Week 63 - Ethereum Eyes $1B Annual Profit in DeFi Surge | Solana's Urgent Congestion Patch Goes Live | Polygon Bridges Solana and Ethereum | Hacks & Scams Alert: Over $47M Lost | QuillAudits at Dubai!
Hashingbits: Your Weekly Dose of Web3 Innovation and Security
GM! Buidlers
In this edition, we spotlight the latest pivotal updates from the blockchain world. Discover Solana’s newly implemented congestion patch, explore Polygon’s collaboration with OKX through the X Layer, and learn about Subsquid’s launch of BeraChain. We also cover Arbitrum's bold moves toward greater decentralization, and address the serious implications of recent security breaches which have led to significant financial losses of over $47M. Get all the details on these critical developments and more, ensuring you stay ahead in the evolving landscape of blockchain technology and security, courtesy of QuillAudits.
EtherScope: Core Developments 👨💻
Token2049: Crypto experts highlight Ethereum blockchain problems
Ethereum aims for $1 billion annual profit as DeFi gains momentum in Q1
Layer 2
L2BEAT Costs: breakdown of L2 transaction costs
XEN spam is 68% of Base state
Steven Goldfeder: technical & financial benefits end at L3
ZeroPool: zk native sharded storage protocol
Prooφ: SNARK prover market mechanism
RollCall (L2 standards) call video
EIPs:
RIPs (Rollup Improvement Proposals):
RIP7696: Precompile for generic DSM (double scalar multiplication)
ERCs (application layer):
Tools
Guide to using Kurtosis & ethereum-package to launch local devnets
Tracoor: beacon data & execution trace explorer to identify & address network problems
Assertoor: cross-client integration testing tool, higher abstraction level than Hive
EcoExpansions: Beyond Ethereum 🚀
Solana
Solana releases mainnet beta update v1.17.31 to resolve congestion issues
Solana rallies 9% as developers launches update to tackle network congestion
Solana AI projects to watch as io.net's launch draws near.
Solana DEX Drift to Airdrop 100M Tokens in Weeks
Polygon
OKX Launches X Layer, Built with Polygon CDK, Enabling 50M+ Users to Tap Unified Liquidity of the AggLayer
OraProtocol’s onchain AI oracle (OAO) is integrating with Polygon PoS
Polygon Labs Awarded ISO 27001 Certification, the Gold Standard of Compliance for Information Security Management Systems
IBC, meet AggLayer, for cross-chain transactions and inter-network communication
Polygon aims to bridge Solana with Ethereum as analysts eye new AI altcoin
Berachain
Berachain's Meme Marketing Leads to $100M Raise
Subsquid Unleashes BeraChain Indexing for Enhanced Decentralized Data Access
ZOTH Atlas (Incentivized Testnet) is Now Live on Berachain
Arbitrum
Arbitrum BOLD Testnet Live: The Next Step in Decentralization
Arbitrum Foundation Grant Program Phase Three is NOW OPEN!
DevToolkit: Essentials & Innovations 🛠️
A beginner's guide to Runes
Learn, integrate, and build on a new modular EVM with Berachain.
Slither v0.10.2: slither-mutate support for Foundry projects, unused imports detector and supports aliases
Guide to writing efficient DuneSQL queries
Remix v0.47.0: adds Solidity Copilot using SolCoder LLM, pin contracts deployed to Remix VM and DappDraft plugin to generate a front end
Fuzzing smart-contracts practical aspects: Echidna
Sub Zero: mine vanity addresses using CREATE2, tokenized as ERC721 NFTs
inkmate , a set of gas-efficient smart contracts written in Rust .
Explore the Depths of Knowledge: Research Papers, Blogs and Tweets🔖
Good Reads 📚
Runes Will Help Bitcoin DeFi ‘Close the Gap’ on Ethereum, Solana: Franklin Templeton
2024 Q1 Crypto Industry Report
Zero Knowledge Summit (zkSummit) 2024: Field notes
WorldCoin to launch Layer 2
Layer 2 Scroll zkEVM Introduces Points Program
Tweets
Introducing Subscription Minting
Runes - Bitcoin's new Fungible Token Standard
20 of the Most Innovative Onchain Experiments From the Last 3 Years
HyperspaceZK: A fast and free browser-based ZK engine for AI agents
GitHub Repos
Theoretical and technical aspects of tokenisation of real world assets.
Research Papers
Privacy-Preserving UCB Decision Process Verification via zk-SNARKs
Performance Analysis of Decentralized Physical Infrastructure Networks and Centralized Clouds
mABC: multi-Agent Blockchain-Inspired Collaboration for root cause analysis in micro-services architecture
SoK: Decentralized Finance (DeFi) -- Fundamentals, Taxonomy and Risks
Watch🎥
Web3 Security Watch 🛡️
Good Reads 📚
Privacy by default on L1s?
SEAL-ISAC (database of blackhat info): free membership for whitehats via application
Heimdall Security Bug Fix
Demistifying account abstraction ERCs
Tweets
Zelic found critical vulnerability in Gains network
Concept of Stealth Addresses
Github Repos
DeFi, Blockchain and crypto-related OpSec researches and data terminals
Research Papers
Evaluating the Security of Merkle Trees in the Internet of Things: An Analysis of Data Falsification Probabilities
Larger-scale Nakamoto-style Blockchains Don't Necessarily Offer Better Security
Tools
Mempool Dumpster :- Dump all the mempool transactions 🗑️ ♻️ (in Parquet + CSV)
Hacks and Scams 🚨
Hedgey Finance
Loss ~ $44.7 millionHedgey Finance experienced two hacks, losing a total of $44.7 million across the Arbitrum and Ethereum networks.
The larger hack on the Arbitrum network resulted in a loss of approximately $42.8 million in ARB tokens, with some funds moved to Bybit exchange.
A smaller exploit on the Ethereum network earlier led to a loss of $1.9 million in cryptocurrencies.
Hedgey Protocol confirmed the exploits and is working with auditors to identify the underlying vulnerabilities.
Following the attack announcement, fake accounts appeared, posting harmful links under the guise of offering help, leading to potential further scams.
Grand Base
Loss~$1.7 millionGrand Base, a real-world asset tokenization protocol on Coinbase's layer-2 blockchain, lost $1.7 million due to a private key compromise.
The incident occurred on April 15, with PeckShield confirming the private key leak allowed the theft and on-chain swap of tokens for Ether, then sent to an external address.
The protocol’s native token value plummeted by 99% within 24 hours of the exploit.
Grand Base admins warned users via Telegram to avoid interacting with the compromised token contract.
Analysis by CertiK revealed the hacker gained control of deployer contracts, minted GB tokens unauthorizedly, and withdrew them.
Grand Base staff are monitoring the hacker’s wallets and coordinating with exchanges to potentially freeze any transferred funds.
Users in the protocol's Telegram expressed frustration and distrust, advising against further investment.
MASA Token
Loss~$502.0KFake Masa $MASA on Ethereum dropped -100%. The deployer 0xEB35...80a71 dumped 1,769,800,761,000,000 $MASA for ~142.8 $WETH (worth ~$502K).