rdin777 (rdin777)
web3 Security Researchers Smart Contract Audit Solidity Focus: DeFi logic & Math vulnerabilities. GitHub: rdin777 Latest research: Starknet BTC Staking exploit
45 Followers
Recent casts
Top casts
The $292M KelpDAO hack wasn't a smart contract bug. It was a transport layer failure. ๐จ I just finished a deep dive into the LayerZero v2 "1-of-1 DVN" exploit that rocked the ecosystem in April 2026. Technical breakdown below. ๐
- 0 replies
- 0 recasts
- 5 reactions
Main Text: Just upgraded my Sentinel node to v2.0 ๐ก๏ธ After the $1.4M Ekubo exploit, itโs clear that monitoring is no longer optional. Iโve extended my Clojure-based security agent to support multi-chain invariants: โ EVM (Mantle): Assets-to-Shares tracking โ Starknet (Ekubo): Flash accounting & reserve monitoring Built for resilience. Built to front-run anomalies. Check the repo: https://github.com/rdin777/sentinel-rhea Tags: /dev /starknet /security /clojure/ekubo
- 0 replies
- 0 recasts
- 4 reactions
Headline: DeFi logic is only as good as its edge cases. ๐ก๏ธ I just published a post-mortem on a "design choice" in Aave V4 that turned into a $195M liquidation deadlock during the rsETH crash. The issue: Strict intermediate overflow checks in MathUtils.mulDivDown (src/spoke/libraries/LiquidationLogic.sol:329). The Reality: When a whale position (like Lazarus Group's rsETH dump) hits the liquidation threshold, the dynamic bonus calculation overflows and triggers a REVERT. A "safe" revert in theory = Unstoppable Bad Debt in practice. ๐ I reported this 2 months ago. It was dismissed as "intended design". Full PoC and write-up: ๐ [dev.to/rdin777/how-aave-v4s-design-choice-turned-into-a-195m-liquidation-deadlock-kelpdaorseth-case-57kk] ๐ [github.com/rdin777/aave-v4-post-mortem] cc @aave @stani.eth
- 0 replies
- 0 recasts
- 4 reactions
Just published a critical technical disclosure for Starknet BTC Staking. Found a logic bypass for ghost rewards and a Gas DoS. Team dismissed it as 'AI slop' without running the tests. Code says otherwise: 2 tests PASSED on latest snforge. Full report & PoC here: https://dev.to/rdin777/starknet-btc-staking-how-to-extract-rewards-with-zero-collateral-and-why-the-team-ignored-it-fo GitHub: rdin777/starknet-staking_audit1
- 0 replies
- 0 recasts
- 2 reactions