Will Stansill pfp

Will Stansill

@stanman

133 Following
30 Followers
Will Stansill pfp
๐Ÿ” Day 46 of #100DaysOfBlockchain: Fuzz Testing Unveils Hidden Vulnerabilities Today, I dove deep into fuzz testing, invariants, and handler contracts in my smart contract security course. Focusing on stateful and stateless fuzz testing was both challenging and fascinating. ๐Ÿ›  What I Learned: I discovered a sneaky issueโ€”a malicious ERC20 token that steals 10% of transfers after the 10th transaction. It was a real eye-opener, showing just how crucial fuzz testing is for catching vulnerabilities that regular tests might miss. ๐Ÿš€ Why It Matters: While Iโ€™m not aiming to become a security researcher, this course is helping me write more secure smart contracts. Todayโ€™s lesson highlighted the importance of making sure contracts can handle the unexpected. ๐ŸŒฑ Takeaways: Fuzz testing isnโ€™t just about finding bugs; itโ€™s about building resilient systems. Each challenge I tackle moves me closer to becoming a top-tier smart contract developer.
0 reply
0 recast
11 reactions
Will Stansill pfp
๐Ÿ” Day 45 of 100DaysOfBlockchain: Exploring AMMs & Liquidity Pools Today, I delved into Automated Market Makers (AMMs) and Liquidity Pools as part of my ongoing smart contract security course, focusing on TSwap, a Uniswap V1 fork. ๐Ÿ›  Challenges & Insights: AMMs, with their ability to maintain protocol invariants, are critical to decentralized exchanges. The session on stateful and stateless fuzzing highlighted the importance of thorough testing to ensure securityโ€”a reminder of the lessons learned during the Puppy Raffle audit. ๐Ÿš€ Empowering Users: AMMs offer a unique opportunity for users to become their own banks, democratizing access to financial systems. This aligns with Web3โ€™s mission to give power back to individuals, especially the unbanked. ๐ŸŒฑ Key Takeaways: As I continue this course, the importance of security and resilience in building these decentralized systems becomes ever clearer, driving my growth as a blockchain developer.
1 reply
0 recast
9 reactions
Will Stansill pfp
๐Ÿ” Day 44 of 100DaysOfBlockchain: Completing My Second Audit Reportโ€”With Some Challenges! The past few days were a rollercoaster. My Puppy Raffle audit faced unexpected issues, leading to technical challenges and ultimately a fresh start with Ubuntu. ๐Ÿ›  Challenges & Insights: A major issue with generating the audit PDF forced me to reinstall Ubuntu, but it highlighted the importance of persistence and creativity in problem-solving. ๐Ÿ“œ Puppy Raffle Audit Report: This audit delved deeper into vulnerabilities and security practices, proving that confronting difficult challenges often leads to significant growth. ๐Ÿš€ Key Takeaways: Security is a fundamental aspect of reliable smart contracts. Thorough practices and a fresh perspective on unexpected hurdles strengthen skills and improve craft. Each challenge moves me closer to becoming a better blockchain developer. https://github.com/WillStansill/Auditing-Porfolio/blob/main/puppy-raffle-audit.pdf
0 reply
0 recast
11 reactions
Will Stansill pfp
๐Ÿ” Day 43 of 100DaysOfBlockchain: Sharpening My Audit Skills! Today, I focused on smart contract auditing, using Slither and Aderyn to spot vulnerabilities without running the code. Mastering these tools is crucial for building secure contracts. ๐Ÿ” Challenges & Insights: Understanding Denial of Service (DoS) attacks was eye-opening. Realizing how a simple open for loop can be a major risk has changed my approach to coding. Iโ€™ll now be more cautious and seek alternatives to avoid such pitfalls. ๐Ÿ“œ Key Takeaways: Security is a vital part of development. Thoroughly reviewing documentation and anticipating risks helps in creating robust contracts. This experience has reinforced the importance of integrating security into my development process. ๐Ÿš€ Moving Forward: Iโ€™m committed to making security a core aspect of my work. It's not just about avoiding issues but ensuring that every contract is strong and secure. On to the next challenge!
