ETHSecurity Community

Electi Security Fellowship Day 1 🛡️

This week starts with several security exercises. Intentionally buggy contracts to get into auditing headspace. 

Today’s challenge was a Layer0 implementation which had several bugs around mis handled fees calculations, hard coded variables, and faulty access controls.

Electi Security Fellowship Day 2 🛡️

We had two fun challenges today that required some onchain sleuthing. 

First we needed to recovery some tokens from an account that “lost” its PK but had used EIP-7702 and delegated to a multi call contract. 

Second we had to recover some tokens from a vulnerable treasury contract using signature malleability.

Electi Security Fellowship Day 3🛡️

Quiz 1 was one of those where I sniffed out the vulnerable code but struggled making a PoC. The struggle was well worth it as I now have a very clever vulnerability in the memory bank 🏦

Quiz 2 included a lending protocol that had insurance to socialize bad debt. This mechanism could be gamed because it did not ensure the debt was still bad when it repaid the lending protocol.