大家好,我是Lori,我的研究方向是区块链安全 以下是我在硕士阶段做的一些工作:
- 共识机制与链选择算法研究:深入研究以太坊和Solana等区块链的共识机制,以及链选择与终结算法。特别关注GHost类协议,并分析其中可能存在的漏洞。
- 智能合约安全研究与攻击复现:深入研究对智能合约安全,了解常用攻击手段,攻入攻击、签名重用、抢先交易、权限管理漏洞等,对EDGFinance的闪电贷价格操纵攻击和DFX Finance的重入攻击进行了分析,并成功实现了攻击的复现。
这个文档主要记录我在智能合约安全方面的学习,包括但不限于智能合约安全漏洞的分析、检测与修复方法、以及智能合约安全攻防等方面的研究。我将分享我对智能合约安全的理解,探讨最新的安全技术和最佳实践,并提供解决方案来应对不断演变的安全挑战。欢迎大家持续关注,共同探索智能合约安全的前沿知识,共同促进区块链技术的发展与应用。
我的Notion地址:https://lori-blockchain.notion.site/Lori-b62d3531f44f467baa56ddb161f0ef3e?pvs=4
- paradigm-ctf-2023 solution(foudry edition) 后续会更新题解,请关注
Hello everyone, I'm Lori. I specialize in blockchain security. Here are some of the works I completed during my master's program:
- Consensus Mechanisms and Chain Selection Algorithms: Conducted in-depth research on the consensus mechanisms and chain selection algorithms of blockchains like Ethereum and Solana. I paid special attention to GHOST protocols, analyzing potential vulnerabilities within them.
- Smart Contract Security Research and Attack Replication: Studied smart contract security extensively, familiarizing myself with common attack vectors such as signature replay attacks, front-running, and access control vulnerabilities. I analyzed and successfully replicated the flash loan price manipulation attack on EDGFinance and the reentrancy attack on DFX Finance.
This document primarily records my studies in smart contract security, including but not limited to the analysis, detection, and remediation of smart contract vulnerabilities, as well as research on offensive and defensive techniques in smart contract security. I will share my understanding of smart contract security, discuss the latest security technologies and best practices, and provide solutions to address evolving security challenges. I welcome everyone to stay tuned, explore the cutting-edge knowledge of smart contract security together, and promote the development and application of blockchain technology.