Share this page!

SlowMist Profile picture
Twitter logo
Aug 1 6 tweets 3 min read
Week 12 of our "What is Series"🧑‍🎓
What is a DAO???🤔

A #DAO or a Decentralized autonomous organization is governed by code to ensure it's transparent, democratic and not influenced by a central entity.

So how do they work???
DAOs are created using smart contracts, allowing members to vote on initiatives by simply owning tokens of the DAO.

As a result, decisions can be implemented from the ground up, making all transactions transparent and secure once it's broadcast to the blockchain.
So why use a #DAO?

1. Decentralization- Collective decision making
2. Participation - Anyone can join or create proposals
3. Publicity- All votes and transactions are public
4. Community- Working together for a common goal
Use cases

Each DAO was created with their own goals/objectives in mind. It can be anything from deciding trading fees for @Uniswap, simply trying to buy the constitution with @ConstitutionDAO or simply giving out FREE PIZZA with @Pizza_DAO.

The possibilities are endless.
Exploits

DAOs can also be exploited since they’re created using smart contracts. The DAO had an exploit in it's code that lead to the #Ethereum blockchain being forked.

Although incidents like this can't be completely eliminated, they can be greatly reduced with audits.
To learn more about our audits, check out: slowmist.com

Follow us next week in our “What is Series” as we go over what is a #rugpull and how to spot them.

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with SlowMist

SlowMist Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @SlowMist_Team

SlowMist Profile picture
Aug 2
Brief Analysis of Nomad Bridge Exploit
The cross-chain interoperability protocol Nomad Bridge has been hacked, resulting in the unexpected withdrawal of funds. Details are as follows🧵:
1/7 In the Replica contract of Nomad, users can initiate cross-chain transactions through the send function and execute them on the target chain through the process function.
2/7 During process operations, it checks that the user submitted message must belong to an acceptable root via the acceptableRoot function. This root will be set in prove function. Therefore, the user must submit a valid message in order to operate. Image
Read 8 tweets
SlowMist Profile picture
Jul 18
Week 10 of our "What is Series" 🎓
What is a 𝗗eFi???

DeFi or Decentralized finance refers to financial applications that allows users to gain access to financial services without the need for intermediaries such as banks or other financial institutions.

👇
Traditional Finance vs Decentralize Finance

Traditional financial systems rely on a central entity to govern all operations.

Being the middleman, they take a small cut each step of the way. DeFi helps drastically cut down these costs since there is no middle man.
Use Cases
Here are some services in traditional finance and their counterparts in DeFi.

Borrowing & Lending - @AaveAave @compoundfinance
Banking - @MetaMask @phantom @TrustWallet
Exchanges - @Uniswap @SushiSwap @PancakeSwap
Insurance - @NexusMutual @InsurAce_io
Read 8 tweets
SlowMist Profile picture
Jul 17
🚨SlowMist Security Alert🚨

1/ On July 17, premint[.]xyz was attacked by a hacker who planted malicious JS files on the premint[.]xyz website. Spoofing the user into signing the transaction setApprovalForAll(Address,bool) to steal the user's NFT and other assets.
2/ The SlowMist security team reminds users that if you have used the premint[.]xyz platform please check your approval and cancel malicious approvals in time.
3/ etherscan.io/tokenapprovalc…
revoke.cash

Malicious JS files:
s3-redwood-labs-premint-xyz.com/cdn.min.js?v=1…
Read 4 tweets
SlowMist Profile picture
Jul 16
Here’s our weekly recap of incidents this week.

1. @OMNI_xyz Exploit
2. @citizen_finance Attack
3. @Uniswap” Phishing Attack
4. @FreewayFi Coffee Bridge Incident

Details 👇
Event: @OMNI_xyz Exploit

Omni, a decentralized NFT financialization protocol, suffered a Reentrancy attack on Sunday July 10.

Although the project was in beta and no customer funds were lost, the team still lost 1,300 $ETH or $1.43M.

Source:
Event: @citizen_finance Attack

Citizen Finance, a multi chain NFT protocol was attacked on July 11 causing their native token $CiFi to drop more than 50%.

The attacker stole 57k $MATIC, 244 $BNB and 7k $USDC, causing over $90k in losses.
Source:
Read 6 tweets
SlowMist Profile picture
Jul 11
🚨Brief Analysis of @OMNI_xyz Protocol Exploit🚨

On July 10, 2022, OMNI Protocol was the victim of a flash loan attack. We investigated this incident and these are our findings.
1/ The attacker used #doodle NFTs as collateral through the supplyERC721 function, providing them with the corresponding NToken. They then call the borrow function to borrow WETH.
2/(1) Use withdrawERC721 to withdraw the NFT, and follow up with the internal function executeWithdrawERC721 to find that the withdrawal will first burn the NToken through the burn function.
Read 11 tweets
SlowMist Profile picture
Jul 9
Here’s some on 𝙎cams, 𝙀xploits, & 𝙍ugs that happened this week.

1. British Army Social Media Hack
2. @Crema_Finance Incident
3. New scam techniques

It’s a good thing when there isn’t much to report on events like this. 😅

Details 👇
Date: July 3
Event: British Army's Social Media hack

The British Army's Twitter and YouTube accounts were hacked to promote crypto scams. Scammers are now targeting accounts with a large following to make their scams appear more legitimate.

Source:
Date: July 3
Event: @Crema_Finance Flashloan Attack

Crema Finance suffered from a flashloan attack, leading to losses over $8M. After a lengthy negotiation, the hacker received 45,455 SOL as white hat bounty and returned the remaining funds.

Source:
Read 5 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(