Posts tagged ethereum

We discuss a novel scheme for preventing (miner) frontrunning in Ethereum.
We do a deep-dive into Parity's multisig bug.
The bug in the Parity multisig wallet that caused the loss of $30M has the same root cause as a bug in the BitGo multisig wallet that I found a year ago.
Bancor just raised $144M through the biggest ICO in history. We describe why their approach is flawed.

Announcing The Town Crier Service

Town Crier is an oracle service for smart contracts.
The Ethereum hard fork is in a few days. Having looked at the proposed hard fork code, I discuss what I believe is the weakest part of the HF code.
Following a hard fork, there will be two chains. In cross-chain replay attacks, one can attack a smart contract by moving transactions from one chain to the other. Post describes a potential attack.
Reentrancy bugs are difficult to catch. This distilled, illustrative example shows how even a diligently-written contract with invariant checks can go wrong.
We describe a general Decentralized Escape Hatch mechanism, suitable for DAOs and other smart contracts.
Our discovery of a DoS vulnerability in Ethereum turns out to be a point of strength and censorship resistence for the currency.
We identify a DoS vulnerability with Ethereum's proposed soft-fork for The DAO, and urge the community to be prepared for attacks, and to speed up the timetable for resolving the hard fork decision.
IC3's resident lawyer-techie discusses why smart contracts need escape hatches and how to implement them.
This post describes how the hacker who took $50+M from The DAO did it.
The DAO was just hacked and a few million ether is missing. Here are my quick thoughts on what this means and where we go from here.
In this post, we examine just how prevalent the recently discovered "unchecked-send" bug is in real, live, deployed Ethereum contracts, with the aid of an automated analysis tool we have developed.
The DAO is under pressure to turn itself into a Ponzi. I explain the "natural-born Ponzi" mechanisms, and call for the community to be on guard for such proposals.
We just published a draft article, urging a moratorium on The DAO until some security patches can be applied.
There was a series of heists at ShapeShift, followed by an offered explanation. That offered explanation has more holes in it than Swiss cheese.