Information Security, Privacy, and Freedom under God. Consulting and Research @VentralDigital @Spearbit A138 F4D2 C62D 1404 AA6E 0B05 ACEF 4728 1DAD 4E26

BTW if you don't wanna hear about my personal crap, go follow @VentralDigital where it's kept strictly technical✌️
2
1
19
Been reading a ton of DeFi Audits the last couple weeks; there are some report design/structures I'd really like to see more... 🧵
13
108
452
Did you read all of the post-mortems of 2022? Well, I did it for you and tried to boil it down into a single article. Made for web3 auditors and bug hunters. No SEO/marketing bs, just one giant blogpost for you to review at your own pace. Merry christmas! ventral.digital/posts/2022/1…
15
136
452
Finally found a way to analyze unverified contracts where existing decompilers return nothing, time out or skip stuff. Can't really call this thing a "decompiler" yet but the output is already usable with some EVM/Sol knowledge. Long time since I had this much fun programming😂
11
19
200
23,531
In preparation for an Audit with @SpearbitDAO I created a "framework" for (differential) fuzzing with both Echidna and Foundry. Since it's quite reusable I created a GitHub template: github.com/patrickd-/solidit…
4
25
152
I present y'all a primer about Elliptic Curve Cryptography in preparation for the next article about basic Homomorphic Encryption and Zero Knowledge Proofs for Private Transaction Values.☺️ ventral.digital/posts/2023/8…
5
30
148
8,868
My grandma died last night. The last time I spoke to her in person I told her I had broken up with my girlfriend. She got really angry at me and said "Why do you always find fault in your partners? Why don't you just stick with someone?". I was shocked, I hadn't even told her anything about the relationship, yet she immediately knew what happened. At that time I lacked the self-awareness to admit she was right, but she had a point. If you choose someone, make sure you do so intentionally and not to fill a void in yourself, and then stick with them and accept them even for the unideal version they will eventually turn out to be. Thank you grandma.
16
3
143
21,470
Write-Up on solving @paradigm_ctf's Electric Sheep. ventral.digital/posts/2022/8…
7
15
130
Technical Writing Contest Summarize EVM Smart Contract security incidents of 2023 for glory and the opportunity to go to @TheTrustX at @EFDevconnect
8
18
85
29,861
⚠️ Future of simplytest.me? drupal.org/project/simplytes…
6
58
72
Write-Up of RACE-20, Quiz of @TheSecureum Bootcamp for Ethereum Smart Contract Auditors. This one was designed by none other than Hari (@hrkrshnn), Secureum Mentor and Co-Founder of Spearbit. Got stumped under the time limit? Try again now! ventral.digital/posts/2023/7…
4
11
70
17,261
"I wish I had more time, unlimited time, then I could do all the things that I want to do, learn all the things that I want to learn." But let's be real. If we had unlimited time, time would have no value. We'd prob do nothing Choose a thing to focus on and sacrifice the rest.