2 replies
3 recasts
6 reactions
Will Stansill pfp
๐Ÿš€ Day 42 of 100DaysOfBlockchain: Completing My First Smart Contract Audit! ๐Ÿ” Iโ€™m thrilled to share that Iโ€™ve completed my first comprehensive audit for the PasswordStore smart contract! This milestone highlights my commitment to smart contract security and reliable code. ๐Ÿ” Audit Overview: The audit involved reviewing the contractโ€™s design, scoping the project, and identifying vulnerabilities such as access control flaws and private data exposure. I provided detailed proof of concept and recommendations for each issue. ๐Ÿ“œ Report Structure: The final report includes a summary of issues, detailed descriptions, impact assessments, exploitation demonstrations, and suggested fixes. The PDF report is attached for review. Though this was a basic audit, Iโ€™m excited to delve deeper into smart contract security. https://github.com/WillStansill/Auditing-Porfolio/blob/main/8-8-2024%20password-audit-report.pdf
3 replies
0 recast
6 reactions
Will Stansill pfp
๐Ÿš€ Day 41 of 100DaysOfBlockchain: ๐Ÿš€ ๐ŸŒWith the recent completion of the foundry course that I spent so much time on. Over the past couple days I have been taking the time to go through and revamp all aspects of my portfolio website as well as resume to better reflect the experience and progress I have gained. ๐Ÿ”—I will be linking my updated portfolio project below where you can find a brand new resume, updated UI, and most importantly massive additions to the projects tab within my personal portfolio website. If you have been following my journey for some time now you will see many of the projects I have put time into over the past few months. ๐Ÿ–ฅ๏ธThis experience has been incredibly rewarding as its incredible to be able to see such a tangible difference that I have made in my journey as a developer since the start of this series. Take a look for yourself and check it out. I'd love to hear your feedback! https://portfolio-website-umber-ten-21.vercel.app/projects
3 replies
0 recast
10 reactions
Will Stansill pfp
๐Ÿš€ Day 40 of 100DaysOfBlockchain: Advanced Foundry Course Completion ๐ŸŒ ๐Ÿ“š Course Highlights: Completed the advanced Foundry course through Cyfrin Updraft, diving deep into blockchain development. ๐Ÿ”— Key Projects: Built an ERC20 token, NFT collection, and DeFi protocol, mastering token standards and asset management. ๐Ÿ”’ Advanced Features: Implemented secure airdrops and upgradeable contracts. Developed a DAO for community governance and account abstraction. ๐Ÿ”ง Technical Challenges: Enhanced testing and debugging skills, managed state and time manipulation, and handled complex DeFi and DAO interactions. ๐Ÿ›ก๏ธ Security & Reliability: Performed security audits and applied best practices, ensuring robust smart contracts. ๐Ÿ” Learning Outcomes: Mastered token standards, governance, and DeFi, improving my ability to design secure, adaptable blockchain solutions.
