Uncovering a Subtle Bug in EVM Arithmetic: The Case of Negating Zero
| | | |

Uncovering a Subtle Bug in EVM Arithmetic: The Case of Negating Zero

ByNabih Benazzouz

Uncovering a Subtle Bug in Ethereum Virtual Machine (EVM) The Case of Arithmetic Negating Zero Our team at FuzzingLabs has been auditing the Ethereum Virtual Machine (EVM) implementation by LambdaClass. Throughout the audit, we’ve identified several vulnerabilities, but in this post, we’ll focus on one particularly interesting issue involving the SDIV operation and its handling…

ethereum evm slither mythril echidna fuzzing audit solidity security vulnerability ETH result foundry forge test code4rena
| |

$100,000 in Bug Bounty 💸 by learning Smart Contract Auditing from CODE4RENA Reports!

ByPatrick Ventuzelo

$100,000 in Bug Bounty 💸 by learning Smart Contract Auditing from CODE4RENA Reports! How to become an Ethereum/Solidity smart contract auditor? Where to start? How to improve your smart contract auditing process? Which tool to use? The paper analyzed in this video: “Demystifying Exploitable Bugs in Smart Contracts” is a compilation of all the findings…

ethereum evm slither mythril echidna fuzzing audit solidity security vulnerability ETH result foundry forge test
| |

Fuzzing Solidity/Ethereum Smart Contract using Foundry/Forge – Blockchain Security #5

ByPatrick Ventuzelo

Fuzzing Solidity/Ethereum Smart Contract using Foundry/Forge – Blockchain Security In this video, I will show the basis of running and customizing Foundry/Forge to fuzz an Ethereum smart contract in Solidity. I will also mention “Invariant testing” implementation in Foundry fuzzing compare to Echidna.https://youtu.be/2bTmB3cwhxs You will get access of the complete tutorial with source code, cheat sheet…

state art ethereum solidity fuzzing echidna foundry harvey
| | |

State of the Art of Ethereum Smart Contract Fuzzing in 2022 [EthCC5]

ByPatrick Ventuzelo

State of the Art of Ethereum Smart Contract Fuzzing in 2022 [EthCC5] Fuzzing is known as one of the most efficient techniques to find bugs in software. Sadly, when dealing with Ethereum smart contracts, the number of fuzzers and documentation available is really limited. During this talk, we will explain why fuzz testing EVM smart…

ethereum evm slither mythril echidna fuzzing audit solidity security vulnerability ETH
| | |

Solidity/Ethereum Smart Contract Audit using Slither – Blockchain Security #4

ByPatrick Ventuzelo

Solidity/Ethereum Smart Contract Audit using SlitherBlockchain Security In this video, I will show how to audit and find vulnerabilities inside an Ethereum smart contract written in Solidity using Slither, one of the best EVM smart contract analysis tools. https://youtu.be/s3FL5caAy5w You will get access of the complete tutorial with source code, cheat sheet and or complete…

evm reversing ethereum smart contract reverse engineering disassembly bytecode opcodes
| |

Ethereum/EVM Smart Contract Reverse Engineering & Disassembly

ByPatrick Ventuzelo

Ethereum Smart Contract Reverse Engineering &EVM Disassembly Today I’m showing how EVM disassembly works and how to reconstruct the control flow graph (CFG) of an Ethereum smart contract when you only have access to the bytecode (closed-source). It’s really useful when you’re looking to analyze in-depth a contract at the EVM bytecode level. https://youtu.be/I6VDBvX9Pkw You…

beaconfuzz eth eth2.0 ethereum 2 beaconchain beacon node fuzzing nimbus prysm lighthouse lodestar
| | | | |

Beaconfuzz – A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery

ByPatrick Ventuzelo

Beaconfuzz – A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery @ OffensiveCon 2022 Abstract This talk is about our journey and step-by-step process into fuzzing Ethereum 2.0 implementations software. We will start with a brief introduction to Ethereum 2.0 specification and ecosystem. Then, we will explain the architecture of this type of software…

ethereum evm solidity audit mythril echidna crytic eth smart contract
| |

Ethereum Smart Contract Analysis & Solidity Audit using Mythril – Blockchain Security #2

ByPatrick Ventuzelo

Ethereum Smart Contracts Analysis & Solidity Audit using Mythril Following last week’s video, I will show how to audit and find vulnerability inside an Ethereum smart contracts written in Solidity using Mythril, one of the best EVM smart contracts analysis tools. https://youtu.be/fhOMTYkw8FM NOTES etherstore.sol Running Mythril on `etherstore.sol` You will get access of the complete tutorial…

Fuzzing Ethereum Smart Contract using Echidna evm solidity Blockchain Security
| |

Fuzzing Ethereum Smart Contract using Echidna – Blockchain Security #1

ByPatrick Ventuzelo

Fuzzing Ethereum Smart Contract using EchidnaBlockchain Security In this video about Blockchain Security, I will show how to find vulnerability inside an Ethereum smart contract written in Solidity using Echidna, one of the only Ethereum smart contract fuzzer. https://youtu.be/EA8_9x4D3Vk NOTES Get started with echidna: Echidna interface Get started with echidna: Echidna invariants Targeted Solidity Smart…