4
3
63
5,223
The key to exploiting this compiler vulnerability was creating an overlap in memory between the passed amounts array and the MintVars struct. The problem in the compiler is that it doesn't check whether the array size in bytes would even fit into memory in the first place. Therefore, we can have it overflow - the memory will "wrap around" back to the beginning, allowing it to overlap with other objects in memory. Actually passing such a large array as calldata is not practically possible, but we don't have to do that: We can simply specify a large array length within the ABI encoding in the calldata even though the calldata sent is not large enough to hold any of it. (ABI-encoded arrays' first 32-bytes slot specifies the array length, each 32-byte slot after that contains the actual array data - or in this case, none, although the size claims otherwise) But it had me wondering: Why doesn't calldatacopy() consume all of the gas in the attempt to copy all those zero-items from calldata? I wanted to take a look at the bytecode to see what actually happens. Problem is: For this rather old Solidity version there's no good way to do this - and none of the usual decompilers could handle it either. So I crammed out my good-old, half-backed decompiler attempt and it kinda worked. (see above) So, when we pass an array with an item length of 3618502788666131106986593281521497120414687020801267626233049500247285301248 (as specified in the solution) the compiler attempted to calculate the size in bytes of the array's contents by multiplying the number with 32. A calculation that will overflow and result in an array size of exactly 0 bytes! (var8) Solidity adds 0x20 (32 bytes for the array length slot) to this and adds it to the free memory pointer. So, for this huge array it actually only ended up reserving enough memory space to store the length. It then continues to store the large array length to memory and finally uses calldatacopy() to copy the actual array contents from calldata to memory - which is basically a No-Op because the overflown array size is 0. And this answers my question: It doesn't run out of gas, because the array contents that it actually ends up copying is nothing. The issue becomes exploitable thanks to the fact that the MintVars v variable reserves more memory for itself after the array. Basically the first array's item is at the same place as the first element of the MintVars struct (and so on). That means, as you write into MintVars, you are as well writing into the array. In hindsight it seems so simple, but it took a while to wrap my head around it (nearly overflowed!) Thanks to the @hexens guys for nerdsniping me (participate in their @TheSecureum RACE tomorrow for more fun) and thanks to @hrkrshnn and @jonataspvt for their patience 😄
⚔ Vulnerabilities Visualized ⚔ Paradigm CTF Edition - "Swap" (2021) The notorious "Swap" was unsolved for 2 MONTHS until @HRitzdorf and @a_permenev solved it. In the spirit of @paradigm hosting @paradigm_ctf this weekend: 2 whole minutes of complex vuln visualization 👀 👇
1
6
58
9,877
Coool, that was a lot faster than I expected. Digital Resident of Palau now, looking forward to see how this'll develop.
10
4
56
17,481
Here are two nice articles I've read a while ago explaining the patience and carefulness that go into the execution of whitehack attempts. samczsun.com/escaping-the-da…
1
18
47
8,951
I'm currently at a conference and won't be able to finish the Paradigm CTF 2021 write-ups as I was hoping to before the next one starts. Well, here's as far as I got: ventral.digital/posts/2022/8…
2
4
52
October Quiz of @TheSecureum Smart Contract Auditing Bootcamp Epoch∞ This month's quiz was yet again rather difficult. You may let your desperations and admirations be known to the author, the honorable @gpersoon! ventral.digital/posts/2022/1…
10
54
Wrapping up the 3-week long audit we've been working on. Learnings, thoughts, and general updates🧵 (many thanks to @noah_eth and @hrkrshnn for finding and or explaining some of these)
1
8
50
5,941
Write-Up for RACE-18 of @TheSecureum Bootcamp for Ethereum Smart Contract Auditors. Created by Secureum Mentor @Montyly from @trailofbits. Top-16 RACE-18 performers will be awarded free tickets to the @summit_defi 2023 in Paris! ventral.digital/posts/2023/5…
10
46
5,792
Part of me wishes this would continue on for the rest of the week – on the other hand sleep deprivation might kill me... Was a lot of fun🫡 Write-ups soon!
2
42
Write-Up of RACE-13, Quiz of the Secureum Bootcamp for Ethereum Smart Contract Auditors. This one was designed by Secureum Mentor @leonardoalt who spiced things up with some assembly and function types. ventral.digital/posts/2023/1…
8
42
4,674
Maybe interesting here too: How does Echidna's and Foundry's fuzzing compare?
3
2
41
Write-Up for RACE-16, Quiz of @TheSecureum Bootcamp for Ethereum Smart Contract Auditors. Created by Mentor @FormallyJon and @VeridiseInc who will invite the the Top-16 performers to a workshop about OrCa, Veridise’s smart contract fuzzing framework. ventral.digital/posts/2023/4…
3
12
42
10,704
(Experimental) Video on Question 1 of @TheSecureum's RACE-0 I recommend watching at 2x 😅 Are these kinds of low budget/effort videos something valuable? Or too cringe? Or do it properly or don't bother? (I can't tell myself)
7
4
42
3,877
Write-Up of RACE-22, Quiz of @TheSecureum Bootcamp for Ethereum Smart Contract Auditors. Created by the legendary @tinchoabbate from @theredguild, creator of damnvulnerabledefi.xyz ventral.digital/posts/2023/1…
1
9
40
4,449
August's Quiz #9 of @TheSecureum Smart Contract Auditing Bootcamp Epoch∞ I had the honor and pleasure to come up with this one. It turned out to be quite hard but hopefully the fair kind😅 ventral.digital/posts/2022/8…
1
8
39
As part of the writing mentorship, @_Parsely_ has written an article about testing and fuzzing Vyper contracts using Foundry. Give it a read! Thanks for participating and I hope I was able to provide you with some good pointers during the process :) ventral.digital/posts/2023/4…
3
10
38
16,980
Nearly all @trailofbits' findings have, in addition to the usual description and recommendation, an “Exploit Scenario” which make the finding very quick to understand – WHO acts HOW and WHAT will happen
1
1
34
Christmas is early for me this year. Bought a bunch of stuff to play around with...
