Week 76: Current Situation of RIP-7212, Avail Launches Avail Foundation, $MATIC to $POL Migration Soon & WazirX’s $235M Multisig Wallet Hack
Hashingbits: Your Monthly Dose of Web3 Innovation and Security Curated by QuillAudits
GM! Buidlers
In this latest issue of HashingBits, we're diving deep into Ethereum's Core Developers meetings, covering all the major updates in the Ethereum ecosystem. But that's not all—we'll explore the latest happenings in the Polygon, Starknet & Avalanche ecosystems, along with advancements in the AI & Web3 space. For developers, we're highlighting new tools designed to assist smart contract developers and auditors. And, of course, we'll delve into the headlines about the $235M WazirX Multisig wallet hack and LiFi Protocol’s $9.7M loss in smart contract vulnerability.
EtherScope: Core Developments 👨💻
All Core Devs - Execution (ACDE) call #192 Recap
Brief History and Current Situation of RIP-7212: review async & decide on inclusion (soon)
Verkle implementers call #21: proposal to reduce witness size, updates to EIP6800 & EIP2935 and cost of code chunking
Better geographic diversity is optimal, particularly outside of North America & Europe
Blocknative: data viz of self-built blocks, unintentionally increase base fee volatility
EIP7732 ePBS breakout #5: short call, proposer IP leaks requesting headers from builder and consensus spec tests fixes in progress
Nethermind EVMYulLean: EVM + Yul specification, executable, in Lean
Layer1 & Layer2
DefiLlama: narrative tracker features longer lookbacks
Based preconfs is now live on testnet Helder
Shutterized Gnosis Chain is live
Chromia MVP Mainnet is live
Announcing the Nexus 2.0 zkVM
Simple DVT Update: SSV Goes To Mainnet
TPRO Chain, a new Virtual Chain launches on Aurora
Viction DA testnet is live
Apechain Testnet Curtic launches
Announce the release of Ceramic-One
Covalent native token migration successful
Tangem launches new cold wallet ring
Introducing Gwyneth — a based rollup synchronously composable with Ethereum
Introducing Polynomial Chain
Introducing Henez - OmniDeFi Liquidity layer
NEAR House of Stake Governance Proposal
Shape testnet is live
LYNC is building a Movement L2
LI.FI compensation scheme
Season 2 ETH.FI claims are live
Curve PegKeeper Assets Regulatory Brief
A Note On Securely Finding Minimum Mean Cycle
Return of the Delegation Voucher
The Fat Bera Thesis
Chainalysis Operation Spincaster
Scroll delayed finalization to investigate potential ecosystem incident, confirmed Rho Markets was application specific
L2BEAT Badges: visual display of L2 features
Announcing the Avail Foundation
ERCs
ERC7743: Multi-owner non-fungible tokens (MO-NFT)
ERC7744: Code index (index contract bytecode)
ERC7746: Composable security middleware hooks
EIPs
EIP7745: Two dimensional log filter data structure
EIP.tools adds RIPs (rollup improvement proposals)
EcoExpansions: Beyond Ethereum 🚀
Polygon
Aggregation Summit is here
Deep dive into Polygon Plonky3
What do Polygon PoS transactions look like if we strip them to app-action transactions?
Weekly Gaming Roundup on polygon
Polygon sets September 4th date for migration to POL
Starknet
Take a look at Starknet’s Roadmap
All reasons why you should build on Starknet
Starknet Wallet<>Dapp API is getting a major update with Starknet-js V6!
Layerswap x Starkent $STRK Rewards Program is here
Arbitrum
Avalanche’s ACP-77 Reawakening? Everything you need to know about ACP-77
Avalanche Interchain Token Transfer Explained
Get started with Avalanche ICTT Starter Kit
DevToolkit: Essentials & Innovations 🛠️
rindexer - opensource, fast EVM ndexing tool in Rust
spice - python client for extracting data from the Dune Analytics API
Lodestar v1.20.2: patch for publishing blinded blocks using Lodestar beacon node & Lighthouse/Nimbus validator client with MEV-Boost
Reth v1.0.3: fix for Base mainnet & async Backfill stream
Rindexer, EVM indexing tool in Rust, beta
Echidna v2.2.4: improves fuzzing speed & user experience, adds support for transient opcodes
Audit Wizard adds Cyfrin Aderyn (Solidity static analyzer)
Damn Vulnerable DeFi v4: migrated to Foundry, new challenges: curvy puppet, shards, withdrawal & rewarder
Hackathons, Workshops & Events
Arthur Hayes’ Maelstrom announces Bitcoin grant program of up to $250K per developer
Scroll bounty winners ETHGlobal Hackathon
ETHGlobal Hackathon Uniswap Bounty winners
Hyperlane bounty winners ETHGlobal Brussels
Superhack on the Superchain hackathon
Explore the Depths of Knowledge: Research Papers, Blogs and Tweets🔖
Twitter
Nexus 2.0 zkVM is here
IoTeX has released its 2.0 whitepaper
Horizontal Scaling with ZKThreads
The Sink L2 whitepaper thread
Are Rollups Overvalued or Undervalued? An Analysis of Rollup’s Revenue and Cost Structure
A major update to FRI-Binius yields better batching, faster recursion, and smaller proofs
