samczsun
  • Home
  • Branding
  • Contact

samczsun

So you want to use a price oracle

So you want to use a price oracle

Everything you need to know about price oracles and how to use them safely

  • samczsun
    samczsun
samczsun 9 Nov 2020 • 13 min read
Changing Lanes

Changing Lanes

A reflection on my transition from Trail of Bits to Paradigm

  • samczsun
    samczsun
samczsun 9 Oct 2020 • 2 min read
Escaping the Dark Forest

Escaping the Dark Forest

On September 15, 2020, a small group of people worked through the night to rescue over 9.6MM USD from a vulnerable smart contract. This is our story.

  • samczsun
    samczsun
samczsun 24 Sep 2020 • 10 min read

Authereum, meet Parity

2017 was fun. Let's never do it again.

  • samczsun
    samczsun
samczsun 18 Feb 2020 • 3 min read

Taking undercollateralized loans for fun and for profit

Price manipulation, now with 100% more blockchain

  • samczsun
    samczsun
samczsun 30 Sep 2019 • 17 min read

The Livepeer slashing vulnerability

What happens when good intentions go bad?

  • samczsun
    samczsun
samczsun 29 Jul 2019 • 3 min read

The 0x vulnerability, explained

An in-depth look at how 0x's Exchange contract was vulnerable

  • samczsun
    samczsun
samczsun 13 Jul 2019 • 5 min read

ConsenSys CTF - Rop EVM

A second CTF from ConsenSys Diligence. The solution is a blast from the past.

  • samczsun
    samczsun
samczsun 22 Mar 2019 • 4 min read

ConsenSys CTF Writeup

A writeup for the ConsenSys CTF "Ethereum Sandbox"

  • samczsun
    samczsun
samczsun 27 Feb 2019 • 4 min read

Privilege Escalation on LegalRobot through Type Confusion

While bug hunting on LegalRobot, I discovered a privilege escalation bug in Meteor by abusing JavaScript's weak types.

  • samczsun
    samczsun
samczsun 31 Oct 2017 • 4 min read

Finding more RCEs in math.js

I read a great blog post by @CapacitorSet and @denysvitali about discovering a RCE vulnerability in math.js and thought I'd give it a shot as well.

  • samczsun
    samczsun
samczsun 8 Apr 2017 • 8 min read
samczsun
  • Home
  • Branding
  • Contact
samczsun © 2021
Latest Posts Twitter Ghost