<?xml version="1.0" encoding="utf-8"?>
<rss version="2.0" xmlns:dc="http://purl.org/dc/elements/1.1/" xmlns:content="http://purl.org/rss/1.0/modules/content/">
    <channel>
        <title>c1pher</title>
        <link>https://paragraph.com/@c1pher</link>
        <description>Thinking of myself as ser , but yet confirmed it yet.</description>
        <lastBuildDate>Wed, 15 Jul 2026 05:20:37 GMT</lastBuildDate>
        <docs>https://validator.w3.org/feed/docs/rss2.html</docs>
        <generator>https://github.com/jpmonette/feed</generator>
        <language>en</language>
        <copyright>All rights reserved</copyright>
        <item>
            <title><![CDATA[Cross Bow.]]></title>
            <link>https://paragraph.com/@c1pher/cross-bow</link>
            <guid>cczGaW2wYcWC1CWYuwE2</guid>
            <pubDate>Tue, 03 Jun 2025 16:08:16 GMT</pubDate>
            <description><![CDATA[Smart contracts often revert due to some errors in the EVM , the funds will be reverted and returned to the orignal msg.sender ,and remaining gas is also returned in some cases. We got an intresting attack vector using these cases. Becauseof when cross chain transactions occur it losses its atomicity if a call reverts on destination chain the sender chain wouldn’t know . Causing insolvency between chains. Ofcourse There are methods the reslove this .You send tokens from Chain A to Chain B via...]]></description>
            <content:encoded><![CDATA[<p>Smart contracts often revert due to some errors in the EVM , the funds will be reverted and returned to the orignal <code>msg.sender</code> ,and remaining gas is also returned in some cases.</p><p>We got an intresting attack vector using these cases. Because</p><figure float="none" data-type="figure" class="img-center" style="max-width: null;"><img src="https://storage.googleapis.com/papyrus_images/74b568683e0e3abaca00ea13ea23584b43d9558567d69abc8f3d238db1f340b1.webp" alt="" blurdataurl="data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=" nextheight="600" nextwidth="800" class="image-node embed"><figcaption HTMLAttributes="[object Object]" class="hide-figcaption"></figcaption></figure><p>of when cross chain transactions occur it losses its atomicity if a call reverts on destination chain the sender chain wouldn’t know . Causing insolvency between chains. Ofcourse There are methods the reslove this .</p><ul><li><p>You send tokens from Chain A to Chain B via Axelar</p></li><li><p>Axelar <strong>burns your tokens</strong> on Chain A immediately</p></li><li><p>Then tries to execute your contract call on Chain B</p></li><li><p><strong>If Chain B fails</strong> → your tokens are gone forever</p></li></ul><p>To Resolve this edge case we need emit a message know that in the destination chain that the transaction(tx) was reverted and following-ly , If the emitted message is read by the sender chain [chain A] it should revert the transaction.The Destination chain and the sender chain both need to monitor the emits.</p>]]></content:encoded>
            <author>c1pher@newsletter.paragraph.com (c1pher)</author>
        </item>
        <item>
            <title><![CDATA[Meditate.]]></title>
            <link>https://paragraph.com/@c1pher/meditate</link>
            <guid>AHaV830PncYf5bsP3liD</guid>
            <pubDate>Wed, 21 May 2025 04:08:46 GMT</pubDate>
            <description><![CDATA[There’s a vulnerable function i want you to try to find it before you proceed on knowing the answer. It’s rather a very beautiful exploit.function _deposit( address account, uint256 amount, uint256 duration ) private { if (_deposits[account] > 0 &#x26;&#x26; amount > 0 &#x26;&#x26; duration > 0) revert ChangeAmountAndUnlockTimeForExistingAccount(); if (amount > 0) { oneInch.transferFrom(msg.sender, address(this), amount); _deposits[account] += amount; totalDeposits += amount; } uint256 locked...]]></description>
            <content:encoded><![CDATA[<p>There’s a vulnerable function i want you to try to find it before you proceed on knowing the answer. It’s rather a very beautiful exploit.</p><pre data-type="codeBlock" text="function _deposit(
 address account,
 uint256 amount,
 uint256 duration
 ) private {
