| > Bitcoin. Ethereum. Etc. This is tech. Not its applications. > The smart contracts running on Ethereum are open source, unlike your PHP script, can be audited, and if marked immutable, Ah, to once again have a child's wonder and belief in magic. Just add th incantation "blockchain ethereum smart contracts", and all is right with the world. Meanwhile reality [1] just in the past ten days: --- start quote --- Insufficient validation on an OHM smart contract at Bond Protocol allowed an attacker to drain 30,437 OHM (~$300,000) from the Olympus DAO defi protocol. Olympus DAO wrote in an announcement that "This bug was not found by 3 auditors, nor by our internal code review, nor reported via our Immunefi bug bounty." --- On October 14, Ethereum reached a milestone that alarms many who have pushed for blockchains as "censorship-proof" technology. More than 51% of blocks produced in the preceding 24 hours were processed by relays that filtered out transactions involving Tornado Cash --- The defi project Earning.Farm lost 748 ETH (~$971,000) to a hacker using a flash loan attack. The project contract was missing a check that a flash loan was initiated by the protocol, so the attacker was able to instruct the project to withdraw large amounts of funds --- Rabby Swap, a feature of the Rabby crypto wallet, was exploited a month after it was first rolled out. An attacker discovered an apparent vulnerability in the Rabby Swap smart contract that enabled them to arbitrarily transfer other users' funds. --- end quote --- [1] https://web3isgoinggreat.com/ |