Aslında 2022'deki Terra- FTX çökmesinde bunun çok daha büyük versiyonları görüldü. Örneğin: Piyasada 1 stETH = 0.94 ETH di. Arbitrajcılar ucuz stETH topladı. Withdrawal açıldıktan sonra 1:1 ETH çektiler. Aylar içinde %5–8 civarında risksiz sayılabilecek getiriler elde edenler oldu. Ancak günümüz piyasasında 0.001 ETH (1.7$) seviyesindeki farklar çoğu zaman: Arbitraj botlarının rekabeti nedeniyle kullanıcıya ulaşmadan ortadan kalkar.

1. Swap 100 ETH to 100.001 stETH 2. Queue withdraw on LIDO (stETH to ETH) 3. Receive 100.001 ETH in 2 days Net profit $1676 / ETH * 0.001 ETH - gas = $1.676 - gas💀

This Vitalik's 2016 Reddit post gave core idea for Uniswap: 'Let's run on-chain decentralized exchanges the way we run prediction markets'. Hayden then built it and DEXs became core infra of DeFi where price discovery happens, LPs farm, and ppl can trade without KYC. What if the new idea by Vitalik becomes a new Uniswap? Or in this case Aave? He proposes DeFi without liquidations, built on options instead of debt. How it works in practice: Today on Aave you deposit 1 ETH at $1.5k and borrow $1k USDC. If ETH dumps too much (likely lol), a bot sells your ETH with a penalty. The whole system depends on real-time oracles being correct every second. Late liquidations incur bad debt. In Vitalik's design your 1 ETH splits into two tokens: a 'stable dollars' token and an 'ETH upside' token. - Borrowing: sell the stable token for cash, keep the upside token. If ETH dumps you just lose the upside. No liquidation bot and no penalty - Stablecoin: hold the stable token. Worst case it slowly turns back into ETH rather than depegging overnight - Leverage: buy the upside token. Max loss is what you paid and you can't get liquidated It works like buying a call option: you pay once upfront, that payment is the most you can ever lose, and a temporary price wick can't liquidate you since only the price at expiry counts. The two tokens always add up to 1 ETH, so the protocol can't end up with bad debt. And the price oracle is only checked once at expiry so slow prediction-market style oracles are enough, no real time price feeds. Since positions expire you have to roll them. But this creates new DeFi products like Pendle-ish vaults that automate the rolling for a fee. This design removes cascading liquidations from DeFi lending. Gotta keep an eye on it.

This Security Researcher has earned $3,612,409 hunting bugs on Immunefi. 32 live critical vulnerabilities found, saving hundreds of millions of dollars from hacks. Meet @lonelysloth_sec, ranked Top 5 all-time on @Immunefi. We asked him how he does it. One practical bug bounty strategy that has helped him find better bugs: "Protocols share a lot of code. When you find a bug that isn't exploitable, take some times to check if the same bug doesn't show up in other protocols where it might be. Study families of protocols, compare their code. Things are getting more and more interconnected." The habit, routine, or mindset that has made him more consistent as a researcher: "Curiosity. I don't rest until I understand every part of the system. Even if I end up not finding a bug, I want to understand it." A memorable bug or win, and what helped him find it: "I have quite a few public disclosures, but for one project between '24 to '25 I got paid for 9 critical bugs. I spent months getting to know every last detail of their (very large) code base. More than a breakthrough it was about persistence in one target, learning everything about it, and using everything I knew on it. They weren't the highest paying bugs I found, but I'm very proud of that achievement. I still find bugs in that project." His advice to a researcher trying to level up or land their first bounty: "Find motivation in the journey, because it's a long one. Enjoy understanding something that previously was mysterious to you, the feeling of knowledge accumulating. It compounds and will eventually lead to your bounties. Keep trying -- you need to give luck a chance to find you."

Review of 63 / 64 gas rule in EVM An easy summary to remember, although slightly inaccurate, is that a naive gas refund mechanism can overpay the caller by about 1/64 of the gas sent Code github.com/t4sk/notes/blob/m…

Been wanting this to exist for a while, so I built it. ProofOfRep, a reputation board for bug bounty programs and contests. Report your unfair or dishonest experiences, with proof, and I'll manually review everything. Hope it helps SRs focus on projects that actually take security seriously. Still early. Let me know if this sucks or if it's useful. All feedback welcome. proofofrep.xyz/

Rust playlist by RustCurious #rust #rustlang youtube.com/playlist?list=PL…

For those who are wondering, yes we do hire at @Morpho at the moment! Go to: morpho(.)org/jobs#jobs-list

We are hiring a Senior Cyber Security Engineer at @aave The role focuses on security operations and architecture, including SIEM, identity management, and related infrastructure Details: aave.com/careers/senior-cybe…

Morpho midnight graphs desmos.com/calculator/hnhwzt…

Certora is hiring! We're looking for a Blockchain Validator Infrastructure Engineer to own, operate, and expand our validator infrastructure. ✅ Hands-on experience with @solana or @SuiNetwork validators is a strong plus. Apply ⬇️

Vault inflation attack x axis = donation amount purple region = where attack is possible green line = profit (attack vs no attack) green line above y = 0 and inside purple region is where attack is profitable Graph desmos.com/calculator/orugjr… Code notes github.com/t4sk/notes/tree/m…

Full Episode: youtu.be/BPkLUdMcPLY?si=eqT0…

[Andre Cronje | Flying Tulip] Advice to Builders & Why He Came Back youtu.be/jbXFENvyziM?si=SbNx… via @YouTube

AST grapher click on contract to see list of state variables and functions txgraph.vercel.app/?tab=ast

2 columns to visualize Solidity contracts left column - functions right column - state variagles 1st picutre Which functions read or write to this state variable? 2nd picture Which functions and state variables does this function (balance()) touch? txgraph.vercel.app/?tab=ast

I'm hiring for a new associate role who will be working with me directly. If you are passionate about crypto and lending, work more than live and want an opportunity to massively accelerate your career, apply! Heads up: it won't be easy and NYC is preferred

Some transactions are too complex to understand from raw traces alone. tx-graph by @ProgrammerSmart turns EVM transaction hashes into interactive graphs, helping developers and security researchers quickly see how contracts interact and how complex exploits unfold. Learn more: youtube.com/watch?v=3bc03oBG… Support: qf.giveth.io/project/transac…