 if (_deposits[account] &gt; 0 &amp;&amp; amount &gt; 0 &amp;&amp; duration &gt; 0) revert
ChangeAmountAndUnlockTimeForExistingAccount();
 if (amount &gt; 0) {
 oneInch.transferFrom(msg.sender, address(this), amount);
 _deposits[account] += amount;
 totalDeposits += amount;
 }
 uint256 lockedTill = Math.max(_unlockTime[account], block.timestamp) +
duration;
 uint256 lockedPeriod = lockedTill - block.timestamp;
 if (lockedPeriod &lt; MIN_LOCK_PERIOD) revert LockTimeLessMinLock();
 if (lockedPeriod &gt; MAX_LOCK_PERIOD) revert LockTimeMoreMaxLock();
 _unlockTime[account] = lockedTill;
 _mint(account, _balanceAt(_deposits[account], lockedTill) /
_VOTING_POWER_DIVIDER - balanceOf(account));
 }
"><code><span class="hljs-function"><span class="hljs-keyword">function</span> <span class="hljs-title">_deposit</span>(<span class="hljs-params">
 <span class="hljs-keyword">address</span> account,
 <span class="hljs-keyword">uint256</span> amount,
 <span class="hljs-keyword">uint256</span> duration
 </span>) <span class="hljs-title"><span class="hljs-keyword">private</span></span> </span>{
 <span class="hljs-keyword">if</span> (_deposits[account] <span class="hljs-operator">></span> <span class="hljs-number">0</span> <span class="hljs-operator">&#x26;</span><span class="hljs-operator">&#x26;</span> amount <span class="hljs-operator">></span> <span class="hljs-number">0</span> <span class="hljs-operator">&#x26;</span><span class="hljs-operator">&#x26;</span> duration <span class="hljs-operator">></span> <span class="hljs-number">0</span>) <span class="hljs-keyword">revert</span>
ChangeAmountAndUnlockTimeForExistingAccount();
 <span class="hljs-keyword">if</span> (amount <span class="hljs-operator">></span> <span class="hljs-number">0</span>) {
 oneInch.transferFrom(<span class="hljs-built_in">msg</span>.<span class="hljs-built_in">sender</span>, <span class="hljs-keyword">address</span>(<span class="hljs-built_in">this</span>), amount);
 _deposits[account] <span class="hljs-operator">+</span><span class="hljs-operator">=</span> amount;
 totalDeposits <span class="hljs-operator">+</span><span class="hljs-operator">=</span> amount;
 }
 <span class="hljs-keyword">uint256</span> lockedTill <span class="hljs-operator">=</span> Math.<span class="hljs-built_in">max</span>(_unlockTime[account], <span class="hljs-built_in">block</span>.<span class="hljs-built_in">timestamp</span>) <span class="hljs-operator">+</span>
duration;
 <span class="hljs-keyword">uint256</span> lockedPeriod <span class="hljs-operator">=</span> lockedTill <span class="hljs-operator">-</span> <span class="hljs-built_in">block</span>.<span class="hljs-built_in">timestamp</span>;
 <span class="hljs-keyword">if</span> (lockedPeriod <span class="hljs-operator">&#x3C;</span> MIN_LOCK_PERIOD) <span class="hljs-keyword">revert</span> LockTimeLessMinLock();
 <span class="hljs-keyword">if</span> (lockedPeriod <span class="hljs-operator">></span> MAX_LOCK_PERIOD) <span class="hljs-keyword">revert</span> LockTimeMoreMaxLock();
 _unlockTime[account] <span class="hljs-operator">=</span> lockedTill;
 _mint(account, _balanceAt(_deposits[account], lockedTill) <span class="hljs-operator">/</span>
_VOTING_POWER_DIVIDER <span class="hljs-operator">-</span> balanceOf(account));
 }
</code></pre><p><br>The external function calling this</p><pre data-type="codeBlock" text="function depositFor(address _account, uint256 _amount, uint256 _duration) external {
     _deposit(_account, _amount, _duration);
}        
"><code><span class="hljs-function"><span class="hljs-keyword">function</span> <span class="hljs-title">depositFor</span>(<span class="hljs-params"><span class="hljs-keyword">address</span> _account, <span class="hljs-keyword">uint256</span> _amount, <span class="hljs-keyword">uint256</span> _duration</span>) <span class="hljs-title"><span class="hljs-keyword">external</span></span> </span>{
     _deposit(_account, _amount, _duration);
}        
