Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
QuillAudits | Road to Devcon 🛬 Profile picture
@quillaudits_ai
Jan 18, 2023 5 tweets 4 min read Read on X
A #flashloan attack on @UpswingFinance resulted in the loss of ~22 ETH (~$35.5K)

The project has appeared inactive since Oct. 2020 and was attacked using price manipulation.

A thread👇 Image
It was a price manipulation attack caused due to the design flaw of the $UPStkn token - the _transfer function of the token.

The attack occurred in three key steps👇 Image
1) the attacker uses 18 swaps to lift $UPStkn's sell pressure. Also, during the swaps, the attacker swaps 1.31 Ether for 136,299.97 UPStkn. Image
2) The attacker transfers zero UPStkn to himself for triggering the internal function releasePressure that further burns the pool's 573,300.39 $UPStkn, which lifts the UPStkn's price.

3) the attacker sells the 136,299.97 UPStkn for 24.877 #Ether at a manipulated price. Image
Follow @QuillAudits to keep yourself updated with web3 security

Check our newly launched rugpull detector QuillCheck bit.ly/QuillCheck

#rugpull #smartcontract #blockchain #Audit #WAGSI

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with QuillAudits | Road to Devcon 🛬

QuillAudits | Road to Devcon 🛬 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @quillaudits_ai

QuillAudits | Road to Devcon 🛬 Profile picture
Mar 7
Discover ERC-404, a game-changing token standard merging ERC-20's divisibility with ERC-721's uniqueness.

Explore how it's reshaping asset representation and interoperability in Ethereum, opening new horizons. 🧵⬇️ Image
1/🧵But what is ERC-404?

ERC-404 emerges as an experimental token standard within @Ethereum, fusing functionalities of ERC-20 & ERC-721 tokens.

This unique standard introduces versatility by enabling ERC-404 tokens to represent both fungible & non-fungible assets
2/🧵How does ERC-404 work? ERC-404 tokens have unique IDs like ERC-721, yet they can be divided into smaller units like ERC-20.

➡️Combination of ERC-20 and ERC-721.
➡️Fractional Ownership of NFTs.
➡️Dynamic Minting and Burning.
Read 11 tweets
QuillAudits | Road to Devcon 🛬 Profile picture
Nov 5, 2022
⚠️⚠️

$625 million worth of cryptocurrencies were stolen from the Ronin Bridge protocol in March 2022 as a result of an attack by hackers.

In June, Harmony One’s Horizon Bridge lost over $100 million in an attack.

🧵👇..
In August, the Nomad Bridge lost another $200 million as a result of an exploited vulnerability in its smart contracts.

Hackers exploited the BSC Token Hub, a cross-chain bridge, on October 6 and drain $570 million.

⬇️⬇️
What are the common in all the above hacks?
They all are blockchain bridge hacks.
Let’s understand how these Bridges are Hacked.

#cybersecurity

⬇️⬇️
Read 10 tweets
QuillAudits | Road to Devcon 🛬 Profile picture
Nov 4, 2022
#WAGSI🛡️
Exploiters minted over 1 Billion in $GALA tokens on BSC & fears caused a 20% drop in GALA.

The problem is caused by a misconfiguration of the @pNetworkDeFi bridge.

#GALA #galatoken #breach

🧵👇 $1B Crypto Hack Fears Spur ...
➡️ Hackers immediately sent the freshly minted GALA to #PancakeSwap.

➡️ The attacker dumped a total of 10.72 billion $GALA and earned a total of 12,977 billion $BNB ($4.4 million) by draining the PancakeSwap pool to zero.

#news #Hack
@pNetworkDeFi stated that a new pGALA token will be created to replace the old compromised one and will be airdropped to those who had pGALA before the pool was drained in the coming days.

#DeFi #cryptocurrecy
Read 4 tweets
QuillAudits | Road to Devcon 🛬 Profile picture
Nov 4, 2022
#WAGSI🛡
A new exploit on the old Opensea contract is being used to steal your NFTs.

⚠ Signing this seemingly innocent transaction could drain your wallet.

Here's a simple breakdown. ⬇⬇
This new exploit dupes the user into signing a transaction, granting the attacker control over the user's proxy contract.

#NFTs #opeansea #artwork
It can steal any NFT that users listed on Opensea before May 2022 (i.e. before Seaport upgrades), primarily through the Wyvern protocol, which grants proxy contracts the ability to withdraw user NFTs.
Read 5 tweets
QuillAudits | Road to Devcon 🛬 Profile picture
Jul 29, 2022
⚠️⚠️

On July 28, Solana-based DeFi protocol @nirvana_fi lost $3.5M to a Flash Loan attack.

After the attack, Nirvana’s native token $ANA lost 85% of its value.

Its #stablecoin $NIRV lost 90% of its US dollar value in the process

👇👇
This hack was similar to previous flash loan attacks, such as one on @Crema_Finance ($6M loss).

#Nirvana | #Crypto
In the current scenario,

The hacker used flash loans to manipulate the $ANA price from $8 to $24.

The hackers then siphoned off 3,490,563.69 $USDT after claiming $USDC and $USDT at this inflated price.

#Crypto
Read 4 tweets
QuillAudits | Road to Devcon 🛬 Profile picture
Jul 28, 2022
📌📌

Decoding #Ethereum Rollups: zk, zkVM, zkEVM

Last week, a trio of @Scroll_ZKP, @0xPolygon, and @zksync announcements had something in common:

Each company implied it would be the “first” to bring a zkEVM to market.

🔽MEGA...🧵👇
TL; DR

➚➚There are several applications for zero-knowledge proof in blockchain scaling and privacy since it can ensure computational integrity, accuracy, and privacy.

➚➚Both zk-SNARK and zk-STARK have advantages, but their combination offers more possibilities.

#ETH
➚➚ZkVM provides zero-knowledge proofs for applications, and it can be divided into the mainstream, #EVM, and newly-built instruction sets.

➚➚Equivalence, specification-level compatibility, and EVM compatibility are all types of EVM compatibility.

$ETH $BTC
Read 16 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us!

Send Email!

:(