Log inSign up
tincho 🪷
797 posts
Image
user avatar
tincho 🪷
@tinchoabbate
ethereum security @theredguild - creator of damnvulnerabledefi.xyz
notonlyowner.com
Joined November 2018
148
Following
12.5K
Followers
RepliesRepliesMediaMedia

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • Pinned
    user avatar
    tincho 🪷
    @tinchoabbate
    Apr 27
    You owe @theredguild. It's payback time🫵 Our public-good security reviews, videos, courses, talks, workshops, articles, tools, research, challenges and CTFs helped you advance your security career and secure your code. For free. Pay back here: qf.giveth.io/project/the-re…
    5.9K
  • user avatar
    tincho 🪷
    @tinchoabbate
    Jun 2, 2021
    So you want to have your smart contracts audited ? These are some tips & tricks that'll make auditors love you from day one 🧵
  • user avatar
    tincho 🪷
    @tinchoabbate
    Jan 13, 2023
    Dear breakers of DeFi, today is a good day. A new version of Damn Vulnerable DeFi is out ! damnvulnerabledefi.xyz/v3-release What's included ?
    Image
    V3 release of Damn Vulnerable DeFi
    From damnvulnerabledefi.xyz
    154K
  • user avatar
    tincho 🪷
    @tinchoabbate
    Jul 19, 2022
    Do you know what happens when you send 1 DAI ? I don’t think you really do. I spent weeks seeking for the truth in Ethereum’s depths. Leaving all previous assumptions behind. And I'm sharing this incredible learning journey with you👇 notonlyowner.com/learn/what-hap…
    Image
  • user avatar
    tincho 🪷
    @tinchoabbate
    Jul 16, 2024
    Dear players of Damn Vulnerable DeFi, rumours are true. The most vulnerable smart contracts in all web3 have been upgraded. V4 is out! 🔥 This is a major update to the game, packed with new challenges and improvements all around.
    Image
    Releasing Damn Vulnerable DeFi V4
    From damnvulnerabledefi.xyz
    47K
  • user avatar
    tincho 🪷
    @tinchoabbate
    Nov 2, 2021
    The MOST vulnerable contracts in all DeFi just got upgraded! ⚙️ New testing env: Solidity 0.8 + Hardhat + Ethers 🌟 4 new levels 💥 New (broken) integrations with Uniswap v2, Gnosis Safe wallets, upgrades, timelocks, NFTs, and more! damnvulnerabledefi.xyz/v2-release.html
  • user avatar
    tincho 🪷
    @tinchoabbate
    Feb 10, 2025
    after a weeks-long rabbit-hole into Ethereum 7702 accounts, here's a +1 hour deep dive breaking it down. I go over the EIP with diagrams, explaining security risks, footguns and lots of testing of broken code of smart accounts. youtube.com/watch?v=ZFN2bY…
    47K
  • user avatar
    tincho 🪷
    @tinchoabbate
    Mar 15, 2024
    After 5 years of using Solidity, I thought I knew how calls worked. I didn't.
    Image
    A call, a precompile and a compiler walk into a bar
    From blog.theredguild.org
    20K
  • user avatar
    tincho 🪷
    @tinchoabbate
    Mar 28, 2023
    We disclosed a critical bug on ENS. It would've allowed anyone to take over DNSSEC names on ENS. Luckily spotted before landing on mainnet. Want details ? blog.theredguild.org/how-to-almost-…
    user avatar
    nick.eth
    ens.eth
    @nicksdjohnson
    Mar 27, 2023
    I'm recommending the @ENS_DAO ecosystem stewards pay out a bounty of $100k - our largest ever - for a vulnerability found in an undeployed version of our DNSSEC code. Because it was reported now, this bug will not affect anyone, but would have been catastrophic if deployed.
    47K
  • user avatar
    tincho 🪷
    @tinchoabbate
    Dec 31, 2021
    I spent more than a thousand days learning from a bunch of ultra-smart human-looking aliens. And today is the day I get off the ship. Thanks for the ride @openzeppelin 💟
  • user avatar
    tincho 🪷
    @tinchoabbate
    Oct 13, 2022
    How to test a smart contract function a million times. And still not find a bug.
    notonlyowner.com
    How to test a smart contract function a million times
    From zero to fuzzing a smart contract library using the OP skills of Foundry.
  • user avatar
    tincho 🪷
    @tinchoabbate
    Dec 22, 2021
    looks like people are just forking damnvulnerabledefi.xyz challenges to mainnet
  • user avatar
    tincho 🪷
    @tinchoabbate
    Dec 8, 2022
    If you think the @arbitrum bridge is secure, the message traps will make you think twice. No need to worry though. It's all intended!
    Image
    Message traps in the Arbitrum bridge
    From notonlyowner.com
  • user avatar
    tincho 🪷
    @tinchoabbate
    Feb 9, 2023
    some views on the new waves and ways in smart contract security
    Image
    On the new waves and ways in smart contract security
    From notonlyowner.com
    28K
Advertisement
Advertisement