Web3 Security: All-Things Reentrancy Workshop with J.C. Ramirez
Вставка
- Опубліковано 20 гру 2024
- This week we were honoured to have Jose C. Ramirez, a Smart Contract Auditor at Oak Security, taking us through all things re-entrancy! Whether you're a budding web3 dev or programming veteran, this workshop is for you :)
What to expect:
• A deep dive into reentrancy to learn about the wider “family” of this kind of bug, looking at variations like token callback, cross contract or read only among others.
• Not only theory and looking at vulnerable examples but exploring how to actually have a basic working exploit for every variation.
• Seeing how each new variation adds a little tweak to the well-known list of recommendations on how to avoid reentrancy.
• Exploit templates based on Foundry are given (see below), so attendees can craft their own version of each exploit. No prior Foundry knowledge is needed!
Here you have the vulnerable examples and template attacker contracts so you can try your own exploits! github.com/jcs...
Detailed outline:
1. Why reentrancy again?
2. Reentrancy 101: Refreshing The Basics
3. Reentrancy 102: Token Callback, Cross-function
4. Reentrancy 201: Cross-contract, Read-only, Cross-chain
---------------------------------------------
If you're a software engineer with 4yrs+ experience - make sure to join our web3 learning & employment platform below. We transform senior engineers into Web3 developers, completely for free!
Join The Community: calyptus.co/reg...
Follow us Twitter here: / calyptus_learn