samczsun

Uncovering a Four Year Old Bug

What does it take to find a bug? What about one in a contract that's survived the test of time?

A guided walkthrough for swap, the hardest challenge in Paradigm CTF 2021

In a consensus protocol, the simplest mistake could have devastating effects.

Everything you need to know about price oracles and how to use them safely

A reflection on my transition from Trail of Bits to Paradigm

On September 15, 2020, a small group of people worked through the night to rescue over 9.6MM USD from a vulnerable smart contract. This is our story.

2017 was fun. Let's never do it again.

Price manipulation, now with 100% more blockchain

What happens when good intentions go bad?

An in-depth look at how 0x's Exchange contract was vulnerable

A second CTF from ConsenSys Diligence. The solution is a blast from the past.

A writeup for the ConsenSys CTF "Ethereum Sandbox"

While bug hunting on LegalRobot, I discovered a privilege escalation bug in Meteor by abusing JavaScript's weak types.

I read a great blog post by @CapacitorSet and @denysvitali about discovering a RCE vulnerability in math.js and thought I'd give it a shot as well.