今日已更新 412 条资讯 | 累计 19972 条内容
关于我们

标签:#defi

找到 5 篇相关文章

AI 资讯

Shielded Token Contracts on Midnight: Real Errors, Real Fixes

Written from months of grinding on shielded liquidity DeFi protocols on Midnight. If you've been trying to build anything serious with shielded fungible tokens on Midnight lending protocols, liquidity pools, DEXes you've probably hit some walls that the documentation doesn't fully prepare you for. The Midnight programming model around shielded tokens is genuinely different from anything in the EVM world, and a lot of the intuitions you carry from Solidity or even other ZK environments will get you into trouble fast. This post is a breakdown of the most impactful errors and misconceptions I ran into while building shielded liquidity DeFi contracts using Midnight's Compact language. These are not theoretical every single one of these either broke a circuit or caused a proof server failure at some point. I'll walk through what the issue is, why it happens, and what the correct pattern looks like. Background: How Shielded Tokens Actually Work Under the Hood Before we get into the errors, let's get clear on the underlying mechanics because this context is what makes the errors make sense. Midnight uses a protocol called Zswap for shielded token operations. When a user sends tokens to your contract by calling receiveShielded , what actually happens is more involved than it looks on the surface. When your circuit calls receiveShielded(coin) , the Compact runtime records a shielded receive obligation in the transaction being constructed. At this point, the proof server kicks in to generate the ZK proof for your circuit. But here's the thing your circuit only describes what the contract side is doing. The transaction still needs to be balanced : the tokens being received by the contract have to come from somewhere. This is where the wallet gets involved through an internal mechanism that runs beneath your circuit. The wallet looks at the ShieldedCoinInfo you're receiving the coin's color (token type) and value and finds a matching UTXO in the user's private coin set. It then

2026-07-01 原文 →
AI 资讯

Precision Loss and Rounding Exploits in Financial Smart Contracts

A smart contract does not need an overflow, reentrancy bug, or broken access-control check to lose money. Sometimes, the exploit is hidden inside an ordinary division: uint256 result = amount * rate / SCALE; The expression looks harmless. It may even produce the expected answer in every unit test. But financial smart contracts operate with integer arithmetic. Fractions are discarded, rounding direction changes who receives value, and an error of one unit can be repeated across thousands of transactions. In a financial protocol, rounding is not merely a mathematical implementation detail. Rounding is a value-transfer policy. Every division should therefore answer three questions: Which direction does the calculation round? Which party benefits from that direction? Can the rounding advantage be repeated or amplified? This article examines the most dangerous precision problems in Solidity and the engineering patterns used to prevent them. Solidity Does Not Have Native Fixed-Point Arithmetic Most financial formulas use fractions: interest = principal × rate × time fee = amount × fee percentage shares = assets × total shares ÷ total assets collateral value = token amount × oracle price Solidity primarily performs these calculations with integers. For unsigned integers: uint256 result = 5 / 2; The result is: 2 The fractional component is discarded. For positive values, this behaves like rounding down: 2.5 → 2 This appears insignificant until the result represents: vault shares; debt; collateral; protocol fees; interest; rewards; liquidation bonuses; exchange rates; token prices. The lost fraction does not disappear economically. One party receives less value, while another party retains the remainder. Precision Loss Is Not Always Small Consider a protocol calculating a percentage: function calculateFee( uint256 amount, uint256 feeBps ) public pure returns (uint256) { return amount * feeBps / 10_000; } For a 0.3% fee: amount = 100 feeBps = 30 fee = 100 × 30 ÷ 10,000 fee =

2026-06-22 原文 →
AI 资讯

The Road Toward Mainnet: A Security-First Approach to XRPL Lending Protocol

Over the last several months, XRP Ledger (XRPL) has fundamentally shifted in how amendments move from concept to mainnet. Historically, amendment development was largely focused on functional correctness, performance testing, traditional security audits, bug bounties and independent validator testing as the last line of defense to catch security vulnerabilities. As XRPL continues to grow in complexity and the value secured by the network increases, we recognized that the previous model was no longer sufficient. Advances in AI are also rapidly reducing the cost of vulnerability discovery, making it increasingly important to identify issues as early as possible in the development lifecycle. With that in mind, we set out to establish a stronger, repeatable, defense-in-depth model that makes it increasingly difficult for critical vulnerabilities, consensus risks, and feature interaction bugs to reach mainnet. The result is a significantly higher bar for amendment activation that combines specification rigor, adversarial testing, multiple independent audits, attackathons with expert security researchers, AI-assisted security reviews and phased deployments. The Lending Protocol ( XLS-66 ) and Single Asset Vault (SAV) - XLS-65 are among the first major amendments to undergo this full review process, making them some of the most rigorously tested amendments in XRPL's history. They also represent some of the most significant new financial capabilities added to the XRP Ledger since 2012, introducing native primitives for lending and borrowing built around Single Asset Vaults. Together, the Lending Protocol and Single Asset Vault bring lending and borrowing capabilities directly into the core XRPL protocol, advancing XRPL's capabilities for Institutional DeFi. Lending Protocol Security and Quality Gates This report provides transparency into the development and security process behind one of the most financially complex features XRPL has ever shipped. As context, the Lending P

2026-06-18 原文 →
AI 资讯

Drift Protocol $285M Exploit - North Korean APT Attack on Solana

On April 1, 2026, Solana's largest decentralized perpetual futures exchange Drift Protocol suffered an attack, losing approximately $285 million . This is the second-largest DeFi hack of 2026 (behind KelpDAO's $292M attack the same month). Together, these two incidents totaled $577M — 76% of all DeFi stolen funds in 2026 . Key Finding : This was not a smart contract vulnerability. The attacker penetrated protocol personnel through social engineering , used Solana's durable nonce feature to pre-sign malicious transactions, and drained the entire treasury in 12 minutes . Mandiant confirmed the attacker as North Korean state-sponsored APT group UNC6862. ⏱️ Attack Timeline Time Event 6 months prior North Korean hackers establish fake trading company identities, attend crypto industry events Weeks prior Operatives attend crypto conferences in person, build deep trust with Drift contributors Late Feb - Early Mar Telegram group discussions about trading strategies, posing as partners Dec 2025 - Jan 2026 Fake company "Ecosystem Vault" builds partnership with Drift, deposits $1M+ Feb - Mar Attackers gain access to some contributors' code repositories Mar 23 Create 4 malicious wallets using Solana durable nonce feature Mar 27 Security Council migrates to 0-second timelock , removing safety buffer Apr 1, 16:06:09 UTC Execute pre-signed malicious transactions 16:06 - 16:18 UTC Treasury completely drained in 12 minutes Post-Apr 1 Funds swapped via Jupiter, bridged to Ethereum via CCTP, mostly dormant 🔧 Attack Technical Analysis Initial Penetration The attackers used a multi-layered social engineering + technical infiltration combination: HUMINT Operation Spent months building credible identities, attending global industry events Used intermediaries rather than direct contact (classic Lazarus tactic) ZachXBT noted this layered identity structure is a hallmark of Lazarus operations Malicious Code Injection Shared code repositories containing malicious code Exploited unpatched VSCo

2026-06-06 原文 →