B010: Security Tidbits

Hash Collisions

Many systems nowadays utilize hashes as a form of identifier within their smart contract system, namely due to the fact that hashing operations are readily available and “native” within the EVM. In short, a hash function is a function in which you provide input and a seemingly random output is generated.

Example of a Hash Collision

Spot Price Retrieval

With the boom of the DeFi ecosystem, multiple projects are rushing in to attempt to interface with the DeFi building blocks and build the next big thing in the blockchain space. To do so, most systems attempt to bring some traditional finance notions (i.e. put and call options) into the EVM.

Conclusion

There are a lot of things to talk about when it comes to security; in this article, I noted down two important misconceptions that can lead to significant vulnerabilities in taking form.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Alex Papageorgiou

Alex Papageorgiou

A Solidity security auditor keen to share his knowledge.