@SecurityBotNFT Founder | Software Engineer @jpgstoreNFT | @snekcoinada team | Contact me: josh@securitybot.info | All views are my own
Aug 24, 2023 • 18 tweets • 4 min read
Tons of people use $ADA to interact with smart contracts every single day. But most of them have no idea how those smart contracts actually work.
Let's take a look at how smart contracts are executed on Cardano 🧵
First, some important context:
On Cardano, as you may know, there is no need to request permission to send someone's address assets. However, to move assets from an address, the address owner must provide an approval, usually in the form of a signature.
So how does an SC work?
Aug 20, 2023 • 12 tweets • 4 min read
The best part about #Cardano is that truly anyone can contribute...
I found an unexpected behavior on the blockchain that could've led to smart contract exploits and killed NFTs 🤯
Here's how I, a 21 year old college student, helped change the Cardano ledger 🧵
TL;DR
According to the ledger specification, zero quantity assets are allowed on Cardano.
Due to a discrepancy between how the data is stored on disk and in memory, this meant I could...
- "Mint" assets on a policy I don't own
- Execute contracts with assets I don't "own"
Jun 26, 2022 • 17 tweets • 4 min read
So, the @UglybrosNFT Discord server was breached this morning at about 2 AM EDT.
Here's a post-mortem on what happened 🧵
Important Note:
The Discord has been secured. Serge and his team were amazing and did all the right things to recover their Discord, I helped out a little where they needed it, but they did it mostly on their own. 👏 to them for handling with such professionalism