Spearbit dao Spearbit dao Explained What is Spearbit Dao Spearbit DAO payments Spearbit DAO Audits Spearbit DAO Salary How to apply Spearbit DAO smart contract hacking smart contract hacking course smart contract hacking exercises Smart Contract Auditing Smart Contract Auditing contest Smart Contract security web3 hacking web3 auditing web3 security ... https://www.youtube.com/watch?v=76mR6I7-sOU
Patreon:
https://www.patreon.com/JohnnyTime
BUSD Tip Jar:
0xFf3d275BB50bB677Ea1f117730B68Cf42651a60f
In this video, I explain what is 1inch, what are DEX aggregators, and how it works.
I also explain the value of 1inch token and why I'm very bullish on it.
1Inch is THE MOST EFFICIENT DEFI AGGREGATOR.
Using 1Inch you can access the most liquidity, lowest slippage, and best exchange rates across Ethereum, Binance Smart Chain, and Polygon.
___________________________________________________________
Useful links:
1Inch:
https://app.1inch.io/
___________________________________________________________
___________________________________________________________
Time Stamps:
00:00 Intro
00:28 What Is 1Inch
01:35 1Inch And PancakeSwap Example
03:30 The 1Inch Token
05:05 1Inch Governance
05:30 Providing Liquidity
06:50 Summary
___________________________________________________________
Communities & Social Media:
Discord:
https://johnnytime.finance/discord
Twitter:
https://twitter.com/RealJohnnyTime
Instagram:
https://www.instagram.com/johnnytime.eth
___________________________________________________________
⚠️⚠️⚠️ #1inch #aggregator #dex #Stocks #Investing #Crypto #DEFI #Markets ⚠️⚠️⚠️
The content in any of Johnny's Youtube videos shall not be construed as tax, legal, insurance, construction, engineering, health & safety, electrical, financial advice, or other & may be outdated or inaccurate; it is your responsibility to verify all information.
___________________________________________________________
Until next time,
Johnny Time
...
https://www.youtube.com/watch?v=2GPk50TATl8
In this video, we delve into a critical vulnerability involving unbounded loops in solidity smart contracts.
Unbounded loops can lead to denial-of-service (DoS) attacks and gas consumption issues in your smart contracts.
We'll explain this vulnerability in detail and share effective mitigation strategies.
Watch the full livestream:
https://www.youtube.com/watch?v=W2UMx6nK0VE
Become a Certified Smart Contract Auditor:
https://johnnytime.xyz/smart-contract-hacker
? What are unbounded loops, and why are they a concern in Solidity? We break down the concepts and explore the impact of Ethereum gas and block.gasLimit on your smart contracts.
?️ We'll also analyze a code snippet that distributes rewards to contest winners, showcasing the potential gas consumption problem when handling large arrays.
? How can you mitigate this issue? Learn about optimizing loops and adopting a pull-over-push methodology to enhance the efficiency of your smart contracts.
? Ready to take your blockchain security skills to the next level? Join our Smart Contract Hacking Course, where you'll gain expertise in identifying vulnerabilities, smart contract auditing, and more. Become a certified smart contract hacker and join our exclusive community of like-minded learners on an exciting journey into blockchain security.
Enroll now and secure your future in the world of blockchain security!
https://johnnytime.xyz/smart-contract-hacker
...
https://www.youtube.com/watch?v=03kH6sPzoVg
Patreon:
https://www.patreon.com/JohnnyTime
BUSD Tip Jar:
0xFf3d275BB50bB677Ea1f117730B68Cf42651a60f
5 days ago the Chef Rabbit Doge and the PancakeSwap team created a first public sale of 10,000 unique PancakwSquad NFTs. The sale was successful and after 10 seconds all the NFTs have been bought for 300$ each buy different wallets and users.
The next day, the Chef Rabbit Doge (from the PancakeSwap team), announced in his Twitter account that there is a secret easter egg inside the PancakeSquad NFTs, and the one who finds it will get a gift.
I was excited about it because I love those kinds of CTF's (Capture The Flag) challenges, and I start looking at the PacnakwSwap NFTs in order to find the easter egg.
First I looked on the website itself, and I couldn't find anything.
The next step was to look at the blockchain itself through bscscan.
I analyzed 2 smart contracts (PancakeSquad contract and NFTSale contract), I looked at the code and the first transactions that were sent by the deployer, but again, I couldn't find anything.
Then, I thought that the answer might be on the resources themselves (NFT Data and pictures), so using python I scraped all the NFTs JSON files and I downloaded all the pictures, but it was a lot of work to manually check them one by one.
I was able to directory list the folder inside the IPFS and then I found a different picture named "MissingNO.png".
When I opened the image in a text editor I was able to find encoded reversed message inside a huge PancakeSwap ASCI art ;)
After fixing the test you can find a story that contains a seed phrase that gives you access to a wallet that contains the last missing NFT (The gift was a PancakeSquad unique NFT).
I enjoyed a lot the challenge and learned a lot of new things, I decided to make this guide and share my experience with you guys so you can learn as well.
