nl1.frens.click Open in urlscan Pro
192.210.160.137  Public Scan

Form analysis
0 forms found in the DOM

Text Content

 * Home
 * Research
 * Branding
 * Contact



A collection of writeups and other thoughts


HIDING IN PLAIN SIGHT

Most people trust, but how many people verify?
Nov 11, 2021 9 min read


TWO RIGHTS MIGHT MAKE A WRONG

Too much raw fish doesn’t make a better roll of sushi
Aug 17, 2021 8 min read


THE DANGERS OF SURPRISING CODE

The only thing worse than a bug in your code that breaks everything is a bug in
your code that subtly breaks one thing
Aug 13, 2021 7 min read


BOOBY TRAPPING THE ETHEREUM BLOCKCHAIN

This is how an attacker could have hid a ticking time bomb on the Ethereum
blockchain that, when triggered, would hard fork the entire network
May 27, 2021 10 min read


UNCOVERING A FOUR YEAR OLD BUG

What does it take to find a bug? What about one in a contract that's survived
the test of time?
Apr 19, 2021 12 min read


PARADIGM CTF 2021 - SWAP

A guided walkthrough for swap, the hardest challenge in Paradigm CTF 2021
Apr 9, 2021 8 min read


THE BLOCK MINED IN JANUARY, 584942419325

In a consensus protocol, the simplest mistake could have devastating effects.
Mar 30, 2021 4 min read


SO YOU WANT TO USE A PRICE ORACLE

Everything you need to know about price oracles and how to use them safely
Nov 9, 2020 13 min read


CHANGING LANES

A reflection on my transition from Trail of Bits to Paradigm
Oct 9, 2020 2 min read


ESCAPING THE DARK FOREST

On September 15, 2020, a small group of people worked through the night to
rescue over 9.6MM USD from a vulnerable smart contract. This is our story.
Sep 24, 2020 10 min read


AUTHEREUM, MEET PARITY

2017 was fun. Let's never do it again.
Feb 18, 2020 3 min read


TAKING UNDERCOLLATERALIZED LOANS FOR FUN AND FOR PROFIT

Price manipulation, now with 100% more blockchain
Sep 30, 2019 17 min read


THE LIVEPEER SLASHING VULNERABILITY

What happens when good intentions go bad?
Jul 29, 2019 3 min read


THE 0X VULNERABILITY, EXPLAINED

An in-depth look at how 0x's Exchange contract was vulnerable
Jul 13, 2019 5 min read


CONSENSYS CTF - ROP EVM

A second CTF from ConsenSys Diligence. The solution is a blast from the past.
Mar 22, 2019 4 min read


CONSENSYS CTF WRITEUP

A writeup for the ConsenSys CTF "Ethereum Sandbox"
Feb 27, 2019 4 min read


PRIVILEGE ESCALATION ON LEGALROBOT THROUGH TYPE CONFUSION

While bug hunting on LegalRobot, I discovered a privilege escalation bug in
Meteor by abusing JavaScript's weak types.
Oct 31, 2017 4 min read


FINDING MORE RCES IN MATH.JS

I read a great blog post by @CapacitorSet and @denysvitali about discovering a
RCE vulnerability in math.js and thought I'd give it a shot as well.
Apr 8, 2017 8 min read
Page 1 of 1
samczsun © 2024

Powered by Ghost