QuillAudits Profile picture
Jul 27 4 tweets 2 min read
SEVEN Questions Blockchain developers and security professionals must ask in advance—🧵

1/ What are the highest impacted areas of code?

2/ How could incident response protocols be affected?

3/ How will vulnerabilities be reported?

4/ How will users be supported to elevate risks?



#cryptocurrecy
5/ How will user permissions be managed, and what kind of interoperability across wallets, chains, etc., should be accounted for?

6/ Is the organization prepared for community-participant governance?

Follow➡️@QuillAudits for the latest #Web3 security updates!


#cybersecurity
7/ How would major changes or forking the chain be handled in case of a breach?

Questions like these are better addressed preemptively rather than in the heat of an incident.

The answers should align with the organization's #cybersecurity governance program.

𝗥𝗧🧵for More!

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with QuillAudits

QuillAudits Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @QuillAudits

Jul 29
⚠️⚠️

On July 28, Solana-based DeFi protocol @nirvana_fi lost $3.5M to a Flash Loan attack.

After the attack, Nirvana’s native token $ANA lost 85% of its value.

Its #stablecoin $NIRV lost 90% of its US dollar value in the process

👇👇
This hack was similar to previous flash loan attacks, such as one on @Crema_Finance ($6M loss).

#Nirvana | #Crypto
In the current scenario,

The hacker used flash loans to manipulate the $ANA price from $8 to $24.

The hackers then siphoned off 3,490,563.69 $USDT after claiming $USDC and $USDT at this inflated price.

#Crypto
Read 4 tweets
Jul 28
📌📌

Decoding #Ethereum Rollups: zk, zkVM, zkEVM

Last week, a trio of @Scroll_ZKP, @0xPolygon, and @zksync announcements had something in common:

Each company implied it would be the “first” to bring a zkEVM to market.

🔽MEGA...🧵👇
TL; DR

➚➚There are several applications for zero-knowledge proof in blockchain scaling and privacy since it can ensure computational integrity, accuracy, and privacy.

➚➚Both zk-SNARK and zk-STARK have advantages, but their combination offers more possibilities.

#ETH Image
➚➚ZkVM provides zero-knowledge proofs for applications, and it can be divided into the mainstream, #EVM, and newly-built instruction sets.

➚➚Equivalence, specification-level compatibility, and EVM compatibility are all types of EVM compatibility.

$ETH $BTC
Read 16 tweets
Jul 27
🥷

This Blog Covers—

✔️What Are #NFT Phishing Scam And Their Types?

✔️How Do NFT Phishing Scams Take Place?

✔️5 Most Infamous Phishing Attacks On #NFTs In 2022

✔️Preventive Measures For NFT Security Issues

🔽MORE↓ ↓
🪡Security threats surfacing the #Web3 ecosystem are throwing off challenges at the monetary level to the crypto and NFT community.

Among all, the phishing link scam is the most well-known and that almost anyone would have faced.

#Ethereum | #Crypto
🪡FIVE Most Infamous Phishing Attacks On NFTs In 2022

‣‣@OpenSea hack - $1.7M

‣‣BAYC hack - $40M

‣‣@Beeple Phishing hack - $438,000

‣‣@SethGreen Phishing link hack - $60k

‣‣@deekaymotion's Phishing Link hack - $150,000

#NFTs | #Crypto | #Ethereum
Read 4 tweets
Jul 27
🧵

The #DAO concept has introduced a new paradigm of business organisation.
SEVEN steps to secure your DAO—
Corporations have previously been restricted to some degree by their borders and corporate governance laws.

DAOs propose the notion of a genuinely global and completely decentralised organisation.

#ETH | #crypto
They have a flat structure in the true sense.

And since smart contracts are self-executing, it eliminates the need for human input to a great extent and enables the democratisation of the corporation.

#cryptocurrency | #Web3
Read 6 tweets
Jul 26
⚠️⚠️

$Teddy Doge developers pull out $4.5M in alleged ‘soft rug pull.’

What is the difference between—

‘Soft Rug Pull’ and ‘Hard Rug Pull’

🔽👇🔽
1/🧵

Rug pulls come in two forms: hard and soft.

Malicious code and liquidity stealing are hard pulls, whereas,

soft pulls refer to dumping an asset.

#cryptocurrecy | #Web3
2/🧵

🪡Hard rug pulls occur when project developers code malicious backdoors into their tokens.

Malicious backdoors are hidden exploits that have been coded into the project’s smart contract by the developers.

#SmartContract | #NFT | #crypto
Read 6 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(