In Solidity, there are three ways in which one can send ether. Namely transfer(), send() and call(). In this article, let us discuss how each function call works and which is the best one to use. transfer vs send vs call transfer -> the receiving smart contract should have a fallback function defined or else…

Before delving into the issue at hand, I recommend familiarizing yourself with Issue#7 . Understanding the context is important for understanding the problem I am about to address. Is ReentrancyGuard alone sufficient? Having audited over 25+ projects, I’ve observed a common practice among developers, utilizing ReentrancyGuard for functions involving external operations. The belief is…

About the Protocol I had the opportunity to audit a bridge designed for the transfer of native assets between a blockchain, which we’ll refer to as TestChain, and the Ethereum Mainnet. The native token is represented by $TEST. …

Smart contract developers sometimes make excessive assumptions when writing a contract. One specific instance I’d like to highlight involves declaring an address as immutable or missing a function to update the address. …

The Sparkn contest marked my first audit as a team with 33Audits and hexbyte. It was an amazing learning opportunity, and I recommend solo auditors to occasionally work in teams. Now, let’s get to the findings: In total, there were 1 High, 3 Medium, and 12 Low-risk issues in the…

Prior to delving into the results summary, I strongly recommend watching Patrick Collins comprehensive 5-hour tutorial on building the project from scratch, which can be found on YouTube. …

This marks the start of a new blog series dedicated to my participation in audit contests. As a reader, your feedback is highly valued, so please feel free to share your thoughts with me. Introduction CodeHawks is an emerging public auditing platform tailored for Web3 security auditors, and at its core…

In the world of smart contracts, upgradable contracts have gained significant attention due to their flexibility and ability to adapt to changing requirements. These contracts follow the Proxy pattern, a design pattern that separates the logic and storage of a contract. The logic resides in one contract, while the storage…

Is it true that smart contracts are immutable? Well, not exactly. Smart contracts can be upgraded once they are deployed. To simplify how this works, think of two contracts: a proxy and an implementation contract. The proxy contract stores all the state variables but relies on the implementation contract for…