defi-threat
defi-threat copied to clipboard
manifoldfinance
a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations on decentralized finance
see https://raw.githubusercontent.com/ossf/osv-schema/main/validation/schema.json example: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/06/GHSA-26qj-cr27-r5c4/GHSA-26qj-cr27-r5c4.json ref: https://docs.github.com/en/code-security/dependabot/dependabot-alerts/editing-security-advisories-in-the-github-advisory-database
https://twitter.com/gauntletnetwork/status/1549834606781808641
**Is your feature request related to a problem? Please describe.** Backend servers are often used for things like compounders, apis, oracles, etc.. This requires remote access, usually through SSH. Default...
https://gist.github.com/rossgalloway/e7d28830b66ea0fcf9bbd4bb9cd6f46b
## Problem The off-chain attacks section is pretty cool, and not something a lot of people consider. However the google sheets does not really mention any resources, guides, etc.. to...
https://github.com/runtimeverification/verified-smart-contracts/wiki/List-of-Security-Vulnerabilities
see 1. https://www.nrel.gov/docs/fy21osti/77521.pdf 2. https://github.com/livnev/auction-grinding/blob/master/grinding.pdf
previous link was broken, also added a link to the older version just for convenience and minor style changes
https://snapshot.org/#/cow.eth/proposal/0x812273c78abe1cea303d8381e1fb901a4cb701715fd24f4b769d0a0b3779b3e2 
# Price Manipulation via Donation Attacks example from CREAM Finance attack Here is the exploit: donate double existing amount yUSD to yUSD Vault. This doubles the value of yUSD so...
Metadata
Owner
Metadata
a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations on decentralized finance