Isaac Patka
@isaacpatka
Followers
2K
Following
2K
Media
56
Statuses
498
@0xshield3 founder | @_SEAL_Org Wargames | Glitch art residency | @operator_______ eng. | @safe Guardian | https://t.co/wA21tO2GDv
New York, USA
Joined September 2019
RT @yosephayele: I've been beating the drums about stablecoins in Africa for years. They've finally hit mainstream in the West!. I'm relea….
0
48
0
RT @_SEAL_Org: We released an updated version of @tayvano_'s guide on what to do if you've been infected by malware, tailored specifically….
docs.google.com
TLP:CLEAR - PUBLIC DISCLOSURE https://securityalliance.org/go/malware IF YOU SUSPECT YOUR COMPUTER HAS BEEN HACKED DO THE FOLLOWING IMMEDIATELY Disconnect your computer from the internet Turn off...
0
57
0
RT @thebensams: This blog is the blockchain team's biggest and most alpha-packed to date. It has tons of guidance for any blockchain org t….
0
8
0
If you know me please trust me on @aboutcircles.
Introducing Circles — an ambitious experiment on money. For the first time ever, you can create your own money without needing a bank or a government. 🧵
1
0
6
Proof of ownership - @isaacpatka is looking to join the Lido Dual Governance Emergency Committee multisig with address 0xA032E9E70c6200b7e51fCdeF15B611fC38833Cc1. Signature:.
0
0
0
Proof of ownership - @isaacpatka is looking to join the Lido Dual Governance Emergency Committee multisig with address 0xA032E9E70c6200b7e51fCdeF15B611fC38833Cc1. {. "address": "0xa032e9e70c6200b7e51fcdef15b611fc38833cc1",. "msg":.
1
0
4
RT @summit_defi: DSS Webinar on OpSec is LIVE! with .• @_iphelix from @blockthreat, and.• @PabloSabbatella & @theSouilos from @opsek_io .Mo….
0
5
0
RT @fredriksvantes: deployed which is hopefully useful for some people who are interacting with multisigs. coverin….
howtomultisig.com
How to securely setup, verify, and use a multisig
0
29
0
RT @pcaversaccio: Alright folks, a new nice update was just shipped to the safe-tx-hashes-util script. Some security councils use so-called….
0
16
0
RT @rahulrumalla: Over the last few days, I have had the pleasure to directly engage with some of the best security folks in the industry f….
0
7
0
Collaborated with @WillPapper a few years back on an L2 queue for multisig transactions - might be time to bring it back.
github.com
An on-chain mempool for Gnosis Safe multi-sig transactions. Built on L2s. - WillPapper/multisig-mempool
So quarterbacking of the safe ui hack leads me to:. Safe transactions must be posted onchain before execution, use L2s for signed proposals and queues to bridge or smth, we have the tech at this point to figure out something. Onchain is better than relying on centralized infra.
1
1
5
RT @storming0x: So DPRK could have targeted any safe wallet with a compromised safe server. They choose max extraction with bybit’s wallet….
0
3
0
RT @AndrewMohawk: @_SEAL_Org @Bybit_Official @benbybit Shout out to @pcaversaccio as always for keeping SEAL911 going. Including seal in….
0
2
0
Any protocols, exchanges, security councils or multisig committees that want to red-team their signing process or brush up on opsec & incident response in general feel free to reach out - isaac@securityalliance.org or fill out the wargames interest form on the SEAL website.
Less than 12 hours ago, the DPRK stole over US$1.5 billion in ETH from @Bybit_Official. This is not the first crypto exchange that DPRK has hacked, and it will not be the last. We've published an advisory for exchanges with recommendations on how to stay safe 🔗⬇️
1
8
28
RT @PabloSabbatella: Another Multisig hacked, this time for 1.4bn. If you are signer for a multisig, it's NOT enough to just use a hardware….
0
13
0
Proud to be representing @0xshield3 on the Security Council and keeping @Scroll_ZKP safe!.
We're excited to launch the Scroll Security Council!. The Security Council is a major step toward decentralization and security for Scroll. 🔗 Read the full blog:
0
0
10
Update - I wasn't clever enough
Nicely done to the winner, looks like it exploits (not really exploits but mis-uses) the gasToken and refundReceiver field to allow the WETH to be sent to custom address, defined by the transaction proposer.
0
0
4