Subscribe to MetaCreats
MetaCreatsPudgy Penguins NFT New owner New Roadmap
Pudgy Penguins is a collection of 8,888 NFTs, Embodying empathy & compassion. Pudgy Penguins launched on July 22, 2021. Each penguin is unique. Pudgy Penguins mint for 0.03 ETH, Now the price is 2.67 ETH. https://opensea.io/collection/pudgypenguins The combination of a Pudgy Penguins aesthetics was randomly generated from over 150 hand-drawn traits. For example, 357 Pudgy Penguins have Headbands, but only 58 have a Crown. There are 5 Pudgy Penguins that are known as the rarest and include a P...
MetaCreatsDoodles Genesis Boxes new chance
let's dive into everything that happened at NFT NYC — and where Doodles is going. Doodles is to be one of the world’s leading producers of media and entertainment. With a web3 and community-powered approach, will develop the most joyful content, products, and experiences in the world. building an ecosystem rich in diversity and utility. The deeper you go the more joy you uncover. While the core community OGs+ will continue to and will always have an amplified experience — Doodles will co...
MetaCreatsDeBox-Less Trust More Truth Web3 Social Platform
DeBox is the Web3 social platform based on blockchain DID. Users holding ERC20 tokens and NFTs can join the corresponding groups without permission and form DAO and NFT communities spontaneously. Members can participate deeply in community governance through various features provided by Debox, such as raffles, proposals, voting, etc. Application positioning of DeBox focuses on the underdeveloped but highly demanded relationship-based social platform known as "immediate social." Traffic attrac...
<100 subscribers
MetaCreatsPudgy Penguins NFT New owner New Roadmap
Pudgy Penguins is a collection of 8,888 NFTs, Embodying empathy & compassion. Pudgy Penguins launched on July 22, 2021. Each penguin is unique. Pudgy Penguins mint for 0.03 ETH, Now the price is 2.67 ETH. https://opensea.io/collection/pudgypenguins The combination of a Pudgy Penguins aesthetics was randomly generated from over 150 hand-drawn traits. For example, 357 Pudgy Penguins have Headbands, but only 58 have a Crown. There are 5 Pudgy Penguins that are known as the rarest and include a P...
MetaCreatsDoodles Genesis Boxes new chance
let's dive into everything that happened at NFT NYC — and where Doodles is going. Doodles is to be one of the world’s leading producers of media and entertainment. With a web3 and community-powered approach, will develop the most joyful content, products, and experiences in the world. building an ecosystem rich in diversity and utility. The deeper you go the more joy you uncover. While the core community OGs+ will continue to and will always have an amplified experience — Doodles will co...
MetaCreatsDeBox-Less Trust More Truth Web3 Social Platform
DeBox is the Web3 social platform based on blockchain DID. Users holding ERC20 tokens and NFTs can join the corresponding groups without permission and form DAO and NFT communities spontaneously. Members can participate deeply in community governance through various features provided by Debox, such as raffles, proposals, voting, etc. Application positioning of DeBox focuses on the underdeveloped but highly demanded relationship-based social platform known as "immediate social." Traffic attrac...
Share Dialog
Share Dialog
There has been a lot of buzz recently about Stanford’s exit exam award NFT. There were early reports of the Stanford blockchain research group participating in the layout. Even if you don’t study in it, or are not a partner in the college. All can understand what NFT is and why the current hot NFT is causing a buzz. There is also no shortage of colleges and universities that constantly have books on NFT for lectures, and how these will impact for the future.
Why would anything be willing to spend hundreds of thousands of dollars or millions to buy a picture.What they buy is the bragging rights. They can go around to people and brag and say, ‘Hey, you can download, that’s fine. But I am the owner.’
Cryptocurrencies and Blockchain Technologies
Cryptocurrencies, blockchains, and smart contracts Autumn 2021
The course covers all aspects of blockchains and cryptocurrencies, including distributed consensus, smart contracts, economics, scalability, and applications. We will focus on Bitcoin and Ethereum as case studies.
Course NFT: Students who completed the course received a course NFT
https://opensea.io/collection/stanford-cs-251-nft-autumn-2021
In Lecture 8 and in Section 3 we discussed solidity re-entrency bugs. In this question we will look at an interesting real world example. Consider the following solidity code snippet used in a drop of 16384 NFTs. A user can claim up to twenty NFTs at a time by calling the mintNFT() function on this NFT contract. You may assume that all the internal variables are initialized properly by the constructor (not shown).
$function mintNFT(uint256 numberOfNfts) public payable {require(totalSupply() < 16384, "Sale has already ended");require(numberOfNfts > 0, "numberOfNfts cannot be 0");require(numberOfNfts <= 20, "You may not buy more than 20 NFTs at once");require(totalSupply().add(numberOfNfts) <= 16384, "Exceeds NFT supply");require(getNFTPrice().mul(numberOfNfts) == msg.value, "Value sent is not correct");for (uint i = 0; i < numberOfNfts; i++) {uint mintIndex = totalSupply(); // get number of NFTs issued so far_safeMint(msg.sender, mintIndex); // mint the next one} }function _safeMint(address to, uint256 tokenId) internal virtual {// Mint one NFT and assign it to address(to).require(!_exists(tokenId), "ERC721: token already minted");_data = _mint(to, tokenId); // mint NFT and assign it to address to_totalSupply ++; // increment totalSupply() by oneif (to.isContract()) {// Confirm that NFT was recorded properly by calling// the function onERC721Received() at address(to).// The arguments to the function are not important here.// If onERC721Received is implemented correctly at address(to) then// the function returns _ERC721_RECEIVED if all is well.bytes4 memory retval =IERC721Receiver(to).onERC721Received(to, address(0), tokenId, _data);require(retval == _ERC721_RECEIVED, "NFT Rejected by receiver");} }$
Let’s show that _safeMint is not safe at all (despite its name).