___________________________________________________________
Links:
PancakeSwap:
https://pancakeswap.finance/
Chef Rabbit Doge Twitter:
https://twitter.com/chefrabbitdoge
PancakeSquad Smart Contract:
https://bscscan.com/address/0x0a8901b0E25DEb55A87524f0cC164E9644020EBA
NFTSale Smart Contract:
https://bscscan.com/address/0x29fE7148636b7Ae0b1E53777b28dfbaA9327af8E
Open IPFS links as HTTPS:
https://docs.ipfs.io/how-to/address-ipfs-on-web/
The Hidden Image:
https://ipfs.io/ipfs/QmaYTLuEoP35NcBKLsyPMzwDpebbZWukdEkzeGV9fVcUCt/MissingNO.png
The Wallet That Contained The Easter Egg:
https://bscscan.com/address/0x774b4277a08d4e5c6089d918c5355700d2cee1b5
___________________________________________________________
___________________________________________________________
Related Videos:
PancakeSwap Getting Started Guide:
https://www.youtube.com/watch?v=PG3Ho9gYqMc
What Is PancakeSwap:
https://www.youtube.com/watch?v=kYLknjBMR
...
https://www.youtube.com/watch?v=MaNUsBunU3U
Getting Started with Immunefi eBTC $200,000 Boost
Today, we're diving deep into the Immunefi eBTC (BadgerDao) $200,000 Boost opportunity!
Links:
eBTC boost on Immunefi:
https://immunefi.com/bounty/ebtc-boost/
eBTC Cheatsheet:
https://gist.github.com/GalloDaSballo/7b060bb97de09c539ec64c533dd352c6
eBTC Playlist:
https://www.youtube.com/watch?v=0Q6W3STQQCc&list=PLM6E5kYOSJZz83IGFFlsOtrCV7nScN-a9&index=1
eBTC Known Issues:
https://gist.github.com/GalloDaSballo/a0f9766bf7bac391f49d2d167e947de0
eBTC Most Recent Pull Request:
https://github.com/ebtc-protocol/ebtc/pull/766
eBTC Docs:
https://docs.ebtc.finance/ebtc/overview/introduction
eBTC Testnet dApp:
https://www.ebtc.finance/
Liquity Protocol:
https://www.liquity.org/
eBTC Pre Code4Rena Audit Session:
https://www.youtube.com/watch?v=QWIB4avTkt4
In this guide, we'll explore everything you need to know before delving into this amazing boost. From understanding what Immunefi boosts are to grasping the terms and protocols of the eBTC Boost, we've got you covered.
We will explain the eBTC protocol architecture form opening CDPs, to redemptions and liquidations.
We will cover the main smart contracts of the eBTC protocol and learn about previous audits conducted to enhance its security.
Stick around till the end because I'll be sharing potential attack vectors and pro tips to maximize your participation in this boost!
Immunefi boosts, much like auditing contests, operate within a time frame, and participants receive invaluable project support directly from the eBTC team via a private Discord channel. Plus, there's a custom leaderboard and quick triage response time, ensuring an engaging and rewarding experience.
The eBTC protocol, residing on the Ethereum network, offers exciting opportunities for Bitcoin holders to earn yield and conduct token swaps with minimal gas fees. Unlike WBTC, eBTC has a decentralized approach.
We'll delve into collateralization, borrowing, and the dynamics of the eBTC system. we will talk about the functionalities added on top of the battle-tested Liquity protocol.
Hit the like button, subscribe to my channel, and let's dive into the world of Web3 security together. Stay tuned for more exciting content, and as always, happy hacking!
Timestamps
00:00 Intro
01:14 What is Immunefi Boost
02:10 eBTC $200,000 Boost
02:47 What is eBTC
06:30 What are CDPs
08:00 How eBTC Works
11:24 Oracles & Price Feeds
12:42 stETH Redemptionns
15:15 Liquidations
17:52 Revocery Mode & Grace Period
20:00 Flash Loans & Flash Mints
21:05 Delegations & Position Managers
22:15 Smart Contracts Overview
30:07 Previous Audits
32:23 Potential Attack Vectors
36:17 Tips & Ideas to Get Started
45:12 Summary
...
https://www.youtube.com/watch?v=f2numPMZFSI
Check out our last chat with MiloTruck where he spills the beans about going from Code4rena to diving into private smart contract audits. He shares his experience, mentioning upcoming gigs and a bit of a hiccup due to scheduling.
MiloTruck gives a shoutout to Code4rrena for hooking him up with a private audit opportunity. MiloTruck's audit reports? They speak for themselves, so give 'em a read and be wowed!
His audit reports are highly recommended to read for their informative content. Give them a read and you'll certainly derive some takeaways for your progress.
...
https://www.youtube.com/watch?v=9JsX4dqHa_M
Easily Report this Gas Optimization Trick in Auditing contests
Learn Smart Contract Hacking:
https://johnnytime.xyz/smart-contract-hacker
Watch The Full Stream:
https://www.youtube.com/watch?v=C-GRDhA9B9U
- We'll investigate the nuances of return statements within solidity functions. Discover how the presence of return-named variables can impact gas consumption.
- Efficient Definitions: Unnecessary variable definitions can bloat your gas costs.
