This is pretty interesting. So I guess there's a huge opportunity here for grey/black-hatted people to analyse contracts and transactions and spot flaws? Apparently even bitcoin has weaknesses like these, with non-standard transaction scripts that may be easily solvable/stealable for anyone with a bit of insight
In Bitcoin, almost all the people use the same script, so it's enough to review it. (I think the only problem is a small malleability.) And when a big problem is discovered almost all the people will change in a short time.
In Ethereum is more encourage to write smart weird custom contracts, so many people write a custom contract with only one pair of eyes to review it, so it's more probable to find errors.
For sure, but I think there's opportunity/vulnerability in bitcoin too. From the top of my mind I recall reading about people grabbing coins quickly from: bad random number generators in at least android, brainwallets/rainbow-tabley private keys, non-standard script for fun or error to the tune of having to solve "2+2"
A little similar to how bad guys hook onto github feeds and instantly exploit leaked aws keys etc
Let's just say I was courteous to some of the early and published contracts out there.
It does sketch out a new world for grey and black hats, when the attacks can be pretty easily separated out from an IP since they're submitted over the ethereum network.
