DuneCon 2024 was definitely worth the time, very glad I went:
- talked to some people about my workflows in Glider
- attended a talk with Vitalik for the first time (this is the guy I trust with my ETH)
- it was just good to hang out, free food and great organization as always! Excellent job @dune
DSS was great!
Thanks guys, very nice to meet you! I hope you stay for Devcon too, if not, until next time 👋
My first (and let's hope not last) contribution to @solidity has been merged!
A little revision: address.codehash can produce two results for an account with zero code, depending on whether the account has balance or not (among other factors), which caused a couple of issues at least on @code4rena.
My proposal added a warning to the documentation to reduce confusion among developers.
Thanks to everyone who participated in the discussion!
Tired of fancy wallets with ads, fees (lmao), and no control over your network connectivity?
Here it is, the final solution! A script to sign offline with Ledger:
✨_Ledger Offline Sign_ ✨
github.com/ustas-eth/ledger-offline-sign
Back to more serious matters, some copy paste from the repo (please, give it a star!):
What
This is a tool that allows you to sign an offline Ethereum (or L2) transaction using Ledger (tested with Nano X) with full control of the transaction data.
As a result, you will receive a bytecode that you can broadcast when necessary.
Why
It's not safe to take Ledger if you have a meeting or there are cameras around that can catch your PIN. A good solution to this problem is to sign the tx offline beforehand and then broadcast when needed without the risk of exposing your wallet or getting a physical rekt.
I found such simple action quite hard to do with existing solutions (basically what any wallet does minus the network broadcasting). They either don't provide a way to change the derivation path / chain id or throw errors.
Privacy and telemetry
The script doesn't attempt to make any network requests and doesn't need an RPC to work. All the information you enter will not be stored anywhere except temporarily in your terminal.
The easiest way to run the tool is to use:
npx ledger-offline-sign
This command will download and run the latest version of the script from the npm servers.
To broadcast the transaction you can use any public RPC endpoint (see on Chainlist) or a web interface like Etherscan or MyCrypto.
The highly anticipated (by me) results of Doubler Pro mitigation are out!
Thank you, @code4rena and the team, it's been nice working with you 🙌
Had a little time this weekend to finish the Ledger Offline Sign script. It'll soon be available through npx or git.
The only things left, I think, are to add more tokens to the list (ideally parse them from somewhere), include other tx types, and reorder the inputs.
Wdyt?
My first accepted finding on @code4rena, 1.5 year ago, 900 USD of payout
ERC777 reentrancy, how cute 😂
Yeah, those were good times...
With a coded PoC, btw ☝
So apparently Certik has stolen 3m USD from Kraken and refuses to give it back. Web3 never changes!
Waiting for new crypto documentaries 🍿
Good points and deep analysis of the contest platforms by @sockdrawer. C4 has created a new open work paradigm that I don't know of any analogy to.