smart-contract-security

3 articles

Sort: New Top Best

bug-bounty622 facebook479 xss316 google174 microsoft120 rce102 apple72 csrf60 web355 account-takeover53 writeup51 exploit43 sqli41 dos36 ssrf34 cve33 cloudflare32 privilege-escalation29 defi28 malware27 node26 smart-contract-vulnerability25 idor25 subdomain-takeover24 clickjacking23 smart-contract23 ethereum23 access-control21 react21 vulnerability-disclosure21 reverse-engineering20 auth-bypass19 aws19 remote-code-execution18 lfi18 cloud17 docker17 cors17 oauth17 supply-chain17 race-condition17 info-disclosure16 browser14 authentication-bypass14 solidity14 phishing14 denial-of-service11 sql-injection11 delegatecall11 wordpress10

0 3/10

OpenZeppelin

bragging-post

Security researcher's portfolio showcasing multiple critical vulnerability disclosures in DeFi and NFT smart contracts, primarily focused on proxy vulnerabilities (UUPS), uninitialized logic contracts, and access control issues that collectively protected over $50M in TVL. While demonstrating significant impact, the article lacks technical depth and primarily lists findings with references to external postmortems rather than detailed exploitation methodology.

smart-contract-security bug-bounty defi-vulnerabilities proxy-vulnerabilities uups-proxy delegatecall access-control uninitialized-variables arbitrary-delegatecall selfdestruct token-theft erc20 mint-function bragging-post

OpenZeppelin 88mph Polygon KeeperDAO Rivermen NFT iosiro Immunefi Alchemix Ondo Finance pxMythics abwagmi AxonsToken Code4rena yAcademy Curve Finance Ashiq Amien Dedaub

ashiq.co.za · Ashiq Amien · 4 hours ago · details

Ocean Protocol

bug-report

Security research analyzing a hybrid NFT vulnerability in Ocean Protocol where on-chain Data Description Objects (DDOs) stored on blockchain can be modified to enable attacks. The article discusses design flaws and issues discovered in Ocean Protocol's implementation, with bug bounty disclosures via Immunefi.

ocean-protocol hybrid-nft smart-contract-security bug-report blockchain dids on-chain-data vulnerability-disclosure bug-bounty

Ocean Protocol Immunefi Merkle Bonsai Oasys Eco Bandai Namco DoubleJump.japan

mirror.xyz · merkle_bonsai · 4 hours ago · details

0 4/10

How to Choose a Smart Contract Auditor: A Guide for Web3 Protocols

guide

A guide for Web3 protocol teams on evaluating and selecting smart contract auditors to assess the security of their code, which governs significant amounts of decentralized finance value.

smart-contract-security code-audit web3 defi security-practices vendor-selection

medium.com · Abraham · 15 hours ago · details