
How two Ethereum ERC20 contracts got hacked - ksaitor
https://cryptojobslist.com/blog/two-vulnerable-erc20-contracts-deep-dive-beautychain-smartmesh
======
vaxin
Ths situation is quite simple, today developers have no clue how data
structures work in memory and this is a typical case of it. Any C developer
has knowlidge about this, but if you are floating in space and can see actual
memory just as a blue planet far away, this is the result. But I bet someone
will say that garbage collector would solve the issue :D :D :D

~~~
ksaitor
Yeah, it's been quite scary how many novice devs move into space and just
copy-paste code. And they charge money for that "expertise". And they actually
getting paid…

Also, those who discover those bugs afterwards get paid even more in the end.
Sad story.

~~~
vaxin
Yep, I don't believe any industry/science deteriorated during years of "usage"
as much as IT did, software development came to the point where I am ashamed
to say to the people I am a developer. Not becoase of my knowlidge but due to
all the garbage that universities through out to the streets. =/

------
ksaitor
Hi HN,

Yesterday trading on several tokens got halted due to discovered & exploited
vulnerabilities in two smart contracts. One of them lost about 90% of its
value… and another one lost 26% - $40,000,000 in market cap. in

We wanted to focus more on the technical analysis of the situation to shed
some light on common vulnerabilities that still abound.

Would love your feedback, since we got some mixed reviews on whether we did a
correct technical judgment of one of the contracts.

