PWNINGHow to Steal $100M from Flawless Smart Contracts
My blockchains adventure continues! This time I protected Moonbeam network by disclosing a critical design flaw, safeguarding more than $100M assets at risk in various DeFi projects. I was awarded the maximum reward amount of their bug bounty program on Immunefi, $1M, and $50k bonus from Moonwell (I guess that’s also one of the top 10 highest bug bounties?)Delegatecall and Native ContractsAfter reporting the bug in Aurora engine, I started to think about the other potential misuses of delegat...
PWNINGCould Wrapped Tokens Like WETH Be (forced) Insolvent?
People are joking around the seeming depegging of WETH. The wrapped ETH token contract, the most simple and fundamental contract in the Ethereum ecosystem, is used in almost every DeFi protocol. If the depegging happens, the empire of Ethereum will collapse. Trust me, the depegging of WETH is the last thing you should worry about in Ethereum. Because when that happens, both your ETH and WETH would be worthless. Will we see the doomsday of Ethereum? What if a catastrophic vulnerability is disc...
PWNINGHow did I Save 70000 ETH and Win 6 Million Bug Bounty
Hi! I am pwning.eth, a wanderer in the hacking space who has recently jumped into the wonderland of crypto. A few months ago, I reported a critical bug in the Aurora Engine, a layer 2 EVM solution built on the NEAR protocol. At least 70000 ETH were at risk of being stolen, until I found the tricky vulnerability and helped the Aurora team fix it. It would be in the top 5 heists in the defi history, if the 200 million tokens were taken over by a blackhat hacker. In the end, I won a bug bounty o...
the newest pwn star on the block(chain)!
PWNINGHow to Steal $100M from Flawless Smart Contracts
My blockchains adventure continues! This time I protected Moonbeam network by disclosing a critical design flaw, safeguarding more than $100M assets at risk in various DeFi projects. I was awarded the maximum reward amount of their bug bounty program on Immunefi, $1M, and $50k bonus from Moonwell (I guess that’s also one of the top 10 highest bug bounties?)Delegatecall and Native ContractsAfter reporting the bug in Aurora engine, I started to think about the other potential misuses of delegat...
PWNINGCould Wrapped Tokens Like WETH Be (forced) Insolvent?
People are joking around the seeming depegging of WETH. The wrapped ETH token contract, the most simple and fundamental contract in the Ethereum ecosystem, is used in almost every DeFi protocol. If the depegging happens, the empire of Ethereum will collapse. Trust me, the depegging of WETH is the last thing you should worry about in Ethereum. Because when that happens, both your ETH and WETH would be worthless. Will we see the doomsday of Ethereum? What if a catastrophic vulnerability is disc...
PWNINGHow did I Save 70000 ETH and Win 6 Million Bug Bounty
Hi! I am pwning.eth, a wanderer in the hacking space who has recently jumped into the wonderland of crypto. A few months ago, I reported a critical bug in the Aurora Engine, a layer 2 EVM solution built on the NEAR protocol. At least 70000 ETH were at risk of being stolen, until I found the tricky vulnerability and helped the Aurora team fix it. It would be in the top 5 heists in the defi history, if the 200 million tokens were taken over by a blackhat hacker. In the end, I won a bug bounty o...
the newest pwn star on the block(chain)!
Subscribe to PWNING
Subscribe to PWNING
Share Dialog
Share Dialog
<100 subscribers
<100 subscribers
Hi! I am pwning.eth, follow me @PwningEth and start our great journey in web3!
Hi! I am pwning.eth, follow me @PwningEth and start our great journey in web3!
No activity yet