- Leveraging Named Returns: Learn about the utility of named returns and their capacity to minimize gas overhead.
...
https://www.youtube.com/watch?v=aauHaF_EC1k
In today's video, we will solve together the 3rd Damn Vulnerable DeFi V3 smart contract hacking challenge, "Truster".
The Challenge:
https://www.damnvulnerabledefi.xyz/challenges/truster/
Become a Certified Smart Contract Hacker:
https://johnnytime.xyz/smart-contract-hacker
Damn Vulnerable DeFi V3 Videos and Solutions:
https://www.youtube.com/playlist?list=PLKXasCp8iWpiKdsSR18XdAyDeYlYzMG00
I will walk you through how to hack the "Truster" contract step by step. The challenge involves manipulating the contract to exploit its vulnerabilities and steal tokens.
In this challenge we will exploit a pool contract that offers flash loans.
Flash Loan: Borrowing assets with no upfront collateral, but you've got to repay within the same transaction. This is all thanks to smart contracts.
- You'll exploit a flash loan and grab all the tokens.
- Dig into the contract; focus on the flash loan function.
- We will craft a malicious contract named TrusterAttacker with an attack function.
- This function orchestrates the vulnerability exploit in the pool contract.
- We will test our exploit using truster.challenge.js.
- We will deploy our attacker contract and execute the attack.
If you're interested in smart contract security and want to understand how vulnerabilities can be exploited, this tutorial provides a straightforward breakdown of the process, alternatively, check out the complete smart contract hacking course:
https://smartcontractshacking.com/
...
https://www.youtube.com/watch?v=CMRaTqjLUfc
Patreon:
https://www.patreon.com/JohnnyTime
BUSD Tip Jar:
0xFf3d275BB50bB677Ea1f117730B68Cf42651a60f
Hey guys, today we are going to learn how to bridge USDT tokens from Binance Smart Chain to Tron USDT on TRC20 tokens.
We will use an app called the “SafePal”.The SafePal is a safe, and free application cryptocurrency wallet for managing cryptocurrencies. In the SafePal application, you can store, send and receive crypto.
So, the first step is to download the “SafePal” app. Once you set up your wallet, you have to add the assets to the main view. The next step is to buy some USDT tokens on Binance Smart Chain. Once you have USDT tokens on BEP20, you are going to send them (click the USDT BEP20 and receive). Send some BNB tokens for the transaction fees. Then go to DEX, click on ‘USDT’, pick TRC20 to BEP20, and confirm the transaction.
To send TRC20 tokens to another wallet, you will need TRX tokens. Then you can send your USDT tokens to any other wallet on the Tron blockchain!
___________________________________________________________
Related Videos:
How To Use PancakeSwap On Mobile Phone (MetaMask iPhone App Guide): https://youtu.be/Tn76GkryBMM
Use Solana From iPhone - How To Use Solana Wallet From A Mobile Device: https://youtu.be/7QbxDFO9b8o
___________________________________________________________
___________________________________________________________
Useful links:
SafePal Website:
https://www.safepal.io/download
___________________________________________________________
___________________________________________________________
Timestamps:
00:00 Intro
01:05 The SafePal App
01:59 Add The Assets To The Main View
03:10 How To Send USDT Tokens
04:00 Bridge BEP20 To TRC20
05:05 How To Send TRC20 To Another Wallet
05:26 Outro And Summary
___________________________________________________________
___________________________________________________________
⚠️⚠️⚠️ #Binance #Tron #Bridge #safepal #Tutorial #Guide #DEFI ⚠️⚠️⚠️
The content in any of Johnny's Youtube videos shall not be construed as tax, legal, insurance, construction, engineering, health & safety, electrical, financial advice, or other & may be outdated or inaccurate; it is your responsibility to verify all information.
I do not provide personal investment advice and I am not a qualified licensed investment advisor.
I am just sharing my knowledge and my findings.
___________________________________________________________
___________________________________________________________
Communities & Social Media:
Discord:
https://johnnytime.finance/discord
Twitter:
https://twitter.com/RealJohnnyTime
Instagram:
https://www.instagram.com/johnnytime.eth
___________________________________________________________
__________________
...
https://www.youtube.com/watch?v=Ob5ekDXeguE
Cairo Smart Contract and Starknet Security
Become a Smart Contract Hacker ?
https://johnnytime.xyz/smart-contract-hacker
We had a chance to get together for an interview with the team behind StarkSwap - the first and the biggest AMM and DEX built on StarkNet.
In this video, we discuss the security concepts of the Cairo programming language, and how it's different from the EVM and Solidity Smart contracts.
Watch the full interview with the Starkswap team:
https://youtu.be/EowcwcSM2sU
StarkSwap:
https://www.starkswap.co/
Ginger Security:
https://gingersec.xyz/
StarkNet:
https://starkware.co/starknet/
Cairo Smart Contract
Cairo 0.9
Cairo 1.0
EVM Security
Solidity Smart Contracts
Solidity Security
StarkSwap Audit
StarkNet Contracts
StarkNet Security
Cairo Security
Cairo Hacking
...
https://www.youtube.com/watch?v=H2yncUHt2ak