Ngl I am obsessed with your video tutorials! Gone through 50% of the solidity playlist and decided to finish this playlist before I continue. Like how are you so good? Who are you? Dayumn! Well, thank you so much for all the insightful videos you make accessible for free! Can't thank you enough🙌🏽
Your videos and course have been such a great help! The fact your course is a monthly subscription is great, other courses have a huge one time cost, but your monthly subscription makes it so much more accessible! Keep it up!
@@lawniczakjohn Yes, about 50% of the way through the solidity course. I've got quite a bit of solidity experience already, so the first 25% of the course was quite simple, however the later HIGH difficulty tasks are interesting and I've learnt quite a lot of interesting things from them. Definitely would recommend!
so when the Tornado governance reviewed the proposal, they saw a contract that has function `selfdestruct` and they still think it's normal? I thought this kind of metamorphic contract exists since 2019
So it’s pretty unsafe to blindly call contract code, could this have been mitigated by storing the EXTCODEHASH of the original proposal with the extcodehash upon execution? Selfdestruct has been deprecated for almost a year. Hopefully this attack will encourage further review of the proposals to remove it/change behavior.
Hello, the video was very clear. But I have a doubt, can we use DeployerDeployer contract directly to deploy Attack and Proposal, instead of using Deployer contract to deploy them.
@@smartcontractprogrammer Buy why is that? The address of the Proposal and the Attack contract must still be the same if the DeployerDeployer contract uses create2 to create them directly, right?
I see you have an extension that tells you how much gas each function costs - is it built into Remix ? Does anyone know of a VsCode extension that does the same ?
Tornado Cash Hack
ua-cam.com/video/whjRc4H-rAc/v-deo.html
0:00 - Intro
2:05 - Code overview
2:49 - DeployerDeployer contract
5:00 - Deployer contract
6:51 - Attack contract
8:52 - Remix demo overview
10:21 - Remix demo
Code
solidity-by-example.org/hacks/deploy-different-contracts-same-address/
Take a course
www.smartcontract.engineer/
This guy's solidity level is fire
Ngl I am obsessed with your video tutorials! Gone through 50% of the solidity playlist and decided to finish this playlist before I continue. Like how are you so good? Who are you? Dayumn! Well, thank you so much for all the insightful videos you make accessible for free! Can't thank you enough🙌🏽
Just a programmer
Your videos and course have been such a great help! The fact your course is a monthly subscription is great, other courses have a huge one time cost, but your monthly subscription makes it so much more accessible! Keep it up!
Have you taken it and been enjoying it?
@@lawniczakjohn Yes, about 50% of the way through the solidity course. I've got quite a bit of solidity experience already, so the first 25% of the course was quite simple, however the later HIGH difficulty tasks are interesting and I've learnt quite a lot of interesting things from them. Definitely would recommend!
I was looking for this 🔥
Love you man ❤
legendary
Gold!!
Your videos are like Solidity Super dose ..
How u so good in Solidity please , make an advanced solidity tutorials like this one but a whole package 🙏
Seems like a type of Reentrancy in contract form.
Deploy… within the deploy! 😮
Awesome!
so when the Tornado governance reviewed the proposal, they saw a contract that has function `selfdestruct` and they still think it's normal? I thought this kind of metamorphic contract exists since 2019
Unbelievable
Amazing. Do you coach developers? I could use some coaching from someone like you to make sure I have the skills I need to start applying to dev jobs.
nope
Selfdestruct is deprecated from Solidity 0.8.18. So contracts deployed before are vulnerable. How can we avoid this create vulnerability ?
So it’s pretty unsafe to blindly call contract code, could this have been mitigated by storing the EXTCODEHASH of the original proposal with the extcodehash upon execution?
Selfdestruct has been deprecated for almost a year. Hopefully this attack will encourage further review of the proposals to remove it/change behavior.
Is there any reason why this attack wouldn't work by simply upgrading the contract?
It won't be approved by the dao
curious about the gas estimation extension
default feature on Remix
Hello, the video was very clear. But I have a doubt, can we use DeployerDeployer contract directly to deploy Attack and Proposal, instead of using Deployer contract to deploy them.
Nope, all is necessary
@@smartcontractprogrammer Buy why is that? The address of the Proposal and the Attack contract must still be the same if the DeployerDeployer contract uses create2 to create them directly, right?
@@smartcontractprogrammer have the save question
Only 127 likes?? Come on people!!
I see you have an extension that tells you how much gas each function costs - is it built into Remix ? Does anyone know of a VsCode extension that does the same ?
Yes, it's part of Remix
Bro, Can you create a coin for me in same contract address...Suggest me sites...i am weak in coding
Is it another implementation of create3?