Week 64 - Ethereum at Record Highs | Bitcoin Halving Insights | ZetaScan's 100M Mark, Stripe Adopts USDC on Solana | $33M Rugpull Alert | QuillShield Launches
Hashingbits: Your Monthly Dose of Web3 Innovation and Security
GM! Buidlers
In this edition of HashingBits, we explore critical developments within web3. Discover the latest on the anticipated Bitcoin halving and its expected market effects. We bring you detailed updates from Starknet, Zetachain, Polygon, and Solana, emphasizing their recent technological progress and strategic collaborations. This edition also covers the distressing $33M rugpull at ZKASINO on zkSync, and a phishing scam targeting ANDY token holders on Solana, which resulted in a loss of $180k. Additionally, we are proud to announce the debut of QuillShield in Dubai, a new security solution aimed at bolstering digital asset protection. Dive into these important updates and more, ensuring you remain informed and secure in the ever-evolving realm of blockchain technology, courtesy of QuillAudits.
EtherScope: Core Developments 👨💻
Ethereum Ecosystem Activity Soars to All-time High
Reth's Path to 1 Gigagas per Second - Ethereum Scaling Roadmap
Introducing Ethereum Blobspace Derivatives.
Ether Inflates After Gas Fees Plummet.
Top Ethereum Layer-2 networks adopt Avail DA to boost rollup efficiency and security.
Vitalik Buterin backs ETH PoS transition amid PoW debate
RIPs (Rollup Improvement Proposals):
RIP-7696 : Precompile for generic DSM (double scalar multiplication)
EIPs (Ethereum Improvement Proposals):
ERCs (application layer):
ERC7699: ERC20 payment reference extension
EcoExpansions: Beyond Ethereum 🚀
Starknet
Starknet Tokenbound V2 - The latest implementation of ERC6551 on Starknet is live!
Starknet Releases it roadmap and targets for the upcoming months
Introducing the Starknet Propulsion Program!
The Ark Project NFT Bridge is live on Starknet Mainnet.
The Avail DA solution is coming for MadaraStarknet builders!
ZetaChain
The ZetaScan TX counter nears 100 million in <90 days!
Bitcoin is coming to gaming! Multiplayer web3 gaming hub upcade_xyz is live on ZetaChain
ZetaChain announces 5% of total ZETA supply to power the next generation of native Bitcoin applications!
Tezos
Beyond Collectibles: Making Web3 Games That Players Truly Value Using Tezos Unity SDK
AlphabotApp has completed their #Tezos integration. You can now whitelist your NFTs built on Tezos!
Now you can deploy Tezos-based quests and campaigns with DMission!
Polygon
Polygon Ecosystem Token (POL): What It Is and Its Role in Polygon 2.0.
How the AggLayer Unlocks a New Age of Blockchain Economics
Solana
Digital payments giant Stripe to enable USDC payments via Solana!
jito_sol Foundation’s Stakenet has undergone a UI upgrade for validators.
Institutional self custody platform Safeheron integrates Solana.
DevToolkit: Essentials & Innovations 🛠️
Remix v0.48: supports using multiple browser wallets (EIP6963), added PLONK scripts to zk proof templates and added CREATE2 factory for deploying
Guide to Hardhat Ignition contract verification on Etherscan
Safe singleton factory deployer (Solidity): for using the factory with Foundry deployment scripts
Forge AlphaNet (Solidity): libraries for AlphaNet, EIP2537 BLS precompiles, RIP7212 Secp256r1 precompile and EIP3074 invokers
Snekmate (Vyper contracts): added Echidna-based property tests for ERC20/721 contracts
Dpack-py (EVM packaging format): share addresses & artifacts to interact with contracts
Tenderly virtual testnets for dapp developers, uses mainnet state, with a faucet, RPC, explorer & debugging tools
Privacy and Scaling Explorations core program: 8 week hybrid course for students in Japan, South Korea, Taiwan, Costa Rica, Ecuador & Argentina, apply by April 30
Explore the Depths of Knowledge: Research Papers, Blogs and Tweets🔖
Twitter
How do you choose which rune tokens to trade/mint?
Miners are making more money than before the Halving
What can we expect post halving?
