I’ve aggregated a bunch of bug write-ups and post-mortems:
2024
- https://medium.com/immunefi/stacks-dos-bugfix-review-dc0f2a75b276
- write-up quality: ⭐⭐ replicability: ⭐⭐⭐
- tl;dr simple inappropriate error handling causing an unexpected exception in the vm
2023
- Post mortem: April 3rd, 2023 mev-boost relay incident and related timing issue - The Flashbots Ship
- Vyper Nonreentrancy Lock Vulnerability Technical Post-Mortem Report - HackMD
- Squashing a Pesky Bug in UniswapX :: Kebabsec
- Rate manipulation in Balancer Boosted Pools — technical postmortem | by Juani
- Ease - governance contract vuln
- A thought experiment about empty ERC-4626 vaults that ended up making this white hat $33,500
- A unique $100,000 bug in SiloFinance and Silo Finance Logic Error Bugfix Review
- Halting and disabling the Cronos Gravity Bridge
- Inside the Governance Hack of Tornado Cash
- KyberSwap Hack Analysis and KyberSwap - REKT
- ERC-4626 vault inflation attack
- Euler Compromise Investigation Part 1 and Part 2
- Vyper compiler bug involving incorrect success values
- Saving $100M at risk in KyberSwap Elastic
- Arbitrary Address Spoofing Attack: ERC2771Context Multicall Public Disclosure
- The Billion Dollar Exploit: Collecting Validators Private Keys via Web2 Attacks
📚 Resources
- Open Zeppelin’s top 2023 bug writeups source
- Blockthreat