"Identity and reputation are important primitives in the Web 3 world. In this post, I’ll give an overview of the problem space and outline some approaches."
Links to the best articles, videos and podcasts about Security in the crypto space.
"One look at the Bitcoin market will tell you that arbitrage is possible. But, like economic theory, your chances of successfully mastering arbitrage are best when you have a solid understanding of why arbitrage opportunities come about in the Bitcoin market and where you can find these opportunities."
"Taking protective measures does not need to be difficult or stressful — the best way to shield yourself from these attacks is to understand the means by which hackers are entering private systems, understand the entry-points that the hackers may target, and explore simple solutions that can protect against their go-to attack vectors."
"Sergei Mavrodi, creator of one of the largest Ponzi schemes in history, died last month at age 62, potentially leaving millions of “investors” in countries around the world in the lurch. Beginning around the fall of the Soviet Union in the early 1990s, Moscow-born Mavrodi’s exploits expanded and evolved over the course of nearly 30 years, putting him in the same league as Bernie Madoff, who operated arguably the biggest such fraud ever, and Charles Ponzi himself, the Italian con artist whose name is now synonymous with this type of financial deception."
Types of scams: Fake ICOs; Social media giveaway scams; Cloned websites; Ad scams; DNS hacks; Email scams; Fake support teams; Fake exchanges and apps; Cloud Mining scams; Ponzi, pyramid and multi-level; Malware and Crypto Mining; Fake Pools and OTC scams; Pump and dumps; Phone hacks.
Stealing Directly from Crypto Exchanges; Cryptojacking (Cryptomining Botnets); Wallet Stealers; Stealing Directly from Legit Miners; Malware-Laden Fake Wallet Platforms; Phishing Scams Galore; Theft During ICOs.
"Commercial security at the birth of writing, arithmetic, and religion in ancient Sumer (modern Iraq)."
The author explains the difference between Ponzi games and schemes and analyses them in the context of ethereum.
"While many of the innovations in the space are new, they're built on decades of work that led to this point. By tracing this history, we can understand the motivations behind the movement that spawned bitcoin and share its vision for the future."
"Due to the fast moving nature of the space, we also know that security is an ongoing evolution, so we would like to proactively point out a few possible attacks that users should be aware of."
The article focuses on the censorship-resistant aspect of cryptocurrencies.
“ECC is a way to encrypt data so that only specific people can decrypt it. This has several obvious real life use cases, but the main usage is in encrypting internet data and traffic. For instance, ECC can be used to ensure that when an email is sent, no one but the recipient can read the message.”
The explanation of the reentrance attack with both high-level view and some low- level code examples.
The article explains in great detail how the verge hack was possible.
"This paper investigates whether Tether, a digital currency pegged to U.S. dollars, influences Bitcoin and other cryptocurrency prices during the recent boom. Using algorithms to analyze the blockchain data, we find that purchases with Tether are timed following market downturns and result in sizable increases in Bitcoin prices."
"In proof of stake protocols, however, validators can come and go, and even the absolute size of the validator set can shrink and grow greatly over time. 80% of the validator set at one time may well be smaller than 20% of the validator set at another time, and what in a fixed-set model is clearly equivocation, in a dynamic-set model may not involve any equivocation at all. How do we deal with this?"
The highly technical article that explains the weakness in Bitcoin Merkle Tree Design. The author describes technical aspects, costs and remedies for the potential attack.