Great video! Learned a ton! Can you briefly explain why getting all the rewards at once is a "terrible idea"? Other than that you're sending before deleting, I'm not sure why. Thanks!
Absolutely! It's a terrible idea for exactly the reason we looked into. It enables someone to give me a malicious reward that makes it so that I can never withdraw any of my other rewards -- since they must all be withdrawn together.
mstore(free_memory , 0x08c379a000000000000000000000000000000000000000000000000000000000) mstore(add(free_memory , 4) , 0x20) . Why isn't there any overriting in the 0x80 . The free_memory pointer was never updated So the second line should have overriten the 0x80 word . I don't know what am i missing exactly ?
Wow, that's a lot of knowledge right there! Great yul explanation! Thanks Owen
Glad it could be helpful!!
Great channel have less subscribers, strange
Recently got into web3, and your videos have been super helpful. Thanks for sharing!!
Glad they could help!
This is exactly what i was looking for. Thanks !
Glad it could help!
knowledgeable but cant convey clearly
add(data,0x20) cause at 0x80 the length of the data stored right..?
Yep!
depends on the slot returned by mload(0x40) it could be 0x80 or 0xa0 etc.... not always 0x80 that's why we use free memory pointer
Very usefull video,
So glad this could help!
Genius
Great video! Learned a ton! Can you briefly explain why getting all the rewards at once is a "terrible idea"? Other than that you're sending before deleting, I'm not sure why. Thanks!
Absolutely!
It's a terrible idea for exactly the reason we looked into. It enables someone to give me a malicious reward that makes it so that I can never withdraw any of my other rewards -- since they must all be withdrawn together.
Thanks Owen, your content is great. 💙
Of course! Glad it could help!
Thanks my mentor 🫡
No problem ser!
I was following until I wasn't 😂
Particularly the exploit breakdown section
This is definitely one I'll be revisiting
Thanks again @Owen
Haha glad it could help!!
that exploit is genious
It really is
mstore(free_memory , 0x08c379a000000000000000000000000000000000000000000000000000000000)
mstore(add(free_memory , 4) , 0x20) . Why isn't there any overriting in the 0x80 . The free_memory pointer was never updated So the second line should have overriten the 0x80 word . I don't know what am i missing exactly ?