way. Innovation is messy and security is hard. This is the nexus where I enjoy working to solve the hardest challenges alongside the smartest folks around the world. Onward!
Michael Coates tweet media
English
123
48
565
43.5K
Robert Chen retweetledi
Michael Debono
Michael Debono@_mixy1·
I have been working on this blog post for an embarrassingly long time. While the thought of CTFs depressed me during most of this time period, I'm more hopeful now. I think what made the scene so beautiful to me will persist. I can't wait to show you all what we have in store.
Robert Chen@NotDeGhost

We're launching a $100,000 fund to save CTFs.

English
3
10
135
9.6K
Robert Chen
Robert Chen@NotDeGhost·
We're launching a $100,000 fund to save CTFs.
Robert Chen tweet media
English
17
108
639
60.6K
Robert Chen
Robert Chen@NotDeGhost·
Anchor is secured by @HacktronAI Thanks to their open source program, all PRs get 24/7 coverage for security issues
Robert Chen tweet media
English
5
8
40
7.4K
Robert Chen
Robert Chen@NotDeGhost·
GPT 5.6 Solana
Robert Chen tweet media
Indonesia
8
5
83
8.7K
Robert Chen
Robert Chen@NotDeGhost·
is this the first working decompiler in a blog post? from @marspiterr's recent deep-dive on Hyperliquid
English
1
3
60
4.8K
Robert Chen retweetledi
sudo rm -rf --no-preserve-root /
the latest tornado cash proposal 67 is _malicious_: https://bafybeie5hxovqc4ifcnrnhvmjbefxgeix6oqvzaspyytdxiyscji22v5pu[.]ipfs[.]inbrowser[.]link/governance/67 decompilation of the proposal: app.dedaub.com/ethereum/addre… the try to set the governance address to a vanity address that looks almost like the governance address: - spoofed version: `0x5EFDa50f22D34F272c7077689d6ABc42F15E285f` - real governance address: `0x5efda50f22d34F262c29268506C5Fa42cB56A1Ce` same for the staking governance proxy: - spoofed version `0x2fc93484614a34f7dbf98d7f7e997f6424e54a32` - real staking address: `0x2FC93484614a34f26F7970CBB94615bA109BB4bf` furthermore, worth mentioning the function `nullifyBalance` checks against the spoofed governance address above; so whoever controls that vanity address can zero out any relayer's balance at will. this is a governance attack on Tornado Cash and i ask all TORN tokenholders to reject this proposal
sudo rm -rf --no-preserve-root / tweet mediasudo rm -rf --no-preserve-root / tweet mediasudo rm -rf --no-preserve-root / tweet media
sergeyshemyakov.gwei, PhD 💗@sergeyshemyakov

1/ A suspicious DAO proposal on Tornado Cash was created ~8hrs ago. Summoning @pcaversaccio (and everyone else curious) for an independent opinion! Details in the thread below👇

English
14
55
215
25.4K
Robert Chen retweetledi
OtterSec
OtterSec@osec_io·
When Hyperliquid has to clear bad debt, who covers it? We reverse-engineered the closed-source risk engine, verified some core properties & compared it to other perps. It's not neutral: the more leveraged and profitable your position, the sooner it's closed. Full breakdown ↓
OtterSec tweet media
English
9
27
203
43.2K