A) Suppose 16370 NFTs were already minted, so that totalSupply() == 16370. Explain how a malicious contract can cause more than 16384 to be minted. What is the maximum number of NFTs that the attacker can cause to be minted? Hint: what happens if onERC721Received at the calling address is malicious? Examine the minting loop carefully and think of re-entrency bugs.
B) Write the code for a malicious Solidity contract that implements your attack from part (a), assuming the current value of totalSupply() is 16370.
C) What single line of Solidity would you add or change in the code on the previous page to prevent your attack? Note that a single transaction should not mint more than 20NFTs
The world’s most coveted NFT,If NFTs Could Change Education.A New Kind of Diploma?NFTs tap into an emerging trend that many students are curious about,they can help build community in a class.
NFTs are also blurring the line between a hobby and an investment. Many collectors grow their collection as a hobby, with no intention of selling or trading away their prized digital possessions.
Disclaimer
The views and opinions expressed by the author are for informational purposes only and do not constitute financial, investment, or other advice. NFA DYOR (Not Financial Advice Do Your Own Research)
MetaCreat
Twitter: https://twitter.com/MetaCreats
Medium: https://medium.com/@MetaCreats
Mirror: https://mirror.xyz/0x2519b80f3c38433a4eB73A5fd0E7bfd122C4D97f
Mirror中文:https://mirror.xyz/0xe327aeEa2b52fCB1e2498b5B0F08a7F425f1e7A7
There has been a lot of buzz recently about Stanford’s exit exam award NFT. There were early reports of the Stanford blockchain research group participating in the layout. Even if you don’t study in it, or are not a partner in the college. All can understand what NFT is and why the current hot NFT is causing a buzz. There is also no shortage of colleges and universities that constantly have books on NFT for lectures, and how these will impact for the future.
Why would anything be willing to spend hundreds of thousands of dollars or millions to buy a picture.What they buy is the bragging rights. They can go around to people and brag and say, ‘Hey, you can download, that’s fine. But I am the owner.’
Cryptocurrencies and Blockchain Technologies
Cryptocurrencies, blockchains, and smart contracts Autumn 2021
The course covers all aspects of blockchains and cryptocurrencies, including distributed consensus, smart contracts, economics, scalability, and applications. We will focus on Bitcoin and Ethereum as case studies.
Course NFT: Students who completed the course received a course NFT
https://opensea.io/collection/stanford-cs-251-nft-autumn-2021
In Lecture 8 and in Section 3 we discussed solidity re-entrency bugs. In this question we will look at an interesting real world example. Consider the following solidity code snippet used in a drop of 16384 NFTs. A user can claim up to twenty NFTs at a time by calling the mintNFT() function on this NFT contract. You may assume that all the internal variables are initialized properly by the constructor (not shown).
$function mintNFT(uint256 numberOfNfts) public payable {require(totalSupply() < 16384, "Sale has already ended");require(numberOfNfts > 0, "numberOfNfts cannot be 0");require(numberOfNfts <= 20, "You may not buy more than 20 NFTs at once");require(totalSupply().add(numberOfNfts) <= 16384, "Exceeds NFT supply");require(getNFTPrice().mul(numberOfNfts) == msg.value, "Value sent is not correct");for (uint i = 0; i < numberOfNfts; i++) {uint mintIndex = totalSupply(); // get number of NFTs issued so far_safeMint(msg.sender, mintIndex); // mint the next one} }function _safeMint(address to, uint256 tokenId) internal virtual {// Mint one NFT and assign it to address(to).require(!_exists(tokenId), "ERC721: token already minted");_data = _mint(to, tokenId); // mint NFT and assign it to address to_totalSupply ++; // increment totalSupply() by oneif (to.isContract()) {// Confirm that NFT was recorded properly by calling// the function onERC721Received() at address(to).// The arguments to the function are not important here.// If onERC721Received is implemented correctly at address(to) then// the function returns _ERC721_RECEIVED if all is well.bytes4 memory retval =IERC721Receiver(to).onERC721Received(to, address(0), tokenId, _data);require(retval == _ERC721_RECEIVED, "NFT Rejected by receiver");} }$
Let’s show that _safeMint is not safe at all (despite its name).
A) Suppose 16370 NFTs were already minted, so that totalSupply() == 16370. Explain how a malicious contract can cause more than 16384 to be minted. What is the maximum number of NFTs that the attacker can cause to be minted? Hint: what happens if onERC721Received at the calling address is malicious? Examine the minting loop carefully and think of re-entrency bugs.
B) Write the code for a malicious Solidity contract that implements your attack from part (a), assuming the current value of totalSupply() is 16370.
C) What single line of Solidity would you add or change in the code on the previous page to prevent your attack? Note that a single transaction should not mint more than 20NFTs
The world’s most coveted NFT,If NFTs Could Change Education.A New Kind of Diploma?NFTs tap into an emerging trend that many students are curious about,they can help build community in a class.
NFTs are also blurring the line between a hobby and an investment. Many collectors grow their collection as a hobby, with no intention of selling or trading away their prized digital possessions.
Disclaimer
The views and opinions expressed by the author are for informational purposes only and do not constitute financial, investment, or other advice. NFA DYOR (Not Financial Advice Do Your Own Research)
MetaCreat
Twitter: https://twitter.com/MetaCreats
Medium: https://medium.com/@MetaCreats
Mirror: https://mirror.xyz/0x2519b80f3c38433a4eB73A5fd0E7bfd122C4D97f
Mirror中文:https://mirror.xyz/0xe327aeEa2b52fCB1e2498b5B0F08a7F425f1e7A7
No comments yet