Blockchain Security Academy - Sherlock USSD Smart Contract Auditing Contest

Johnny Time

auditing contest blockchain security code4rena hacking sherlock smart contract audit smart contract auditing smart contract auditing contest smart contract hacking smart contract security solidity solidity hacking solidity security

description

Join the Blockchain Security Academy, GET 100$ Discount on the Smart Contract Hacking Course: https://johnnytime.xyz/smart-contract-hacker

Explore the RECENT audit contest hosted by @sherlock and gain valuable insights from the findings.

🔎 Dive into the recording of a live session held in the Blockchain Security Academy Discord community!

In this captivating video, we delve into the recent USSD Auditing contest hosted by Sherlock last week:

💡 By participating in contests like the USSD Auditing contest, we can sharpen our expertise and contribute to the overall safety of the blockchain ecosystem.

🔍 As we review the codebase and discuss my findings, we share valuable tips and insights to enhance our smart contract auditing process. Whether you're involved in private audits or public auditing contests, this video offers a unique opportunity to learn and improve your skills as an auditor.

🎓 Stay tuned till the end, where I answer questions raised by students in the smart contract hacking course community.

Don't miss out on this exciting chance to level up your smart contract auditing skills! Watch now and join the discussion. 🎥💪

Links:

Sherlock Auditing Contests: https://app.sherlock.xyz/audits/contests

USSD Contest Findings: https://github.com/sherlock-audit/2023-05-USSD-judging/issues

Johnny's USSD Contest Findings: https://github.com/sherlock-audit/2023-05-USSD-judging/issues?q=is%3Aissue+is%3Aopen+johnnytime

Lead Watson (WATCHPUG) USSD Contest Findings: https://github.com/sherlock-audit/2023-05-USSD-judging/issues?q=is%3Aissue+is%3Aopen+WATCHPUG+

Follow on Twitter: https://twitter.com/RealJohnnyTime

Connect with me on LinkedIn: https://www.linkedin.com/in/johnnytime/

Timestamps:

00:00 Intro 01:50 The USSD Contest 08:50 The Codebase 13:45 Issues That I Didn't Report 22:40 Issue 1 - Access Control 27:08 Issue 2 - Swap Parameters 30:48 Tip - How to Write The Report 32:20 Issue 3 - Oracle Settings 36:28 Tip - Use ChatGPT3 41:06 Issue 4 - Sneaky Admin Rug 47:25 Issue 5 - No path validation 49:20 Issue 6 - Rebalancing Exploitation 01:01:20 Q&A and Summary

⚠️ #smartcontracts #hacking #solidity #sherlock #auditingcontest #contest #auditing #code4rena #howtoaudit #security #hacks #web3 #solidity #vulnerability

The content in any of Johnny's Youtube videos shall not be construed as tax, legal, insurance, construction, engineering, health & safety, electrical, financial advice, or other & may be outdated or inaccurate; it is your responsibility to verify all information. I do not provide personal investment advice and I am not a registered investment advisor. I am just sharing my knowledge and my findings. ⚠️

Music By Yoad Ronen: https://soundcloud.com/yoad-ronen

Until next time, JohnnyTime ... https://www.youtube.com/watch?v=RRZt1j0rRnA

created

2023-06-01

staked

0.0 LBC

license

Copyrighted (contact publisher)

File size

442087381 Bytes