R4Y

62 posts

R4Y

@_0xR4Y

Smart contract security researcher

Blockchain Katılım Ekim 2024

597 Takip Edilen156 Takipçiler

R4Y retweetledi

pashov@pashov·10 Nis

🚨Junior/Advanced secruity researchers - this is for you!!! A new Training Hub that teaches you web3 vulnerability patterns and thinking as an attacker. Thanks to @ValvesSec, great job👏 URL: training.valvessecurity.com/train

English

162

909

38.1K

R4Y retweetledi

Pyro@0x3b33·6 Nis

5 Oracle bugs - 3 common ones, that are present in almost every codebase - 2 so rare you won't find them @0x3b/oracle-bugs" target="_blank" rel="nofollow noopener">paragraph.com/@0x3b/oracle-b…

English

4.3K

R4Y retweetledi

PeterSR@PeterSRWeb3·31 Mar

🚨 Auditors & security researchers: Auditing a protocol that integrates **Euler** (Euler Vault Kit, EVC, or EulerEarn)? Euler v2 is one of the **most heavily audited** DeFi primitives ever: → 60+ security reviews by 16+ top firms → $4M+ security budget → Record-breaking $1.25M Cantina audit competition → Fuzzing + formal verification Don’t waste time — here’s your shortcut thread 🧵

English

3.7K

R4Y retweetledi

kaden.eth@0xKaden·24 Şub

✨Introducing evmresearch✨✨ A knowledge graph of nearly everything I've learned about the EVM in the past six years The graph structure emulates the brain, exponentiating research speeds for both humans and agents evmresearch.io

English

771

60.4K

R4Y retweetledi

kaden.eth@0xKaden·18 Şub

here's an index of 460 common solidity vulnerabilities across 31 unique protocol types scraped from over 10000 solodit findings optimized for LLMs github.com/kadenzipfel/pr…

English

364

22.6K

R4Y retweetledi

JohnnyTime 🤓🔥@RealJohnnyTime·3 Şub

ANNOUNCEMENT: The Attacks Library is LIVE. > no more scattered threads, half-explained blog posts, or “trust me bro” security takes. > click an attack class → get a clean deep dive page built for builders and hackers. smartcontractshacking.com/attacks bookmark it before you forget.

English

5.9K

Pashov Audit Group@PashovAuditGrp·3 Şub

🚨JUST IN: Pashov Audit Group🤝Discord Welcome to our new community with technical topics around security, AI and dev. We live and breathe web3 technologies🫡 Join, RT and comment below for a chance to win 3x full-year Claude/GPT subscriptions👇 discord.gg/pashovauditgro…

English

161

145

298

32.1K

R4Y@_0xR4Y·3 Şub

@PashovAuditGrp Lets go 🔥🔥

English

R4Y retweetledi

Bernhard Mueller@muellerberndt·26 Oca

Once you "glitch" outside the matrix for the first time, and understand the fundamental thinking error everyone makes, a process starts. Every day, you see the true reality a little clearer. Little steps. Start the process now. It's time.

English

141

1.5K

R4Y retweetledi

Bernhard Mueller@muellerberndt·25 Oca

Here's the correct Theory-of-Everything (tm) There's no going back now. The era of nerds starts today. Link in response

English

486

936.2K

R4Y retweetledi

Shieldify Security@ShieldifySec·8 Oca

If you’re auditing an AMM protocol, these papers and articles are essential reading 🫡 🚩 Decentralized Finance & Automated Market Making 🔗 arxiv.org/pdf/2307.03499… 🚩 AMM Integration Tips 🔗 blog.pessimistic.io/amm-automatic-… 🚩 Understanding AMM Vulnerabilities 🔗 medium.com/oxorio/cracks-… 🚩 Typical Vulnerabilities in AMM Protocols 🔗 blog.decurity.io/typical-vulner… 🚩 DeFi Slippage Attacks 🔗 dacian.me/defi-slippage-… 🚩 Generalizing Knowledge on DEXs with AMMs — Part I 🔗 medium.com/uclcbt/general… 🚩 Generalizing Knowledge on DEXs with AMMs — Part II 🔗 medium.com/uclcbt/general…

English

106

7.2K

R4Y retweetledi

Shieldify Security@ShieldifySec·23 Ara

List of Common Attack Vectors Resources 🫡 💥List of Some Attack Vectors/Smart Contract Vulnerabilities! x.com/ShieldifySec/s… 💥Learn EVM Attacks - github.com/coinspect/lear… 💥SCV-List - github.com/sirhashalot/SC… 💥Smart contract attack vectors - github.com/harendra-shaky… 💥A Historical Collection of Reentrancy Attacks - github.com/SunWeb3Sec/DeF… 💥List of 100+ DEFI Attacks + Hacks Analysis - wooded-meter-1d8.notion.site/0e85e02c5ed34d… 💥List Of 18 Defi Vulnerabilities + Code Examples - github.com/0xRajkumar/Def… 💥 Smart Contract Security Verification Standard - github.com/securing/SCSVS 💥Ethereum Smart Contract Security Best Practices - consensys.github.io/smart-contract… 💥The Solcurity Standard - github.com/transmissions1… 💥Web3 Security Library - github.com/immunefi-team/… 💥List of Bridge Hacks - gist.github.com/cwhinfrey/9fd1… 💥DeFi Attack Vectors - github.com/Quillhash/DeFi… 💥Smart Contract Vulnerabilities - github.com/kadenzipfel/sm… 💥Solidity security blog - github.com/sigp/solidity-… 💥Top 10 DeFi Security Best Practices - blog.chain.link/defi-security-… 💥DeFi Slippage Attacks - dacian.me/defi-slippage-… 💥Lending/Borrowing DeFi Attacks - dacian.me/lending-borrow… 💥DAO Governance DeFi Attacks - dacian.me/dao-governance… 💥Precision Loss Errors - dacian.me/precision-loss… 💥NFT attacks - 0xvolodya.hashnode.dev/nft-attacks 💥 MEV - thedailyape.notion.site/MEV-8713cb4c2d… 💥6 Critical Vulnerabilities - youtu.be/B8igzag_7jY?si… 💥22 Vulnerabilities - youtu.be/MgCSEUrMnSQ?si… 💥You Have To Know These 13 Critical Liquidation Vulnerabilities - youtu.be/AD2IF8ovE-w?si… 💥 List of Top 28 DeFi Attack Vectors - @genisis0x/top-28-defi-attack-vectors-eba0ce89e19a" target="_blank" rel="nofollow noopener">medium.com/@genisis0x/top…