1
36
2,566
Big Update: @code4rena is now generously sponsoring this contest! TL;DR: 3 winners will have flights, accommodation and tickets covered to @TheTrustX Istanbul + and also be spotlighted on Code4rena’s blog + additionally, 4 high-scoring participants will receive TrustX tickets
Technical Writing Contest Summarize EVM Smart Contract security incidents of 2023 for glory and the opportunity to go to @TheTrustX at @EFDevconnect
2
7
32
16,785
@trailofbits' audits often make use of fuzzing and the reports have a list of all the properties that were tested
2
1
31
I'm very happy to announce that I'm officially a mentor @TheSecureum now :) I'd like to recommend all of you to join the Discord and ask any questions in my channel instead of Twitter DMs so others can benefit too✌️ discord.com/channels/8143282…
1
32
@SpearbitDAO's findings read a bit like a discussion between them and the project’s team. It describes in detail why they chose to implement things a certain way, how they fixed it or why they chose not to
2
1
30
Confidential Transaction Values through the homomorphic properties of Pedersen Commitments and ZK range proofs via Borromean Ring Signatures. This concludes the foundation laying earth math part of this series. Only up from here😁🚀🌑 ventral.digital/posts/2023/1…
1
3
33
4,743
I normally find retweeting my own stuff pretty cringe, but it seems like lot's of you haven't seen these yet and I honestly think they're severely underrated :P ventral.digital/posts/2023/3…
1
7
32
4,216
No promises, but want to gauge interest in stuff like this. What kind of collab would you like to do? What are your expectations from it/me? How much time are you able/willing to contribute /week? DM me with your Discord handle
8
29
10,160
Nice! Thanks @paradigm ☺️
1
29
✅Reached a good stopping point on all projects ✅Next RACE write-up is ready Now I just need to pack my things and I'm off to one week of laptop-free (I hate it already, what's wrong with meeeee🙈) vacation in the mountains of panama. Hasta pronto!
2
27
1,655
In one of @peckshield's reports I’ve seen a Gas Consumption Comparison of the project with a competing protocol, after they implemented optimization suggestions. This is might be a neat idea to generalize...
1
2
27
Write-Up of RACE-12, Quiz of the Secureum Bootcamp for Ethereum Smart Contract Auditors. I hope the quiz was enjoyable and challenging (but hopefully not challenging because of unclarities) lmk 😅 ventral.digital/posts/2022/1…
1
7
29
Question 3 of Secureum's RACE-0 On the many ways of transferring ether. piped.video/oe9K4C3kCzw
4
1
29
2,383
I wondered: ecrecover is doing a bunch of point multiplications and additions for super cheap, can't I use it? Turns out: Yes! The same example ring signature that ate 17mil of gas before now only requires 60k gas! ventral.digital/posts/2023/1…
3
30
4,264
I was asked why simplytest.me isn't on the Try Drupal page again – i tried folks, i really did drupal.org/node/2498247
8
18
22
Question 5 of @TheSecureum RACE-0 Observe me trying to explain delegate-call using my exceedingly gifted drawing skills. piped.video/D-OoejQ1Lnc
2
1
31
1,406
It takes 12 clicks to report and block each of the scam "Airdrops" and "NFT Mints" that I get mentioned in multiple times a day.. That's at least 10 too many. Is there a trick to it? (Looking for some nice Metamask support here while we're at it!😂)
8
1
22
Thanks to everyone from @TheSecureum and @SpearbitDAO who helped with the final polish! @moise__ @Cryptonicle1 @StErMi @eugenioclrc
1
1
29
The aim is to bring web3 privacy to parity with what we expect from web2. Not going far enough for me but one thing I did take away was giving @GetBlockWallet a try.