1 reply
3 recasts
8 reactions
Will Stansill pfp
๐Ÿš€ Day 39 of 100DaysOfBlockchain: Building a DAO with Governance Voting ๐ŸŒ ๐Ÿ” DAO Governance Implementation: Iโ€™ve built a DAO using Solidity and Foundry to enhance decentralized decision-making. This system lets community members propose, vote, and execute changes, with a Governor contract, TimeLock, and GovToken for voting. ๐Ÿ“œ Key Features: Proposal Creation: Token holders can propose changes. Voting Mechanism: Enabled transparent voting, counting, and state transitions. Execution: Added delays and steps for proposals. Role-Based Control: Managed roles for proposers and executors. ๐ŸŒ Benefits: This DAO fosters decentralized decision-making and community engagement, enhancing project resilience. Check the comments for the repository link and details. My repository: https://github.com/WillStansill/Foundry-DAO
2 replies
0 recast
9 reactions
Will Stansill pfp
๐Ÿš€ Day 38 of 100DaysOfBlockchain: Completing a Vesting Contract with Role-Based Access Control ๐ŸŒ ๐Ÿ” Vesting Contract Completion I'm thrilled to announce that I have successfully completed the second round of a technical interview for a paid blockchain developer internship by implementing a robust vesting contract with role-based access control. ๐Ÿ“œ Understanding the Vesting Contract This contract manages token vesting for Users, Partners, and Team roles with specific schedules. Users receive 50% of tokens with a 10-month cliff and 2-year vesting duration. Partners and Team members each get 25% with a 2-month cliff and 1-year vesting. โš™๏ธ Key Features Implemented Role Definitions: Defined User, Partner, and Team roles, each with distinct vesting schedules. Vesting Management: Implemented functions to start vesting, add beneficiaries, and claim tokens. The video link below is a walkthrough through my codebase. https://www.awesomescreenshot.com/video/29901641?key=de30991a679751792c5ba1021bec10c7
0 reply
0 recast
9 reactions
Will Stansill pfp
Day 37 of 100DaysOfBlockchain: Embracing the Process Today, I wanted to share a recent experience that highlighted a key lesson in problem-solving. I encountered a persistent bug where a function was being called from the wrong address. Despite my efforts with Stack Overflow, ChatGPT, and community help, the solution eluded me. After a frustrating day, I took a break to go backpacking in West Virginia for my 25th birthday. It was refreshing to step away from the code and recharge. When I returned, I solved the issue in about five minutes. The lesson? Sometimes stepping back and returning with fresh eyes can make all the difference. Today, I completed my Account Abstraction lesson on Ethereum and will dive into ZKsyncโ€™s native account abstraction next. Here are some photos from the trail.
1 reply
1 recast
14 reactions
Will Stansill pfp
๐Ÿš€ Day 36 of 100DaysOfBlockchain: Account Abstraction Deep Dive ๐ŸŒ ๐Ÿ” Progress Update: Yesterday, I gave a broad overview of account abstraction. Today, Iโ€™m diving into specific implementations and the challenges faced. ๐Ÿ“œ Refining Understanding: Account abstraction offers practical solutions for flexible blockchain account management. โš™๏ธ User-Friendly Interface: To simplify blockchain interactions, I've integrated account abstraction into my dApps, focusing on intuitive interfaces that mask technical complexities. ๐Ÿ“ Packed User Operations: Implemented Packed User Operations to bundle multiple actions into one transaction, optimizing gas usage. Developed a script for signing and verifying these operations to ensure security and efficiency. ๐Ÿ”ง Technical Challenges: Addressed compatibility issues and edge cases, especially integrating OpenZeppelinโ€™s cryptographic functions with custom smart contract logic. Careful handling of data and signatures was crucial.
2 replies
0 recast
6 reactions
Will Stansill pfp
๐Ÿš€ Day 35 of 100DaysOfBlockchain: Exploring the Potential of Account Abstraction ๐ŸŒ ๐Ÿ” Introduction to Account Abstraction Over the past couple of days, Iโ€™ve been diving into the concept of account abstraction. The possibilities it unlocks have left me feeling incredibly optimistic about the future of blockchain technology. ๐Ÿ“œ Understanding Account Abstraction In simple terms, account abstraction allows for greater flexibility in how blockchain accounts are managed and interacted with. Instead of rigid structures, it introduces new ways for users to engage with blockchain applications, making the experience more intuitive and user-friendly. โš™๏ธ Lowering the Barrier to Entry One of the significant challenges in the Web3 space is the steep learning curve. Concepts like private keys, seed phrases, MetaMask, and the distinctions between Layer 1 and Layer 2 solutions can be overwhelming for newcomers.