YouTube

Shieldify Security@ShieldifySec

List of Some Attack Vectors/Smart Contract Vulnerabilities! - Reentrancy - Reentrancy via Modifier - Read-Only Reentrancy - Cross-Function Reentrancy - Cross-Contract Reentrancy - Front-Running - Front-Running - Unprotected withdraw - Front-Running - Sandwich attack - Front-Running - ERC20 approval - Front-Running - Signatures - Back-Running - Flash-Loan Governance Attack - Flash-Loan Price Attack - Denial Of Service (DOS) by complex fallback function - Denial Of Service (DOS) by gas limit - Denial Of Service (DOS) by non-existent address or malicious contract - Floating Point Arithmetic - ECDSA Signature malleability - ECDSA Signature replay - Replay Attack - DAO Attacks - Price Oracle Manipulation - Cross-Chain Bridge Manipulation - Initial Supply Mint Issue - Divide before multiply - Unchecked External Calls - Integer Underflow - DeFi Slippage attack - Amplification Attack Double Spending - Malicious Honeypot - Unsafe Delegatecalls - Loops Gas Limit - Short Address/Parameter Attack - Phishing With Improper Authorization - Unexpected Ether With Forcibly Sending Ether - Block timestamp Manipulation - Unchecked return values - Insecure Randomness - Proxy Storage Collision - Strict equalities - Timestamp Dependence - Use of Deprecated Functions - Requirement Validation - Business logic - Absent modifiers - Force Feeding - Gas Limit Exhaustion - Rounding Down To Zero What are we missing?

English

2.7K

R4Y retweetledi

Shieldify Security@ShieldifySec·9 Ara

ZK Journey 🫡 Journey into learning ZK. It is NOT a list of awesome resources; it’s the path I’ve taken in demystifying ZK 📌 Core Beginner Resources 📌 Theoretical Deep Dives 📌 Practical Deep Dives 📌 ZK Vulnerabilities sunrise-clerk-234.notion.site/Hickup-s-ZK-Jo…

English

R4Y retweetledi

Jeff Security@jeffsecurity·4 Ara

ZK Security Alpha: Found the repo. 100+ zero-knowledge proof vulnerabilities compiled. This is required reading for every ZK audit you run. github.com/zksecurity/zkb…

English

178

9.6K

R4Y retweetledi

Shieldify Security@ShieldifySec·2 Ara

Great resource for security researchers 🫡 Blockchain-Attack-Vectors provides a structured breakdown of exploit primitives, consensus-level risks, VM quirks, and smart-contract vulnerability categories. A solid reference for audit methodologies 👇 github.com/ImmuneBytes-Se…

English

104

6.1K

R4Y retweetledi

Jeff Security@jeffsecurity·11 Kas

🔐 Uniswap V4 Hooks Deep Dive! Learn about the critical security flaws found in V4 Hooks audits: - Permission bypasses 🔑 - Malicious pool key validation 🚨 - Access control issues 🛡️ Essential reading for V4 builders! surfing-solodit.com/uniswap-v4-hoo…

English

5.4K

R4Y@_0xR4Y·13 Eki

@MediaMonad 61

Monad Media@MediaMonad·11 Eki

Select one number : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 Check your DM later #MON

English

12.5K

1.6K

11.9K

1.2M

R4Y retweetledi

Shieldify Security@ShieldifySec·7 Eki

🚨 Every auditor needs this repo in their toolkit. A curated list of top 🔧 tools & 🧠 techniques for smart contract security — from fuzzers & formal verification to on-chain monitoring. Perfect for devs leveling up or pros sharpening their edge! github.com/shanzson/Smart…

English

4.4K

R4Y retweetledi

Shieldify Security@ShieldifySec·21 Ağu

DeFi Protocols Resources - repost & bookmark sir🫡 ♦️AMM Audit Checklist 🔗github.com/Decurity/audit… ♦️AMM Security & Audit Insights 🔗mirror.xyz/millietez.eth/… ♦️CDP Audit Checklist 🔗github.com/Decurity/audit… ♦️LSD Audit Checklist 🔗github.com/Decurity/audit… ♦️Guidelines for Auditing Staking Protocols 🔗defihacklabs.substack.com/p/solidity-sec… ♦️LSDs Best Practices 🔗#rec621210033" target="_blank" rel="nofollow noopener">mixbytes.io/blog/liquid#re… ♦️Liquid Restaking Tokens 🔗blog.sigmaprime.io/liquid-restaki… ♦️Liquidation Vulnerabilities 🔗dacian.me/defi-liquidati… ♦️CLM Vulnerabilities 🔗dacian.me/concentrated-l… ♦️Slippage Attacks 🔗dacian.me/defi-slippage-… ♦️Precision Loss Errors 🔗dacian.me/precision-loss…

English

157

9.5K

Keşfet

@ValvesSec @PashovAuditGrp @MediaMonad @elonmusk @BarackObama @taylorswift13 @cristiano @BillGates