iosiro

Check out the repository here: github.com/iosiro/arbos-f…

6/ Huge shoutout to the Foundry team for the toolkit and @arbitrum for funding this through the Stylus Sprint. Ready to speed up your Stylus development? Check out the v0.1.0 release now. Blog: iosiro.com/blog/introduci…

🚀 Big news for the @arbitrum ecosystem! Introducing arbos-foundry – a fork of Foundry that brings native support for testing Stylus programs. Developed by iosiro's @_dotvader for the Stylus Sprint, it brings the dev experience you love to the Stylus world.

We’re pleased to announce that we’re using ArbOS-Foundry by @iosiro_security. 🖤🤍 Having easy interop between Stylus and Solidity is a major productivity gamechanger for our team! They have been supported by the @Arbitrum DAO, alongside @9livesso for the Stylus Sprint grant.

7/7 Kudos to the @Arbitrum Foundation & @offchain for their rapid response, effective mitigation, and the impressive bounty! Full details of the bug are given in our blogpost: iosiro.com/blog/arbitrum-…

6/7 Following our report, @offchain swiftly issued a silent update to the Arbitrum sequencer, preventing new malicious Stylus deployments & verifying that no existing Stylus programs contained invalid imports. A comprehensive fix was released in Arbitrum Nitro v3.2.0.

1/7 ICYMI, we recently posted the technical details of a high-risk vulnerability iosiro researchers @_dotvader and @pleasew8t found in @Arbitrum that reliably triggered a panic in the Nitro sequencer, and could be used to crash the sequencer repeatedly for no gas or fees.

The issue was identified by @_dotvader and @pleasew8t. Technical details can be found in our blog post (2/2): iosiro.com/blog/arbitrum-…

In September 2024, we reported a high risk vulnerability to @arbitrum that could be used to repeatedly crash the network’s sequencer for no gas or fees by triggering a panic in the Nitro sequencer. (1/2)

More power for Solidity devs! @iosiro_security has joined the Stylus Sprint to bring @arbitrum operating system and Stylus support to revm and Foundry. This makes it easier than ever for builders to tap into Stylus contracts for efficiency gains! #Arbitrum #iosiro 🧵1/3

Technical details can be found in our blog post: iosiro.com/blog/geth-out-… The issue was identified by @pleasew8t from our team. Shoutout to the SEAL 911 team for assisting with the disclosure (@pcaversaccio and @samczsun) and to Flashbots for rewarding a bug bounty.

Prior to the Dencun upgrade, we disclosed a bug to the @ethereum Foundation that could remotely crash Ethereum mainnet geth clients over RPC through eth_call. All major RPC providers were affected, incl. @infura_io, @AlchemyPlatform, @ankr, @QuickNode, and others👇