1 reply
0 recast
6 reactions
Will Stansill pfp
๐Ÿš€ Day 34 of 100DaysOfBlockchain: Deep Dive into Merkle Airdrops and Signature Verification ๐Ÿ… ๐Ÿ” Introduction to Merkle Airdrops and Signatures Today, I explored the exciting world of Merkle airdrops and digital signatures. A Merkle airdrop allows us to efficiently and securely distribute tokens, leveraging the cryptographic structure of Merkle trees to verify proofs. โš™๏ธ Implementing the Base Airdrop Contract I wrote a base smart contract, MerkleAirdrop.sol, incorporating Merkle tree logic to check if an address is eligible for an airdrop. This contract includes mechanisms to prevent double-claiming and verify signatures. ๐Ÿ”‘ Adding Signature Verification I integrated signature verification into the airdrop contract using standards like EIP-191 and EIP-712. This ensures that only the intended recipients can claim the tokens, adding an extra layer of security.
1 reply
0 recast
7 reactions
Will Stansill pfp
๐Ÿš€ Day 33 of 100DaysOfBlockchain: Exploring zkSync and Zero-Knowledge Proofs ๐Ÿ… ๐Ÿ” Introduction to zkSync Today, I dived into zkSync, which utilizes zero-knowledge proofs, an innovative solution to scalability in the Ethereum ecosystem. Zero-knowledge proofs are a way for one party to prove to another that a statement is true without revealing any specific information about the statement itself. โš™๏ธ Zero-Knowledge Proofs in Simple Terms Zero-knowledge proofs allow someone to confirm they know a secret without revealing the secret. ๐Ÿ“œ Integrating zkSync into Projects I spent time updating much of my older projects with zkSync's zero-knowledge proof technology, significantly enhancing scalability. ๐Ÿš€ Bridging and Deploying on Testnets Today involved refreshing my knowledge on integrating zkSync into my projects, focusing on lessons about bridging Sepolia testnet to zkSync testnet ether and deploying to testnets at a fraction of the cost.
0 reply
0 recast
8 reactions
Will Stansill pfp
๐Ÿš€ Day 32 of 100DaysOfBlockchain: Upgradeable Smart Contracts ๐Ÿ… ๐Ÿ” Introduction to Upgradeable Contracts Explored the advantages, risks, and methodologies of upgradeable smart contracts. โš™๏ธ Delegatecall in Solidity Delved into delegatecall, highlighting its differences from regular call functions and its impact on smart contract design. ๐Ÿ“œ EIP-1967 and Proxy Contracts Learned about EIP-1967 and its significance in proxy contracts. Built a minimalistic proxy, enhancing my understanding of this standard and its application in creating upgradeable smart contracts. ๐Ÿš€ Deploying and Testing UUPS Proxies Worked with OpenZeppelin UUPS proxies, focusing on setup, deployment, and testing. Successfully deployed and tested stablecoin smart contracts on a testnet, ensuring the functionality and reliability of the upgrades. My repository: https://github.com/WillStansill/Foundry-Upgradable-Smart-Contract
0 reply
0 recast
7 reactions
Will Stansill pfp
๐Ÿš€ Day 31 of 100DaysOfBlockchain: Decentralized Stablecoin Project ๐Ÿ… ๐Ÿ”— Stablecoins address the issue of crypto instability by being backed by assets like Bitcoin and Ethereum. My goal with DSC was to create a reliable decentralized stablecoin. ๐Ÿ”— ๐Ÿ› ๏ธ Key Accomplishments ๐Ÿ› ๏ธ DeFi Essentials: Explored DeFi and the crucial role of stablecoins in the crypto ecosystem. Smart Contract Development: Created a stablecoin backed by Bitcoin and Ethereum, focusing on security and reliability. ๐ŸŒ Building DSCEngine ๐ŸŒ Collateral Management: Developed functions for depositing collateral, minting tokens, and managing system stability. ๐Ÿ”“ Advanced Testing ๐Ÿ”“ Foundry Testing: Used Foundry for fuzz testing and invariant checks to enhance contract robustness. ๐Ÿ”ฅ Dynamic Minting & Burning ๐Ÿ”ฅ Enabled minting and burning of DSC based on health factors to keep the system balanced. My Repository: https://github.com/WillStansill/Foundry-StableCoin
0 reply
0 recast
0 reaction
Will Stansill pfp
๐Ÿš€ Day 30 of 100DaysOfBlockchain: Mastering Smart Contract Testing ๐Ÿงช ๐Ÿ› ๏ธ Advancing with Fuzz Testing ๐Ÿ› ๏ธ Today, I took a significant leap forward by diving into fuzz testing for smart contracts. This advanced testing technique has been crucial in ensuring that my contracts work seamlessly under various conditions, enhancing their security and reliability. ๐Ÿ” Understanding Fuzz Testing ๐Ÿ” Fuzz testing involves providing random or unexpected data inputs to a program to identify vulnerabilities. Itโ€™s like throwing random wrenches into the machinery to see what breaks, revealing potential weaknesses. ๐Ÿ–ฑ๏ธ Enhancing the Health Factor Function ๐Ÿ–ฑ๏ธ During testing, I refactored the _calculateHealthFactor() function for cleaner code and improved visibility into the health factor calculation. This ensures the system remains stable under edge cases, like a user depositing a massive amount of collateral without minting any DSC.
