Gul Hameed

Another Uncommon approved. @CyberGul flags misuse of transient storage for authentication via (EIP-1153 TLOAD/TSTORE overwrite). Query below:

@TheTradMod @xyz_remedy Thank You, Ser 🫡

@CyberGul @xyz_remedy Good work ser

1/ In June 2025, ResupplyFi was exploited for ~$9.56M and the root cause was a classic pattern. My @xyz_remedy Glider contribution now helps detect: oracle price used as a denominator without a non-zero result check.

10/ Fixes are simple : require(exchangeRate > 0) before storing/using it add upper/lower bounds on oracle inputs/results avoid inverse pricing (C / price) unless validated at every step don’t use low-liquidity ERC-4626 pricePerShare as an oracle input without guardrails/thresholds rekt.news/resupplyfi-rekt

9/ Impact checklist: ✅ solvency bypass ✅ unlimited borrowing / protocol drain ✅ oracle-driven systems become unsafe under low-liquidity/manipulable inputs This is a logic + integer-division edge case combo.

Rare query approved. @cybergul flagged oracle price logic used as a denominator without validating against zero, exposing contracts to potential failure scenarios. Query below:

7/ Lockouts are meant to slow attackers. But if recovery is blocked too, the lockout becomes a DoS primitive. Worth reviewing in any auth system. #account-lockout" target="_blank" rel="nofollow noopener">cheatsheetseries.owasp.org/cheatsheets/Au… #CyberSecurity #Pentesting #CEX

6/ Defense-in-depth fixes that actually work: ✅ Allow password reset even while locked (reset should clear lockout counter) ✅ Send a generic “failed attempts / lockout” alert email to the user ✅ Add per-IP / device throttling + progressive delays (not just per-account lock)

1/ Found a neat auth DoS pattern during a recent pentest: account lockout can be weaponized to deny access to any user, using only their email/username. 🧵👇