Ethereum

Live Stream #1 – Auditing Smart Contracts

I will do live security reviews of Ethereum smart contracts and share my approach to auditing on a stream. The live stream is scheduled to start at 3.30 PM GMT on Sunday (22/08/2021). Link: https://www.youtube.com/watch?v=LLiJK_VeAvQ Notes Here are some brief notes that I’ll use as talking points on the stream. A detailed blog post will …

Live Stream #1 – Auditing Smart Contracts Read More »

A peek inside the MISO war room – $350m incident response story

The Bug The DutchAuction smart contract inherits the BoringBatchable utility contract that allows callers to batch different calls together. There is a commitEth function in the auction contract that uses msg.value to know the amount of ETH commited by the user. If the user commits more ETH than the contract’s capacity, the contract refunds the …

A peek inside the MISO war room – $350m incident response story Read More »

Poly Network Hack Analysis – Largest Crypto Hack

On 10th August 2021, Poly Network suffered from a hack that caused a loss of over 600 million dollars. The hack happened across multiple blockchains including Ethereum, Binance Smart Chain, and Polygon. This is the largest crypto hack yet. Poly Network is a Blockchain interoperability project that allows people to send transactions across blockchains. One …

Poly Network Hack Analysis – Largest Crypto Hack Read More »

Solidity tips and tricks to save gas and reduce bytecode size

Solidity is a special language with many little quirks. A lot of things behave differently in Solidity than most other languages as Solidity is created to work on the EVM with its limited feature set. I wrote a blog post with ten tips to save gas in Solidity a few months back and it got a great …

Solidity tips and tricks to save gas and reduce bytecode size Read More »

A dev’s journey from Truffle 4 to the unknown world of Truffle 5

The latest version of Solidity kickstarted a season of upgrades in the BUIDL space. The latest version of solidity essentially meant that all your smart contracts are now broken. It all seemed ok though; just a couple day’s work to get caught up. Then, just before Christmas came Truffle 5 with support for solidity 0.5 and web3 beta, and …

A dev’s journey from Truffle 4 to the unknown world of Truffle 5 Read More »

[Tool] Refactor your solidity 0.4.x code to solidity 0.5.x code

Solidity 0.5.X is here with a lot of features and breaking changes. Making all the changes to your solidity code manually, especially adding the explicitness requirements can be really cumbersome (and boring) for large projects. This is why I decided to make a codemod for Solidity that does most of the work for you. It’s …

[Tool] Refactor your solidity 0.4.x code to solidity 0.5.x code Read More »

Optimal Parity Config for Syncing an Ethereum full node quickly

Syncing an Ethereum full node has become painfully slow as the size of a full node folder has increased to over 130 GB and is continually increasing. Optimizing your configuration can save you hours or even days of sync times. I had to sync a few nodes a couple of weeks back, so I started tuning …

Optimal Parity Config for Syncing an Ethereum full node quickly Read More »

Compile Solidity Smart Contracts Faster in Truffle Projects

The Truffle Suite is the most widely used development framework for Solidity development but it is not perfect. We at Polymath, deal with a large set of smart contracts. The sheer number of smart contracts cause the compilation time to go over 80 seconds on my daily driver. Lucky for us, we can make the compilation go faster. …

Compile Solidity Smart Contracts Faster in Truffle Projects Read More »