Next issue: the authors indicate they found only 1,524 _distinct_ greedy contracts. ~30k comes from instances of the issues. There is no discussion of the distribution. Are there a few contracts that repeat the vast majority of these issues? We don’t know!
-
-
Yep it's sensationalist. The multi-trandactional approach is great though.
-
We need to deploy something that detects & shows vulns in all mainnet contracts at scale. It's not that difficult.
-
I think that's a bandaid for the root cause problem that the tooling allows such insecure code in the first place. You shouldn't have to wait until deploy to find out something is broken.
-
IMHO A tool that "detects & shows" vulnerabilities at scale is far more useful to blackhats. How many defensive teams make adequate use of Shodan or respond to alerts from ShadowServer?
-
At the very least, the incidence rate of vulnerabilities detected is too high. Investing effort to lower the rate would make surveillance efforts more compelling.
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.