Olivia
Online
Blackscale
@blackscale_
⚓ solidity super c̶o̶d̶e̶r̶ auditor
Joined March 2018
832 Following
82 Followers
439 Posts
Reproduce ZKP vulnerabilities. This repo includes 89 vulnerabilities in the following DSLs:
I’d appreciate a retweet, spread the knowledge 🫡
https://t.co/ZpG3py479h
lots of vibe coders are going to learn the difference between authentication and authorization
it's not a fun thing to learn the hard way
PSA: Please don't fork Aave's codebase and launch it on a new chain. You are very likely to get hacked if you do.
It can look very tempting: there's a new chain, and you see that no lending market is available. Fork Aave, onboard all the top assets, set whatever risk parameters you want, launch a governance token, profit $$$.
However, building a lending market is hard. Forking and working with Aave's codebase is even harder if you don't have the right experience. Teams vastly underestimate the complexity of maintaining and securing a lending protocol.
I'm pretty confident there are blackhats specifically targeting Aave forks. Don't get rekt 🫡
Web3Sec is tough as FCUK.
Most beginners quit.
90%-99% joining every year, QUIT.
Remind yourself of this fact whenever necessary.
And then, double down and grind on.
Bugs dont find themselves...
This is *not* an April Fool's joke.
👊
Who to follow
gm Ethereum ☀️
It is our great honor to announce the mainnet launch of Privacy Pools!
ETH users can now achieve on-chain privacy, while still dissociating from illicit funds
It is now up to all of us to Make Privacy Normal Again 🫡
More info in this thread 👇
👿 MCP is all fun, until you add this one malicious MCP server and forget about it.
We have discovered a critical flaw in the widely-used Model Context Protocol (MCP) that enables a new form of LLM attack we term 'Tool Poisoning'.
Leaks SSH key, API keys, etc.
Details below 👇
Hardhat 3 adds stack traces to your Solidity tests experience, and the paths are clickable! ✌️👷
Check out the alpha release https://t.co/TkXQrbvYPs
You don’t need to be a genius to be a great security researcher. You need a sharp eye, relentless curiosity, and the patience to dig deeper than others.
Lots of bugs in smart contracts don’t come from complex math. They come from confusion.
Confusion starts with poor naming.
Clear naming = easier audits, fewer bugs and faster dev speed.
‘Meaningful names’ is the first chapter in Uncle Bob’s classic Clean Code for a reason.
I'm looking for an API that I can call `/onramp?address=0x1234&chain=1&applePayPaymentInfo=...`. User Pays Apple Pay, gets paid stablecoin. Headless, no KYC for <$500 lifetime value of the user. Acceptance rate >60-70% (hard with crypto :/). Who's building this?
🚨 There are some crazy threat actors lurking among us
This guy “Nick” has a year+ persona, is hanging out in the infamous ethsec tg, and has multiple long-running dms open with multiple (legit) security researchers.
If you opened his “PDF” pls turn off your computer NOW.
Meet Nick Franklin @0xNickLFranklin - Blockchain Security Engineer…. or RGB operative hacking for DPRK? Seemingly this guy has had the entire industry fooled for years.
For those asking which protocol to shadow audit or if they can practice on a previous codebase I’ve audited, you should focus on the highest-quality codebases to understand what secure code looks like. 🫡
Native Rust 🦀:
https://t.co/e6TaMhwZpj
Anchor⚓️:
https://t.co/BPmlJuYHAs
I’m addicted to learning because the right information can change your life.
Auditing Perpetuals ? Checkout this reports
- https://t.co/ykA7mUNMsO
- https://t.co/WdQzC9eMKN
- https://t.co/5hdnGK7i6X
- https://t.co/7Mzcf1aZdX
- https://t.co/FrhSquYD1B
If you're a Solidity dev looking to level up
(and not get roasted in audit reports 😅),
take 10 minutes to read through this.
You will be glad you did! 🤝
-- https://t.co/Fptvrldxj5
--@RareSkills_io
Tests written in Solidity alongside good ol’ Solidity stack traces 👷♂️
Check out the Hardhat 3 alpha https://t.co/TkXQrbvYPs
I made a regex visualizer/debugger which lets you visually understand the finite state machine representation of a regular expression
And added gratuitous explosions and particle effects of course
Made with Zig + sokol
Cross-chain reentrancy with example: https://t.co/g90JgbYPDc
FFmpeg makes extensive use of hand-written assembly code for huge (10-50x) speed increases and so we are providing assembly lessons to teach a new generation of assembly language programmers.
Learn more here:
https://t.co/u6MKBb3Xbk
Most Popular Users
Elon Musk 
@elonmusk
240.5M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.4M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.5M followers
Taylor Swift
@taylorswift13
81.4M followers
Lady Gaga
@ladygaga
72.9M followers
Kim Kardashian
@kimkardashian
69.7M followers
Virat Kohli
@imvkohli
69.7M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.8M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.6M followers