Week 66 - Vitalik's EIP 7702 Update, Polygon's ZK Testnet, Polkadot's Asynchronous Backing, Carpediem Pension Audit Insights, and $71M WBTC Heist
Hashingbits: Your Monthly Dose of Web3 Innovation and Security
GM! Buidlers
In this edition of Hashingbit, we explore several critical updates in the Web3 ecosystem. Discover Vitalik Buterin's latest proposals, including a novel efficiency-boosting method, multidimensional gas pricing, and the major update EIP 7702 for externally owned accounts. The Ethereum community also welcomes EIP-3074, designed to enhance crypto wallet usability. In other ecosystem news, Polygon tests its ZK-based Ethereum scaling solution Miden, Arbitrum launches Millicent One to merge traditional finance with DeFi, and Polkadot introduces asynchronous backing to improve network performance. Additionally, we review the Carpediem Pension Smart Contract audit by QuillAudits and report on significant security breaches, including a $71M WBTC Loot and a $1.27M loss in GnusAi on the Fantom chain. Keep informed with Hashingbits, your essential resource for the latest in blockchain technology and security updates.
EtherScope: Core Developments 👨💻
Vitalik Buterin proposes method to increase Ethereum capacity
Ethereum Developers Target Ease of Crypto Wallets With 'EIP-3074’
Vitalik Buterin Proposes ‘Multidimensional Gas Pricing’ For Ethereum
EIP List for peerdas-devnet-0
Pectra Interop Testing Requirement Tracker
Pectra-devnet-0: plan to launch in ~5 days, client teams making good progress, attestation refactoring for EIP7549 taking extra time
ERCs
EIPs
EcoExpansions: Beyond Ethereum 🚀
Polygon
Polygon launches ZK-based Ethereum scaling solution Miden on testnet
Espresso Systems Collaborates With Polygon Labs To Develop AggLayer For Enhancing Rollup Interoperability
Polygon ranks 1st for having more than 19.6 million contracts deployed on Polygon in the last 180 days.
Seeking Seasoned Grant Allocators: Join the Polygon Community Grants Program!
Polygon DeFi 101: What Are Smart Contracts and How Will They Work in an Aggregated Network?
Arbitrum
Arbitrum surpasses $150 billion in total transaction volume on Uniswap
Introducing Millicent One: Bridging TradFi and DeFi with Arbitrum's Support!
ALIENX and Anomaly Games joins the Arbitrum Ecosystem
Arbitrum Stylus Floats Giga Update
Introducing inEVM: Revolutionizing Interoperability with Injective, Cosmos, and Arbitrum Orbit
Polkadot
Polkadot rolls out asynchronous backing to boost network efficiency and transaction speed
OpenZeppelin Launches Polkadot Runtime Templates for Blockchain Projects
Pendzl: Transforming Blockchain Development with Enhanced Ink! Smart Contracts
Polkadot Introduces Asynchronous Backing, Paving the Way for Polkadot 2.0
DevToolkit: Essentials & Innovations 🛠️
EIP5792 site (wallet call API): API reference, capabilities & ecosystem support
Wagmi v2.8.0: adds experimental EIP5792 actions & hooks
Reth Execution Extensions (ExEx): post-execution hooks for building offchain infrastructure
Introducing the Helius Rust SDK
The go-ethereum live tracer
ERC420 - a tokenized multisig vault
wFRIEND POC - bypassing Friend.techs 3% embedded dex fees
Explore the Depths of Knowledge: Research Papers, Blogs and Tweets🔖
Twitter
Vitalik released EIP-7702 - a new alternative to EIP-3074
How to Raise the Gas Limit, Part 2: History Growth
Implications of EIP-3074 inclusion
Why 4337 and 3074 authors are disagreeing, and who got it right
Overview of Solana's Liquid Staking Market
Structuring Blobspace Futures for Fun and Profit
Liquid crypto is the biggest untapped investable segment for crypto funds
Understanding the Berachain Governance Token (BGT)
Articles
Mastering Solidity: A Comprehensive Guide to Contracts
EIP-3074 and Maintaining Permissionless Innovation
Horizontal vs Vertical Scaling: The New Modular vs Monolithic
The Power of Eigen Token
How to tokenize real-world assets (RWAs)
Unlocking Decentralized AI’s Potential with Morpheus AI by Chris Sotraidis
Opepen v0.2: Decentralizing Curation by LJW
Research Papers
Advancing Blockchain Scalability: A Linear Optimization Framework for Diversified Node Allocation in Shards
Blockchains for Internet of Things: Fundamentals, Applications, and Challenges
Fully Automated Selfish Mining Analysis in Efficient Proof Systems Blockchains
CAKE: Sharing Slices of Confidential Data on Blockchain
MBCT: A Monero-Based Covert Transmission Approach with On-chain Dynamic Session Key Negotiation
TetraBFT: Reducing Latency of Unauthenticated, Responsive BFT Consensus
Watch🎥
Web3 Security Watch 🛡️
Articles
Top 3 Multi-Chain Security Issues
Decoding Pike Finance Exploit
How AI Can Help Detect Money Laundering and Enhance Blockchain Security
Research Papers
Enhancing Data Integrity and Traceability in Industry Cyber-Physical Systems (ICPS) through Blockchain Technology: A Comprehensive Approach
PoW Security-Latency under Random Delays and the Effect of Transaction Fees
WALLETRADAR: Towards Automating the Detection of Vulnerabilities in Browser-based Cryptocurrency Wallets
A2-DIDM: Privacy-preserving Accumulator-enabled Auditing for Distributed Identity of DNN Model
Enabling Privacy-Preserving and Publicly Auditable Federated Learning
Stochastic behaviour of an n-node blockchain under cyber attacks from multiple hackers with random re-setting times
Distributed Estimation in Blockchain-aided Internet of Things in the Presence of Attacks
Twitter
Carpediem Pension Audit Case Study
Vulnerability Report: Binance PoR Dummy User Attack
Introducing Bounty.vision
Hacks and Scams 🚨
WBTC Loot
Loss ~ $71M
Over $71 million worth of wrapped bitcoin (WBTC) was lost in an address poisoning attack.
The victim transferred 1,155 WBTC ($71.1 million) to the alleged attacker.
The attack was executed through the creation of a fake wallet address resembling the victim's.
Hacker spammed victim with numerous transactions to increase chances of address copy error.
Hacker's address is now labeled "fake" and "phishing" on Etherscan.
Wrapped bitcoin (WBTC) is an ERC token pegged 1:1 with bitcoin for use in the Ethereum ecosystem.
WBTC traded at $61,644.23 at 11:13 a.m. ET on May 3, with a 3.95% increase in the past 24 hours.
In poisoning attacks, attackers often mimic the first and last digits of the victim's wallet address.
GnusAi
Loss ~$1.27M
Token minting exploits on Genius (GNUS) AI network on May 5, resulting in a $1.27 million attack.
Highlights challenges in blockchain security.
The attacker accessed a private GNUS team account starting with 0x18.
The attacker obtained salt data for token creation, allowing the minting of 100 million fake GNUs.
Fake GNUs bridged to Ethereum and sold in the market.
The hack occurred via a breach of the team's private Discord communications.
GNUS CEO "SuperGenius" confirmed the hack and Discord vulnerability.
GNUS to release new token version, warning against old version purchase.
The compensation plan includes $500,000 worth of Ether deposited into the liquidity pool for the new tokens.
The remaining $500,000 compensation is locked until February 2025.