The L2 Endgame Isn't Fee Revenue.
introducing BIP-420: formal Bitcoin Improvement Proposal for OP_CAT
GPU-EVM: The Most Performant Parallel-EVM by 100x
GitHub Repos
Articles
Engaging Safely in Web3 Communities.
Bitcoin Layer 2 Coins, STX, ELA, SAVM, Outperform BTC After Halving
How Real-World Assets Will Survive (and Evolve) in the Bull Market.
Degeneracy to the Third Degree.
PayPal and Energy Web Team Up To Incentivize Green Bitcoin Mining.
Research Papers
Leverage Staking with Liquid Staking Derivatives (LSDs): Opportunities and Risks.
zkLLM: Zero Knowledge Proofs for Large Language Models.
Zero-Knowledge Location Privacy via Accurate Floating Point SNARKs.
Byzantine Attacks Exploiting Penalties in Ethereum PoS.
Watch🎥
Web3 Security Watch 🛡️
Articles
Post Mortem: Augustus V6 Vulnerability of March 20th, 2024
New Technique to Trick Developers Detected in an Open Source Supply Chain Attack by Yehuda Gelb (Checkmarx).
One More Problem with ERC777.
GitHub Repos
Research
Replacing Cryptopuzzles with Useful Computation in Blockchain Proof-of-Work Protocols
Demystifying Invariant Effectiveness for Securing Smart Contracts
Tweets
Tools
Smart Contract Inspector - Inspect the source code of a Smart Contract with your preferred Web IDE with just one click (or keyboard shortcut) by StErMi.
Simbolik - Next-Generation Smart Contract Debugging.
tx-coverage - Reveal unused code of a live smart contract by collecting coverage from historical transactions by Decurity.
Hacks and Scams 🚨
ZKASINO
Loss ~ $33M
ZKasino, a crypto betting site, faced rug pull allegations when its developer diverted $33 million worth of investor funds to Ethereum staking platform Lido.
The ZKasino network launched on April 20, attracting over 10,000 users who bridged 10,515 ETH with expectations of receiving extra $ZKAS tokens and having their ETH returned.
However, on launch day, ZKasino altered its plan, converting all bridged ETH to $ZKAS at a rate of $0.055 and vesting it for 15 months without indicating if the Ether would be returned.
Despite demands for ETH refunds, ZKasino dismissed concerns as "FUD," and its founders disappeared, along with the official Telegram channel.
The situation is dubbed potentially the biggest rug pull of 2024, resulting in over $33 million in losses for investors.
Additionally, Lido, the platform where the funds were sent, is embroiled in controversy, with Big Brain Holdings denying any investment in ZKasino and alleging fraudulent claims of backing.
MEXC exchange, citing community concerns, canceled the listing of $ZKAS token.
Blockchain analyst ZachXB labeled ZKasino's founder, Derivative Monke, and the team as "proven bad actors."
Meanwhile, Mega Dice, a reputable crypto casino, gained attention after raising over $438k in its DICE token presale, offering an alternative for investors disillusioned by ZKasino's actions.
Avoid rug pulls with QuillCheck's easy token safety checks on multiple chains.
ANDY(Token)
Loss ~180k
A cryptocurrency investor lost over $180,000 in USD Coin (USDC) and ANDY, a meme coin inspired by Pepe, due to a phishing attack on Ethereum.
The attack took place on April 23, lasting nearly one hour, from 05:39 to 06:29 UTC.
Perpetrators executed a multi-call phishing attack, combining multiple function calls into a single transaction, appearing benign when viewed separately but malicious when combined.
Transaction data reveals outflows from the victim’s address to multiple wallets belonging to the hackers, some identified as phishing wallets by Etherscan.
The victim lost over 1.6 billion ANDY tokens valued at $162,400 and 17,913 USDC.
The attack emptied the victim’s account, leaving a balance of only $32 worth of Ethereum (ETH) and Arbitrum (ARB).
One of the attacker’s addresses retained the loot, while the second immediately swapped the received ANDY tokens for WETH on Uniswap and transferred them to a new address.
Community Spotlight
QuillAudits at Dubai Launching QuillShield !