The Economics of L3s
ERC-7739: Readable Typed Signatures for Smart Accounts
Ethereum’s Scalability Crisis: The Execution Layer
A Deep Dive into DeAI Protocol
Deep Dive into Move Smart Contracts
Simple Explanation of EigenDa
Articles
Solidity via-IR compilation pipeline explainer: translates Solidity into Yul (intermediate representation) for optimization rather than direct to bytecode, plan to make default with EOF
Solidity hidden overflow: math expression types cast to highest type used by variables
Solady (Solidity snippets): adds ERC1967 minimal proxies with immutable args, auto verified on Etherscan
Z0r0z sstore3, read/write contract storage using balance & address, license: AGPL v3
Reth Execution Extension (ExEx) examples
OpenAI Scale Ranks Progress Toward ‘Human-Level’ Problem Solving
Research Papers
Anders Elowsson: sealed execution auction, Vickrey slot auction of execution proposal rights, attesters supervise commit/reveal scheme facilitated by builders & beacon proposer
Multi-round MEV-Boost: mitigate negatives of based preconfs & retain benefits of based rollups
Private Heterogeneous Federated Learning Without a Trusted Server Revisited: Error-Optimal and Communication-Efficient Algorithms for Convex Losses
FBChain: A Blockchain-based Federated Learning Model with Efficiency and Secure Communication
Black-Box Opinion Manipulation Attacks to Retrieval-Augmented Generation of Large Language Models
Watch 🎥
Web3 Security Watch 🛡️
Articles
Same Mistake Twice? Decoding LiFi Protocol’s $9.7M Exploit: Post Mortem Report
Another Lazarus Group Attack? Decoding Wazirx Multisig Wallet’s $235M Exploit: Post Mortem Report
Minterest $1.4M exploit on Mantle L2 via reentrancy
Security Alliance (SEAL): incident response to Squarespace domain compromise
The $230 million crypto theft at Wazirx a wake-up call for Indian regulators, government
WazirX Files Police Complaint After $230M Hack, Engages With India's Cyber Crimes Unit
Research Papers
Identifying Smart Contract Security Issues in Code Snippets from Stack Overflow
Detect Llama -- Finding Vulnerabilities in Smart Contracts using Large Language Models
Improving the Accuracy of Transaction-Based Ponzi Detection on Ethereum
The Feasibility of a Smart Contract "Kill Switch"
Twitter
A Comprehensive analysis on how the Wazirx exploit happened
WazirX: PSA on hack
Chain analysis of $230M+ WazirX hack, likely Lazarus linked - ZachXBT
Blood bath in WazirX exchange due to the fact there is no Buy Side liquidity currently
Mudit Gupta’s analysis on Wazirx Exploit
Zachxbt analysis & fund tracing after Wazirx Exploit
Hacks and Scams 🚨
WazirX
Loss ~ $235M
WazirX’s multisig wallet, managed with Liminal, was exploited, losing $235M out of $451M on-chain assets.
The multisig wallet had 6 signatories: 5 from WazirX and 1 from Liminal.
Attackers compromised 3 WazirX and 1 Liminal signatory using phishing.
They directly compromised 2 WazirX signatories and used a fake Liminal UI to trick the others into signing malicious transactions.
Attackers upgraded the multisig wallet to a malicious contract, continuously transferring funds.
ZachXBT traced transactions to Tornado Cash, found test transactions, and linked Bitcoin deposits to the hack.
WazirX blamed Liminal’s system, suspecting payload replacement during transaction verification.
Liminal stated the breach involved a wallet created outside their platform.
Read the Post mortem report to know more details about the whole exploit.
Li.Fi Protocol
Loss - $9.7M
The LiFi team deployed the
GasZipFacet
contract five days prior to the attack to enable gas refueling for bridging transactions.The attacker exploited an arbitrary call vulnerability via
depositToGasZipERC20()
in the GasZipFacet contract, allowing unauthorized transactions.Users with infinite approvals for specific LiFi contract addresses were targeted, enabling the attacker to perform unauthorized
transferFrom
operations.The attacker crafted arbitrary transaction calls to execute unauthorized transfers instead of legitimate asset swaps. This drained significant amounts of USDT, USDC, and DAI from the users who had given infinite approval to LiFi Diamond contract.
Stolen funds were converted into approximately 2,857 ETH using platforms like Uniswap and Hop Protocol, then dispersed across multiple wallets.
Tornado Cash was used to obscure the origins of the stolen funds, making it challenging to trace their final destination.
Exploited Tokens: The primary tokens the attacker got away with include:
6,335,889 USDT
3,191,914 USDC
169,533 DAI
Read the Post Mortem report to know more about the exploit.
Community Spotlight
https://x.com/quillaudits_ai/status/1812741356387016828
https://x.com/quillaudits_ai/status/1813845595788120405
https://x.com/quillaudits_ai/status/1813944615613219277