Latest news

  • Ethereum Smart Contract Security Recommendations

    10+ smart contract security patterns to follow when you’re building on Ethereum.As we covered in the Smart Contract Security Mindset, a vigilant Ethereum developer always keeps five principles top of mind:Prepare for failureRollout carefullyKeep contracts simpleStay up-to-dateBe aware of the EVM’s idiosyncrasiesIn this post, we’ll dive into the EVM’s idiosyncrasies and walk through a list of patterns you should follow when developing any smart contract system on Ethereum. This piece is primarily… … More

  • Legions: A Tool for Ethereum Security Researchers

    Legions is a handy toolkit for researchers poking around EVM nodes and smart contracts.By Shayan Eskandari, Security Engineer at ConsenSys DiligenceHave ever thought about doing one of the following things from your terminal?Poke around a public Ethereum node JSON RPC endpoints?See if an Ethereum node is mining or not?Read the storage of a smart contract? And maybe see how the storage changed between different block numbers?Get the bytecode of a smart contract without going to etherscan?List all… … More

  • The Smart Contract Security Mindset

    4 security principles that every Ethereum developer needs to know, plus fundamental tradeoffs.Though the industry is maturing, smart contract development is still a relatively new and maturing field. Therefore, you should expect constant changes in the security landscape, as new bugs and security risks are discovered, and as new best practices are developed. Learning and following best practices is only the beginning of the security work you will need to do as a smart contract developer.Smart co… … More

  • Blockstack is Back: Hacking with Clarity

    Mark your calendars, set your alarms and clean up your desktops, ‘cause on May 14th Blockstack is coming to town(square) with their brand new, exclusive coding-fest: Clarity Hackathon!
    The post Blockstack is Back: Hacking with Clarity appeared first on Gitcoin’s Blog. … More

  • Announcing the dYdX Perpetual Contracts Bug Bounty

    We recently announced the private alpha launch of BTC–USDC perpetual contracts on dYdX, the first market to make use of our Perpetual Contracts protocol. This protocol consists of a new set of Ethereum smart contracts which we have released as open source on GitHub.Today, we are launching a bug bounty program to encourage the community at large to review our code in advance of our public launch. We hope this program will supplement the investments in security that we have already made via our au… … More

  • Smart Contract Security Newsletter #36

    (This newsletter was sent out on April 22nd, Sign up to receive them on the first day)Distilled NewsDeFi Rollercoaster — imBTC, Uniswap & dForce lendFmeOver the weekend, DeFi saw one of the biggest hacks in DeFi history, more than $25M. However, the hacker returned all the hacked assets at the end. Sorry for the spoiler.The hack was a result of a re-entrancy attack made possible by the ERC777 token standards callback functionality.This attack was actual discussed in our Uniswap audit more th… … More

  • MythX smart contract security API update: Revamped vulnerability detection and new property…

    MythX smart contract security API update: Revamped vulnerability detection and new property checking modeThe MythX team is proud to announce a new release of the MythX security analysis API! MythX v1.7 includes major updates to our vulnerability detection capabilities and adds a new mode that is optimised for checking custom security properties.Revamped Vulnerability DetectorsWith the latest release of MythX API we have completely revamped the generic bug detection capabilities, including adding… … More

  • Questions DeFi users should be asking DeFi Developers

    Photo by Evan Dennis on UnsplashOriginally published at https://diligence.consensys.net on March 2, 2020, republished here because holy crap this stuff just keeps happening.The DeFi space has had a tumultuous couple months, with a number of attacks as well as unexploited vulnerabilities being reported.Bugs are unavoidable, but there are many things that can be done to reduce their frequency, and mitigate their negative effects.As auditors, we want to help, but in order to really get developers t… … More

  • 1-Day Security Reviews

    This new offering from our smart contract security team is an inexpensive alternative to a full audit for discovering fundamental issues early in your development lifecycle.Interested in a 1-day security review? Contact the Diligence teamOver the past few months, we have been conducting short “security reviews”, typically one or two days in duration. In some ways, these are similar to audits, but in other ways they’re quite different. In this post, I’ll share what these engagements are like and … … More

  • How I integrated Django with Blockchain and built a Decentralized Application (DAPP) ?

    How I integrated Django with Blockchain and built a Decentralized Application(DAPP)?An effective guide for Python Developers to begin their Blockchain Development journey.One can never deny the fact that the moment while working with DAPP development, one of the major challenges lies in connecting the smart contract with the front end of the website.The most effective procedure is undoubtedly using Web3(Python or Javascript) library to do this for you. While this might be a lot easier for a Java… … More

  • Smart Contract Security Newsletter #35

    Hope you have stayed home, sane, and productive in these unprecedented times. As you know almost all conferences are cancelled or have moved to the virtual world.We will, virtually, be at NonCon on April 3–5, join us for some meta fun with many VR after parties.April 5, 12pm GMT+2: Detecting DeFi bugs and arbitrage opportunities using symbolic execution — Bernhard MuellerApril 5, 4:50pm GMT+2: Transparent Dishonesty: Front-running attacks on blockchain — Shayan EskandariAlso, check out the lates… … More

Load More
Congratulations. You've reached the end of the internet.