Tips, Tricks and Ideas 2.5$M @eigencloud contest. I've spent quite some time on this exact code-base at @certora last month, so let me give you a list of tricks and ideas to help you 🫵 become a Millionaire. - Documentation The EG documentation is extremely extensive and @cantinaxyz has done an excellent job of providing a list on the contest page. Take a look at SharesAccountingEdgeCases.md to avoid finding known issues. Do not get lost in the docs, the code is what matters! - Scope All contracts are in scope, which is a massive amount of code for 3 weeks. If you want to focus on the changes, go to EL github: feat/slashing-diff and the Rewards release. - Tests The amount of tests and fuzz tests is just stupendous and can demotivate any auditor. Yet it could be interesting to focus on the use of mocks and mock functions. If the mock imitates but does not perfectly copy contract functionality, what actually was tested? - Formal Verification Every rule that is proven is a mathematical certainty, use it to quickly assess the validity of an attack vector. Keep in mind that the Prover is limited by the imagination of the engineer. Any situation that was not conceptualized might prove valid. - Magnitude Magnitude is the core ruler that governs allocations. Map out all possible actors and actions that might change this variable. Have they truly all been accounted for? - Shares OperatorShares, DepositShares, WithdrawalShares, ScaledShares, Slashed Shares, etc.. They are added, subtracted, multiplied, divided, cooked, braised, fried and minced. Is there really no loss of precision? Do magnitude and shares always remain in perfect lockstep? - Strategy != BeaconStrategy The beaconETHStrategy is fundamentally different from all the others, yet they are supposed to work in a quasi-identical manner in allocation and delegation manager. Was there something overlooked? - Containerization An AVS should only be able to affect operators in his Operator Set. An Operator should only be able to affect his own stakers. Are all variables perfectly separated and/or reset when actors move places? - Access Control Many functions are limited by _checkCanCall(AVS or Operator). Which are the actors and delegated actors. Is it possible there is a gap somewhere? - Slashing slashOperator and modifyAllocations are the critical functions around which this entire update revolves. If there is a Crit to be found, it will likely be there. - The BeaconChain The beaconChain already slashes operators through a completely different system. Now this complex system is perfectly merged with another completely different complex system? Complexity gives birth to bugs. Examine the connection between the two! - Fix Reviews The fix for a bug can sometimes introduce such complexity that somewhere else a closed door opens for a fraction and a bug comes rolling in. Review the fixes in extreme detail! That's all I got folks. Good Luck to you all, I hope you will find the bugs but I also hope there are ZERO to be found. 👊

So @WeekInEthNews has ended. Here's why:

People often DM me saying that I am brutal in criticizing projects and that I should tone it down a bit. Thing is criticism is good. It means I care. It's how you react to criticism that tells a lot about you and your project. So now I want to speak a bit about @eigencloud. I heavily criticized their native restaking and how broken and gas heavy it was. Multiple times. x.com/LefterisJP/status/1780… x.com/LefterisJP/status/1783… Instead of telling me off they acknowledged the problem and worked on a solution, looping me in on the technicals as I am both a user and my app @rotkiapp is an integrator of the protocol. Spoke with people like @dabit3, @0xkydo and more than anyone endless back and forth technical discussions with @wadeAlexC, whom I now can say I love a lot 😍 The result is the Eigenlayer Protocol: EigenPod Enhancement upgrade. Or PEPE for short 🐸. It's a very big technical upgrade for native restaking which greatly reduces the gas costs of withdrawals from eigenlayer thanks to proper batching. What's more it allows you to restake ETH that's gathered in the beaconchain before it gets sweeped by a withdrawal! It's pretty cool! At the same time this upgrade opened up the AVS rewards claim so we can start seeing the APR and financial incentives of restaking take up shape. It will all be supported in the next @rotkiapp release as the PR is almost ready and green. I want to thank Eigenlayer for working on this and reacting so nicely to criticism. This is how it should be done! It makes me quite bullish on the team behind the project. Finally again a huge, huge thanks to @wadeAlexC who must have by now muted me in TG due to the constant spam of questions I send him 😂

hey @eigencloud please for the love of god ... prioritize the upgrade to reduce gas costs for native restaking withdrawals. And in the meantime ... give more "points" to native restakers. Paying 15-40% per ETH withdrawal per validator in gas is killing us.

The Q3 upgrade will introduce batched withdrawal claiming, making the process up to 100x cheaper! It will also be possible to restake both consensus and execution rewards, and enjoy more flexible proving windows.

Join the race today. Competition ends 18 Mar 2024 4:00pm EST. Happy hunting engineers 💻

Join the race today. Competition ends 18 Mar 2024 4:00pm EST. Happy hunting engineers 💻

if you have signed a `queueWithdrawal (0xf123991e)` malicious transaction and less than 15 days, try to call EigenLayer Strategy Manager's `slashQueuedWithdrawal` to slash an existing queued withdrawal. etherscan.io/address/0x85864…