I think he made a mistake and removed the nonReentrant modifier, because he began with saying "this contract is not directly vulnerable/manipulatable", however it actually was. And even that, I think I still don't get it. As far as my knowledge spreads, its not possible to read values midway of a transaction, because state is reflected after the transaction has been executed, if it was possible to read midways of a transaction it would mean the the EVM is multithreaded and it is not. Its a stack-based single-threaded virtual machine. Curious to see what @0xOwenThurm has to say and actually clarify those questions.
Hi Owen, if you start learning to code from scratch with 0 coding experience (no HTML, CSS, JS) and you start learning programming by only just learning what it needs to become a Smart Contract Auditor. Could you become Smart Contract Auditor again within 8 months of effort from that zero states? Thank you very much
@@DeepakKumar-uz4xy I see very interesting, thanks for letting me know! I think it probably protects against single contract reentrancy but there's no way to automatically protect against cross-contract/read-only reentrancy unless you register them as a system.
by far the clearest explanation of read-only reentrancies that i found.. great content as always, thanks!
So glad it could help!
why does such great content have so few views?
Clear explanation with simple way
So glad it could help! I made it as simple as I could 🙏
enjoyed this content so much
but if we delete or empty the states first then how the transfer line will be able to fetch or balance , as we already declared it empty before that .
Great explanation!
Glad it could help!!
Great explanation.
thanks for the great content. demos in remix step-by-step debugger would make it become one of a kind!
Tysm ser! Yes this would be a great addition!
crystal clear explanation waiting for many other attack vectors explanation further..✌
Glad it could help! Many more on the way
Thank you @Owen !!!
Glad it could help!
Hi @owen is there a link to have access to this codes you used as example
I did not get the Read Only Reentrancy, it seemed to me a classic case, why was it named read only?
I think he made a mistake and removed the nonReentrant modifier, because he began with saying "this contract is not directly vulnerable/manipulatable", however it actually was.
And even that, I think I still don't get it. As far as my knowledge spreads, its not possible to read values midway of a transaction, because state is reflected after the transaction has been executed, if it was possible to read midways of a transaction it would mean the the EVM is multithreaded and it is not. Its a stack-based single-threaded virtual machine.
Curious to see what @0xOwenThurm has to say and actually clarify those questions.
Clear explanation and great content overall my guy. I'd love to see a video explaining the sandwhich attacks and how they work :)
Noted ser! Coming soon
Hi Owen, if you start learning to code from scratch with 0 coding experience (no HTML, CSS, JS) and you start learning programming by only just learning what it needs to become a Smart Contract Auditor. Could you become Smart Contract Auditor again within 8 months of effort from that zero states? Thank you very much
Yep! You should check out the 4 step roadmap to becoming an auditor video on this channel!
😊
i heard in vyper lang this issue disabled by default, lol
Don't know about that! Curve is in vyper and is perhaps the most famous case of read-only reentrancy.
@@0xOwenThurm this upgrade is done recently
@@DeepakKumar-uz4xy I see very interesting, thanks for letting me know!
I think it probably protects against single contract reentrancy but there's no way to automatically protect against cross-contract/read-only reentrancy unless you register them as a system.
Can make for me Arbitrag Smart contract flash loan