5
1
23
Think I might've found the most clueless post-mortem in history. Sorry, but wtf @Onering_Tools 🙈
1
26
Writing good incident summaries takes effort. It's not enough to simply shrink a post-mortem down to a few sentences. Understand the core issue, condense its essence. The exemplary summary below was written by @sayan_011 over the course of several iterations during mentoring.
1
2
27
3,154
Write-Up on both Trapdooor & Trapdoooor. This one took me on a wild ride through froundry all the way down to Linux services and up again! ventral.digital/posts/2022/8…
2
8
25
great intuitive intro to plonkish cryptography by @Maddiaa0, totally gonna steal this 😁
Current situation, @Maddiaa0 solving equations while @patrickd_de enjoys a beer 📚🍻
2
2
27
3,936
Got both a @EthCC and @summit_defi ticket now, see you in Paris🗼
3
2
26
2,525
First mentoring project/experiment has concluded. As a team of 8 we looked at over a hundred deployed contracts, both veri and unverified. MVP Award goes to @_Allarious! 🏅 Consider this my personal recommendation to hire him, if you can 😁
No promises, but want to gauge interest in stuff like this. What kind of collab would you like to do? What are your expectations from it/me? How much time are you able/willing to contribute /week? DM me with your Discord handle
7
24
6,586
Replying to @immunefi
# times legit criticals were downplayed by projects in order to avoid large payouts? 🫣
3
25
864
I'm happy to announce that the @TheTrustX speaker review committee has decided to give us 16 minutes of time on stage :) I'd like to ask the Top 3 contest winners to present the Incidents that they found most interesting to the community!
Big Update: @code4rena is now generously sponsoring this contest! TL;DR: 3 winners will have flights, accommodation and tickets covered to @TheTrustX Istanbul + and also be spotlighted on Code4rena’s blog + additionally, 4 high-scoring participants will receive TrustX tickets
1
1
24
3,157
Do not work with people who write or publish reports with stuff like this. Acceptance will lead to more brown backpack guy bullshit. Do not get intimidated by their fake outrage.
Just saw an audit report with this issue Wow
2
1
24
2,457
Question 8 of @TheSecureum RACE-0 On transfer()/send()'s origin and why using tx.origin for authentication is usually a bad idea. piped.video/TkfefNR053s
2
3
26
1,569
ChatGPT just pointed out the issue I've spent the entire day trying to resolve. fck me. I'm ready to be replaced. It was a good run bye bye👋😂
3
26
2,648
Trying my best to suppress my perfectionism on the videos. In every recording I find something I dislike, but then again, I don't want to spend my entire day re-recording or editing videos... So they're just "good enough"... Luckily I can still go nuts in my articles 😂
4
26
1,609
Careful with the Taxis from Istanbul airport. First they'll send you a message that everything is toll free - so that they can later say they told you from the start you have to pay a toll and they made a translation error. Then, once you are in the Taxi they'll give you the choice of a slow and fast route - both with ridiculous toll prices. I googled and thought they'd then type it in the Uber app where I can later reclaim it - but no! They've learned! When you arrive they tell you to pay them directly with your credit card with their own device. When I told him to end the ride and show me he really can't do it via the app he quickly put in 800TL hoping I wouldn't see it. This is the point where you tell them to go fuck themselves, grab your stuff and get the fuck out of that car. They'll follow you for some time to terrorize you, but don't worry, they're not gonna do shit. Unbelievable 😂
My guy's asking for 300TL 🙌
8
2
25
14,790
Solutions of RACE-23, Quiz of @TheSecureum Bootcamp for Ethereum Smart Contract Auditors. Created by @FormallyJon of @VeridiseInc veridise.notion.site/veridis…
2
5
22
2,670
🔜🔜🔜 Ethereum Smart Contract Auditor's Rewind 2023 Not much going on in terms of novelties this year? Which Security incidents of 2023 deserve a spotlight in this year's report?
