Prastut Kumar

@prastut

Joined on Jun 29, 2019

  • 13th September - Token 2049 Time (GMT +8) Duration Event/Topic Location/Stage Speaker/Details Clashes 7:30 AM - 9:00 AM 1h 30m
     Like  Bookmark
  • Wormhole - an interoperability protocol that allows transferring assets between different blockchains - got exploited for a whopping $325 million! This hack is the 5th biggest heist in the history of Defi industry so far, and hence becomes very important to understand how the hack played out. Why would you use Wormhole? Wormhole is a generic message-passing protocol that helps user transfer assets and information across different blockchains. Say you want to move your USDC from Ethereum to Solana. As there is no way these blockchains can talk with each other, we need a bridge to facilitate the transfer. Enter Wormhole.
     Like  Bookmark
  • On 19th August, 2021 around 12:40 UTC, a hacker attempted to exploit Solend - a decentralized lending protocol. Though the hacker was succesfully able to manipulate core protocol parameters in an attempt to steal funds, the manipulation was quickly detected and stopped by Solend's team. Thankfully no user funds were lost. It would still be valuable to see how the hacker went about executing the failed heist! Why would you use Solend protocol?
     Like  Bookmark
  • On 2nd August 2022 around 11 PM UTC, Solana users started noticing that funds were disappearing from their wallets and took to Twitter to alert the community about the same: SOL and USDC were being directly transferred into hacker's addresses! Speculation began to emerge regarding the potential presence of a critical vulnerability within Solana's core codebase, raising panic about the possible compromise of all Solana user wallets! But as the stolen funds were tallied, it became clear that the vulnerability was affecting only certain wallets and during an ecosystem wide investigation comprising of developers, analytics companies, and security auditors, it appeared that affected addresses were related to Slope Wallet. Let's figure out what really happened in this deep dive.
     Like  Bookmark
  • Solend protocol - a decentralized lending protocol - was affected by price manipulation of $USDH (a stablecoin built by Hubble Protocol) and as a result lost $1.26M of user deposits. Let's figure out how the hacker executed the hiest! Why would you use Solend protocol? Solend Protocol is a decentralised, non-custodial protocol that uses a collection of smart contracts that provides lending and borrowing functions. Users can: lend assets to earn interest.
     Like  Bookmark
  • On October 11th 2022, a team comprising of trader named Avraham Eisenberg manipulated $MNGO token price to drain $115M worth of liquidity from Mango Protocol. Let’s deep dive into how the heist went underway: Why would you use Mango protocol? Mango Markets is Solana's flagship margin trading protocol that provides users with a single venue to lend, borrow, swap, and leverage-trade crypto assets. Margin trading allows traders to use borrowed funds to amplify their returns, but it also comes with increased risk.
     Like  Bookmark
  • Raydium - an AMM based DEX utilizing limit order book to enable trades - got hacked for $4M as hacker was able to get access to private keys for pool owner account. They then simply withdrew liquidity from various liquidity pools on the protocol to their account. Why would you use Raydium protocol? Raydium is essentially a DEX where users can users can swap, trade and provide liquidity to earn yield on digital assets. It's different from other AMM's (like Uniswap v2 inspired DEX's) as it's AMM provides on-chain liquidity to a central limit order book. This design allows for greater capital efficiency.
     Like  Bookmark
  • Nirvana vision is to build an investment protocol for a sustainable store of wealth. It primarily built 2 tokens: $ANA - partially collateralized volatile token $NIRV - a stablecoin pegged to 1 $USD The hacker was able to drain Nirvana's treasury for $3.5 million. Draining this treasury - which acts as collateral to back the value of $ANA and $NIRV - led to their market capitalizing tanking and user's holding either of these tokens combined lost greater than $10M 😭
     Like  Bookmark
  • Crema protocol - a DEX that uses concentrated liquidity - got hacked for $8.8M. Why would you use Crema? Crema helps: Traders with lesser price impact when they swap assets. Liquidity providers with better utilization of the capital supplied.
     Like  Bookmark
  • Planning: 26th she gets free at 6PM. Need a hotel on 26th to sleep. 27th 28th 1st March exit
     Like  Bookmark
  • Jet - a protocol that builds a decentralised lending platform - suffered from a critical vulnerability where a hacker could have siphoned off $25 million! Fortunately, Jayne - a dev in the Solana ecosystem - who happened to be going through the Jet's codebase, found the vulnerability and then privately informed the Jet protocol team about it. The core team promptly redeployed the mainnet program with the bug patched. Nevertheless, it will still be interesting to learn how the hack could have occurred and glean some insights. Why would you use Jet protocol? Jet Protocol is a decentralised, non-custodial protocol that uses a collection of smart contracts that provides lending and borrowing functions.
     Like  Bookmark
  • Beginner guide to CTF's for Solana Ahoy newly minted hacker! This guide will walk you through the basics of playing the CTF's Superteam Security has designed for you to pick up skills to become a web3 auditor. Heist Mission - steal a billion tokens To get you started on your journey to become a badass security auditor, we have prepared a vulnerable contract that contains a billion tokens. If you are able to exploit the contract, a billy will be transferred to your account!
     Like  Bookmark
  • Index Chapter Template Lesson 1: Chapter 1: Prologue Chapter 2: Quick primer on blockchain + smart contract concepts Chapter 3: Introduction to Smartpy Chapter 4: Scaffolding a basic contract in Smartpy Chapter 5: Initializing contract's storage
     Like  Bookmark
  • --- tags: ZCash, Grant Landing --- # Zcash Service Status Dashboard - Proposal 00 ## Overview We believe that the best use of ECC (Electric Coin Company) and ZCash developers mindspace is in focusing on the core protocol and the ecosystem around it and hence it becomes cumbersome to maintain awareness around the truth value of various external services that exist in the ZCash ecosystem. This sheet covers all the different services that exist in the ZCash ecosystem sorted into categories: h
     Like  Bookmark
  • --- tags: ZCash --- Replies to Eran's questions === Hi Eran, Thank you for your indepth feedback! Replying to your questions: ---- ### Q. Will the software be open-source, including the monitoring scripts and the essential instructions for how to install and run them? 1. All code will be open source under MIT license. 2. We will provide in depth installation instructions. --- ### Q. For how long do you commit to running the public web service (under the current 31 ZEC funding request)?
     Like  Bookmark