flacko
@flack00n
Followers
1K
Following
67K
Media
92
Statuses
683
researching blockchain security at @cantinaxyz
Portfolio ➟
Joined October 2019
Even though last, I'm happy to even place on this leaderboard🫡. Even though I was locked in, I couldn't contribute with any meaningful findings. A lot has been learned about the inner workings of Ethereum though.
A landmark moment for @Ethereum security. 🪐. The $2,000,000 Pectra competition, run in collaboration with @ethereumfndn, has officially concluded. Your top-ranked researchers:.🥇 @alexfilippov314 - $342,159.94.🥈 @zigtur - $287,159.95.🥉 NDKoo - $203,733.19. Details follow.
2
0
88
Another top 5 finish on @cantinaxyz 🫡. Managed to max my reputation out with this one too. Pro tip: I discovered half of my bugs while writing tests in an effort to figure out the codebase. So get comfortable with writing tests as soon as possible if you want to progress fast.
8
1
119
First time stepping on the podium at 2nd 🥈 place. feelsgoodman.jpg.
We love a leaderboard. The @SizeCredit results are in! 🪐. Your top 3 ranked researchers are:. 🥇 mt030d : $4,599.78. 🥇 @0x_serial_coder : $4,599.78. 🥈 @flack00n : $4,428.26. 🥉 @0xEkkoo: $171.52. Thank you to everyone that participated! Full leaderboard below.
13
2
90
This guy has the best expertise about securely integrating with LayerZero and you should definitely schedule a review with him. Don't let the "free" word fool you. You'd be surprised.
To demonstrate @burraSec's expertise, we’re offering a free full-day security review/consultation for projects integrating with LayerZero or Arbitrum—whether you’re already deployed or still in development. We’ll thoroughly review:. LayerZero: Configuration (DVNs, Executor, and.
0
0
8
RT @MartinMarchev: Sometimes variable and function names lie. They don’t match the intent of the code, making bugs harder to spot. A tric….
0
5
0
RT @pcaversaccio: TL;DR: A dev machine of Safe was compromised. This allowed access to AWS and their S3 bucket. A malicious JavaScript was….
0
371
0
Hear me out, anon. We need to make sure this one is flawless, because if it's not - everything else is cooked. #cantinapectra.
The next chapter of @ethereum security begins 🪐. Today marks the beginning of a new competition: a comprehensive review of Pectra, in partnership with the @ethereumfndn. 💰 $2,000,000 USDC.📆 Live now - March 24th.🔗 Below
0
0
2
Not bad for a side quest😌. I got 3 reports for the same bug paid by 3 different projects. Write-up soon. Stay tuned.
4
3
102
The CTF announcement itself:.
LIVE CTF happening NOW with +$5K up for grabs on mainnet! 🤑🔥. I just deployed a 1/3 @safe, and guess what? One of the owners is Foundry’s default signer, with a leaked PK 👀👀. But there’s a catch. This Safe is protected by a RestrictedActionsGuard.
0
0
0
I've been wanting to write an article on an interesting topic for a long time now and this CTF seemed like a great candidate for a first one. I hope you enjoy it and learn something✌️.
2
0
3
Yesterday @agfviggiano hosted a live CTF with a $5k bounty up for grabs. The CTF was a Safe wallet with a custom Guard which had only certain targets and actions whitelisted. I got curious about the solutions so I summarized them in an article.
medium.com
… if your private keys get leaked.
7
8
54
I've been wanting to write an article on an interesting topic for a long time now and this CTF seemed like a great candidate for a first one. I hope you enjoy it and learn something✌️.
0
0
1
RT @tinchoabbate: after a weeks-long rabbit-hole into Ethereum 7702 accounts, here's a +1 hour deep dive breaking it down. I go over the E….
0
69
0
RT @joranhonig: TIL "The Wallas model of Creativity". Security research is deeply creative, and today I learned about an incredibly useful….
0
5
0
There is an excellent, decade old article by @immunefi on signatures and their safe usage in Ethereum. You should definitely read thoroughly if you are not familiar with the topic🤌.
medium.com
Everyone who has ever dealt with a blockchain system like Ethereum knows what blockchain consists of, such as blocks, transactions, and…
2
2
45