6
2
24
3,053
I refuse to go along with renaming gas to mana I'll be calling it diesel out of protest from now on
4
1
20
2,216
And that's a wrap! Final scores of the Rewind 2023 Contest have been determined. Thanks to everyone for participating!
2
2
23
9,024
Check out the new and beautiful Ventral.Digital The Website has been modernized and is now hosted on IPFS! (ventral.eth.limo, ventral.eth.link, ...) Micro contest: Obtain a @cantinaxyz code by reporting any issues with the website! ventral.digital/
4
2
23
1,826
Question 6 of @TheSecureum RACE-0 On Reentrancy Guards and Integer Underflows piped.video/aKOxMa64xhU
1
24
1,176
If you have a @TheSecureum RUN code, don't forget to participate in RACE-9! I made it with love 😁
2
21
Audits from @chain_security go even further and give a very extensive overview, that really shows how deep they got their head into understanding the project
1
20
To those who participated in the @TheSecureum CTF at @summit_defi Challenge 4 made the assumption that the "sender" address determining the destination of the contract being created is based on the msg.sender when it was actually the contract's own address.
1
2
20
5,863
I'm getting scared of giving advice because I might just be an irresponsible weirdo and maybe I'm giving irresponsible weirdo advice
1
21
The fact that custom errors are still not supported by require() can create issues when a project refactors their code to use if () revert Error() - the condition inverts and so must the condition's logical operators: && must become ||. A subtle source of critical issues.
3
2
19
4,711
@HalbornSecurity's reports have really nice code snippets, that not only show the original line numbers but also highlight the affected line
1
17
@OpenZeppelin's reports give a good high level introduction to the project and are very precise about not only what was within scope, but also other components/documents/assumptions that existed but were outside of the audit’s scope
1
18
Question 4 of @TheSecureum RACE-0 On Solidity modifiers and their best practices. piped.video/utBywQjX3D4
2
3
21
2,283
Back from vacation today. It had everything! White Water Rafting, Ziplining, campfire and stars, watching a dozen movies, getting sick and feverish, losing my sense of smell... would do it again😂
1
18
1,386
I was surprised to learn that, when Via-IR is used, it's sometimes better to avoid doing your own optimizations and just let the optimizer do its thing:
2
4
18
6,951
deployed new.simplytest.me – UX is shit, most of the stuff is disabled because it ain't working yet – but it should give you an idea 😇
4
4
14
I like principled people, even if I disagree with them. What I like even more is people who show consistency in applying them even when its difficult The last week has really shown that those with consistency are few and far between. I feel disappointed in many I've looked up to
1
16
2,670
Question 10 of @TheSecureum RACE-0 On low-level calls and contract-existence checks piped.video/h3w9TeW-QsI
1
17
1,155
This was supposed to be the final part of the write-up series on Damn Vulnerable DeFi V2, but it took me so long that a new challenge was released in the meantime... Anyway, #12 Climber ! ventral.digital/posts/2022/6…
5
20
I'm fascinated by the influx of brainpower in Eth coming from math/physics PhDs. Sure, most of them aren't cypherpunks by any measure, but nonetheless they came because they love working on the bleeding edge of cryptography. Don't ignore them cause "surveillance chain = bad"
19
2,444
Spending the last couple months in Medellin has really brought home the fact that you can never be thankful enough for the privileges you enjoy. Not to mention the shame I feel in my unproductive moments when I hear someone desperate to sell Avocados for a few cents right outside
1
18
1,662
One of the things that I still have to check in Remix every time because I just keep forgetting the quirks
2
14
Solidity Cheatsheet additions github.com/patrickd-/cheatsh…
2
3
15
Devotion > Discipline Your emotional self is in control, always. Your rational self can merely hope to find arguments convincing enough to make it do the things that will get you ahead. Using force will backfire. Use honest negotiation. Regularly reflect and adjust. Be patient.
2
17
1,349