Last Tuesday’s Scaling Web3 Hackathon with @encodeclub was great! Loved seeing finalists’ project pitches 🎤
Find out more through Encode’s article below!
📣 Big shoutout to all who joined https://t.co/oEc8WBtety challenge at the Scaling Web3 Hackathon by @encodeclub! Your energy & creativity made it a huge success 🚀! We're glad to announce the winners: 🥇Reselll Store, 🥈Fedha․io and 🥉Reign Protocol! Congratulations to all 🎉!
• Study hard.
• What others think of you is none of your business.
• It's OK not to have all the answers.
• Experiment, Fail, Learn and Repeat.
• Knowledge comes from experience.
• Imagination is important.
• Do what interests you the most.
• Stay curious
@xyz_remedy By hashing the message before signing and verifying, you can ensure that the modified s' value will not result in a valid signature for the same message.
@xyz_remedy However, since the group order n is explicitly defined as a constant (uint private constant n = 0xd0d3dc4be6d0d1d91a46b371e;), it is publicly accessible within the bytecode. As a result, an attacker can exploit the malleability issue by modifying the s value in the signature.
@xyz_remedy To fix this malleability issue, you should avoid using the group order n directly in the signature verification process. Instead, use proper techniques such as message hashing to prevent signature malleability.
@xyz_remedy The modInverse function uses the Euclidean algorithm to calculate the inverse of aa modulo m. If aa is 0, the Euclidean algorithm will terminate immediately, and the function will return 0. However, 0 is not the inverse of 0 modulo any number, so this is an incorrect result.
Go!
Challenge your skills in Remedy #spotthebugchallenge and win a prize of 0.2 ETH!
1️⃣ Like this tweet;
2️⃣ retweet it;
3️⃣ identify the vulnerability;
4️⃣ post your solution.
Be the first to submit a correct answer and get your much-deserved reward 🏆.
And don't forget to follow @hexens and @xyz_remedy.
Go!
Challenge your skills in Hexens #spotthebugchallenge and win a prize of 0.1 ETH!
1️⃣ Identify the vulnerability;
2️⃣ post your solution;
3️⃣ like this tweet;
4️⃣ retweet it.
Be the first to submit a correct answer and get your much deserved reward 🏆.
And don't forget to follow @hexens.