HicssGas Optimization Tips
Minimize on-chain dataUse librariesUse ERC1167Turn on the Solidity optimizerUse eventsUse literal instead of computed valuesAvoid to copy arrays in memoryAvoid for-loop over dynamic rangesOptimize order of variable declarationUse eth-gas-reporter
HicssEIP-712: Quick Intro and Use case
https://eips.ethereum.org/EIPS/eip-712 Abstract This is a standard for hashing and signing of typed structured data as opposed to just bytestrings. It includes a theoretical framework for correctness of encoding functions, specification of structured data similar to and compatible with Solidity structs, safe hashing algorithm for instances of those structures, safe inclusion of those instances in the set of signable messages, an extensible mechanism for domain separation, new RPC call eth_sig...
HicssHow Tornado Cash works
Tornado Cash is a coin mixer that you can use to anonymize your Ethereum transactions. Because of the logic of the blockchain, every transaction is public. If you have some ETH on your account, you cannot transfer it anonymously, because anybody can follow your transaction history on the blockchain. Coin mixers, like Tornado Cash, can solve this privacy problem by breaking the on-chain link between the source and the destination address by using ZKP.Deposit:Users deposit the same amount of ET...
Blockchain Developer
HicssGas Optimization Tips
Minimize on-chain dataUse librariesUse ERC1167Turn on the Solidity optimizerUse eventsUse literal instead of computed valuesAvoid to copy arrays in memoryAvoid for-loop over dynamic rangesOptimize order of variable declarationUse eth-gas-reporter
HicssEIP-712: Quick Intro and Use case
https://eips.ethereum.org/EIPS/eip-712 Abstract This is a standard for hashing and signing of typed structured data as opposed to just bytestrings. It includes a theoretical framework for correctness of encoding functions, specification of structured data similar to and compatible with Solidity structs, safe hashing algorithm for instances of those structures, safe inclusion of those instances in the set of signable messages, an extensible mechanism for domain separation, new RPC call eth_sig...
HicssHow Tornado Cash works
Tornado Cash is a coin mixer that you can use to anonymize your Ethereum transactions. Because of the logic of the blockchain, every transaction is public. If you have some ETH on your account, you cannot transfer it anonymously, because anybody can follow your transaction history on the blockchain. Coin mixers, like Tornado Cash, can solve this privacy problem by breaking the on-chain link between the source and the destination address by using ZKP.Deposit:Users deposit the same amount of ET...
Blockchain Developer
Subscribe to Hicss
Subscribe to Hicss
Share Dialog
Share Dialog
<100 subscribers
<100 subscribers
Weak randomness can cause some security issues. The attacker can predict the random number generated to achieve the purpose of the attack.
For example:
In this lottery smart contract, the random number is generated based on the timestamp of the block. The issue that follows is that miners can use the transparent feature of blockchain to exploit the funds in the lottery pools.
How can an attacker exploit it?
Transaction order in the Mempool is mutable. Every transaction may be modified. When a node receives the transaction that runs the function of generating the random number in the contract, the attacker(miner) can predict the “random number“ and send a transaction right away and change its order to the front of the transaction containing the random number generating function. After that, the miner can get all the funds from the lottery pool.
Weak randomness can cause some security issues. The attacker can predict the random number generated to achieve the purpose of the attack.
For example:
In this lottery smart contract, the random number is generated based on the timestamp of the block. The issue that follows is that miners can use the transparent feature of blockchain to exploit the funds in the lottery pools.
How can an attacker exploit it?
Transaction order in the Mempool is mutable. Every transaction may be modified. When a node receives the transaction that runs the function of generating the random number in the contract, the attacker(miner) can predict the “random number“ and send a transaction right away and change its order to the front of the transaction containing the random number generating function. After that, the miner can get all the funds from the lottery pool.
No activity yet