0 reply
0 recast
0 reaction
Will Stansill pfp
๐Ÿš€ Day 29 of 100DaysOfBlockchain: A Breakthrough in Smart Contract Testing ๐Ÿงช ๐Ÿ› ๏ธ Embracing the Challenge of Writing Robust Tests ๐Ÿ› ๏ธ Recently, I've challenged myself to write and design smart contract tests independently. This has marked a significant breakthrough in my journey toward becoming a competent blockchain developer. Writing tests ensures functionality, security, and reliabilityโ€”essential for the broader adoption of blockchain technology. ๐Ÿ” Deep Dive into Independent Testing ๐Ÿ” My focus has shifting from following instruction to creating and refining my own tests. This shift I have found is akin to understanding the grammar of a new language on a fundamental level. While many can learn basic phrases in a new language, true fluency comes from grasping the underlying structure. Similarly, mastering test writing has deepened my understanding of the functions I create and how they can be interacted with, bringing a new level of fluency and competency to my development process.
0 reply
0 recast
0 reaction
Will Stansill pfp
๐Ÿš€ Day 28 of 100DaysOfBlockchain: Mastering Smart Contract Testing ๐Ÿงช ๐Ÿ› ๏ธ Focusing on Writing Robust Tests ๐Ÿ› ๏ธ Recently, I've been honing my skills in writing tests for smart contracts. Moving beyond tutorials, I've focused on creating my own tests, which is crucial for becoming a competent developer. Strong tests ensure your contracts work under various conditions, maintaining security and reliabilityโ€”key aspects for the global adoption of blockchain technology. ๐Ÿ–ฑ๏ธ Constructor and Price Feed Tests๐Ÿ–ฑ๏ธ I started with constructor tests to confirm proper initialization. These tests ensure the contract reverts when the token lengths don't match the price feeds, a critical check for stability. ๐Ÿ’ฟTesting Deposit Collateral๐Ÿ’ฟ I also tested the depositCollateral() function to ensure it properly reverts with unapproved tokens. This is crucial for maintaining security and preventing unauthorized tokens from being deposited.
0 reply
0 recast
0 reaction
Will Stansill pfp
๐Ÿš€ Day 27 of 100DaysOfBlockchain: Advancing My Decentralized Stable Coin Project ๐ŸŒ ๐Ÿ› ๏ธ Focusing on Collateral Distribution and Liquidation ๐Ÿ› ๏ธ Today, my attention has been primarily on refining the distribution of collateral and perfecting the liquidation aspects of my decentralized stable coin. Ensuring that these functionalities work seamlessly is critical for maintaining the integrity and stability of the system. ๐Ÿ” Streamlining Collateral Deposit and Minting DSC ๐Ÿ” I've been working on merging the deposit and mint mechanisms into a single, user-friendly function called depositCollateralAndMintDsc(). This new function allows users to deposit collateral and mint DSC in one swift and efficient transaction, simplifying the user experience and optimizing the protocol's operational flow. ๐Ÿ“œ Enhancing the Redeem Collateral Function ๐Ÿ“œ Developing the redeemCollateral function has been a meticulous process. This function allows users to redeem their collateral securely.
0 reply
0 recast
0 reaction