</code></pre><p>Attacker can front run or block a user by <code>withdraw</code> amount . The <code>depositfor</code> allows to set 0 amount in to contract . Because of it attacker can provide the address of an user account and <code>_duration</code> can be set to any lock duration.</p><p>Because of this a user cannot withdraw until the arbitary duration completes, This allows an attacker to front run user deposits . It’s all about how you assume things, This was really easy to find. The more you assume things the more you get .</p><p>Thank you ~</p>]]></content:encoded>
            <author>c1pher@newsletter.paragraph.com (c1pher)</author>
        </item>
        <item>
            <title><![CDATA[Rather Deep.]]></title>
            <link>https://paragraph.com/@c1pher/rather-deep</link>
            <guid>eBZwqGAl4IV2OC36Ywr6</guid>
            <pubDate>Sun, 18 May 2025 19:36:39 GMT</pubDate>
            <description><![CDATA[Compund Finance storage collision Compound Finance is one of the largest Fianace yet . It lets users to deposit their ETH or the acceptable ERC-20 into the contract . Based on the deposited ETH user recieve corresponding amount of cToken. User can redeem their token back by burning the cToken. It also specially integrates the TUSD , this has rather a special functionality , the compound mostly relies on TUSD if user deposits the TUSD the compound Fi mints the cTUSD. Vulnerability Details So t...]]></description>
            <content:encoded><![CDATA[<p><strong>Compund Finance storage collision</strong></p><p>Compound Finance is one of the largest Fianace yet . It lets users to deposit their ETH or the acceptable ERC-20 into the contract . Based on the deposited ETH user recieve corresponding amount of cToken. User can redeem their token back by burning the cToken.</p><p>It also specially integrates the TUSD , this has rather a special functionality , the compound mostly relies on TUSD if user deposits the TUSD the compound Fi mints the cTUSD.</p><p><strong>Vulnerability Details</strong></p><p>So the compund Finance allows TUSD as their underlying asset . TUSD has a special functionality, it has double entry point meaning they both have seperate contract addresses but they rely on one single balance. The primary address is used by Compound.</p><p>In the compund finance there was a function called <code>sweepToken</code> which is useful for the users who have lost their funds in the contract so , they could recover those funds.</p><pre data-type="codeBlock" text="function sweepToken(address _token) external override returns (unit256) {
if (_token == underlyingasset){
revert();
}
uint256 balance = token.balanceof(address(this));
token.transfer(admin, balance);
}
"><code><span class="hljs-function"><span class="hljs-keyword">function</span> <span class="hljs-title">sweepToken</span>(<span class="hljs-params"><span class="hljs-keyword">address</span> _token</span>) <span class="hljs-title"><span class="hljs-keyword">external</span></span> <span class="hljs-title"><span class="hljs-keyword">override</span></span> <span class="hljs-title"><span class="hljs-keyword">returns</span></span> (<span class="hljs-params">unit256</span>) </span>{
<span class="hljs-keyword">if</span> (_token <span class="hljs-operator">=</span><span class="hljs-operator">=</span> underlyingasset){
<span class="hljs-keyword">revert</span>();
}
<span class="hljs-keyword">uint256</span> balance <span class="hljs-operator">=</span> token.balanceof(<span class="hljs-keyword">address</span>(<span class="hljs-built_in">this</span>));
token.<span class="hljs-built_in">transfer</span>(admin, balance);
}
</code></pre><p>What if we provide TUSD primary asset ofcourse it’d fail on <code>revert</code> since it is an underlying asset. If provide the secondary asset on the _token it send all the balance of the TUSD to admins account . The price of cTUSD is based on the balance of the TUSDN in the contract.</p><p>Since the price is zero ‘0’ due to multiplier of token balance in to calculation is zero . Ofcourse there is some calculation of the token. This inconsistent price can advantage of the user.</p><p>A malicious user can swap tokens or Borrow token at high price from the protocol and sell off while performing the attack.</p><p>Thank you!!!</p>]]></content:encoded>
            <author>c1pher@newsletter.paragraph.com (c1pher)</author>
        </item>
    </channel>
</rss>