BC ALL
Saved by @Crypto_Carlosa

๐Ÿงต๐Ÿ‘‡ What if I told you that Mirror Protocol, up until 18 days ago, was susceptible to the one of the most profitable exploits of all time, allowing an attacker to generate $4.3m from $10k in a single transaction? Here's how I discovered this - by pure serendipity. ๐Ÿงต๐Ÿ‘‡

 Let's go back to May 9th, when a Mirror contract migration to fix short rewards locked people's funds by accident. We've discussed this before - that's not the point. But take a look at this thread. https://t.co/Qaw91D42dz (1/12)
It appears that OP is indeed correct - Mirror developers smuggled in a major bug fix without announcing it or telling anyone that this bug ever existed, which is slightly infuriating, but what can you do. So how exactly did this bug work? (2/12)
The Mirror Lock contract (that locks your collateral for 14 days when you short) lets you call an unlock function to unlock collateral via a list of position IDs. But they left out something crucial... A duplicate check. This fix was quietly smuggled in 18 days ago. (3/12)
The problem with having no duplicate check is an attacker can create a short position, and after 14 days, they could call their position ID multiple times in a list. This would let them steal funds from the lock contract over and over at little cost and zero risk. (4/12)
So - this bug exists and was quietly patched up - but we don't know if anyone ever noticed it or exploited it before. It would be hard to check since you would need to sift through months of chain data and millions of transactions - the Mirror forum didn't bother. (5/12)
Call it luck, magic, or God's will - whatever you believe in - a source fell into my lap inadvertently revealing that this attack had indeed been executed hundreds of times since 2021. Before today, this was not known by anyone at all. Let's go meet the attacker, shall we? (6/12)
I happened to look at a DM (I can only read a fraction of my DMs!) and almost binned it, but something in me told me to look into the address. The man was right - the address indeed had eerily perfect timing, almost as if they had word directly from TFL. Besides the point. (7/12)
Here is the address for your perusal. https://t.co/7L9aeE38TF I was able to map this address to a Terra wallet via bridge tracing, and it had some large and interesting transactions, so I decided to dig in. Here's the Terra wallet. https://t.co/zAtn6GfVil (8/12)
Two coffees later, as I was about to give up, I found this. Hold on... What's going on here? A single transaction from October 2021 unlocking one position over and over again - and it actually executed. Here's the transaction: https://t.co/2pbiwqKWNT (9/12)
The lock contract didn't check that the funds were sent from the mint contract, so the attacker opened a position with $10 in collateral (!) and send $10k directly to the lock contract. They could then loop-unlock others' collateral over and over again from the contract. (10/12)
In one transaction, the attacker turned $10,000 into $4,300,000. This was actually done several times, generating a total of well over $30m. All of this went completely unnoticed by TFL and the Mirror team & community. This is the first time this attack has been revealed. (11/12)
And that's how with a little bit of luck and a lot of research, I found out about one of the greatest yet most simple smart contract exploits in blockchain history that went under the radar for almost a year. Who did this? I have no idea, but I'll try to find out. (12/12)

More from All

Angad Singh
Angad Singh
@Singh7575
๐™Ž๐™๐™–๐™ง๐™ž๐™ฃ๐™œ ๐™ข๐™ฎ ๐™ฌ๐™ž๐™จ๐™™๐™ค๐™ข ๐‘พ๐’๐’'๐’• ๐’ƒ๐’† ๐’”๐’–๐’“๐’‘๐’“๐’Š๐’”๐’†๐’… ๐’Š๐’‡ ๐’•๐’๐’Ž๐’๐’“๐’“๐’๐’˜ ๐’– ๐’“๐’†๐’‚๐’… ๐’•๐’‰๐’† ๐’”๐’‚๐’Ž๐’† ๐’”๐’•๐’–๐’‡๐’‡ ๐’Š๐’ 50๐’Œ ๐’˜๐’๐’“๐’Œ๐’”๐’‰๐’๐’‘ ๐’๐’“ ๐’”๐’๐’Ž๐’†๐’๐’๐’† ๐’Ž๐’‚๐’๐’‚๐’ˆ๐’Š๐’๐’ˆ ๐’š๐’๐’–๐’“ ๐’Ž๐’๐’๐’†๐’š ๐’˜๐’Š๐’•๐’‰ ๐’”๐’‚๐’Ž๐’† ๐’๐’๐’ˆ๐’Š๐’„
Simple and effective way 2 make Money


Idea 1:- Use pivot level like 14800 in case of nifty and sell 14800straddle monthly expiry (365+335) exit if nifty closes on daily basis below S1 or above R1

After closing below S1 if it closes above S1 next day or any day enter the same position again vice versa for R1

Idea2:- Use R1 and S1 corresponding strikes multiple
Incase of R1 15337 take 15300ce
N in case of S1 14221 use 14200pe
Sell both and hold till expiry or exit if nifty closes below S1 or above R1 around closing
If the same bounces above S1 and falls below R1 re-enfer same strikes

Use same criteria for nifty, usdinr and banknifty

(This is must)Use this margin rule for 1lot banknifty pair keep 4Lax margin
For nifty one lot keep 3Lax
For usdinr 100lots keep 4Lax

I bet you if you do this on consistent basis your ROI will be more than 70% on yearly basis.

Couldn't explain easier than this

Criticisms are most welcomed.
OPTIONSLEARNINGS , MONTHLY OPTIONS SELLING , OPTIONS LEARNING
SK
SK
@sk_diary1
Kolaru Pathigam-Thevaram hymn composed by ThiruGnana Sambandar- #Thread

In Tamil Kol means planets,Aru means cut- set of songs in Kolaru Pathigam addresses all Navagrahas& last 2 lines of every song with end a plea to Bhagwan Shiva to reduce/erase the ill effects of Navagrahas


เฎ•เฏ‹เฎณเฎฑเฏ เฎชเฎคเฎฟเฎ•เฎฎเฏ - This pathigam was sung by Thirugnana Sambandar at Thirumaraikadu Kshetram -Vedaranyam,Tamilnadu

Thirugnana Sambandar & Appar(Thirunavukkarasar) travelled together to various Shiva Alayam to spread shivam & bhakti among people.They both reached Thirumaraikadu.


Thirumaraikadu(Vedaranyam) -
Appar & Sambandar were asked to enter the temple through side entrance.The main door was locked by Vedas many years ago.Appar&Sambandar sang devotional hymns praising Shiva, after which the gates opened & closed.After which main door opened for all.


After darshan of Bhagwan Shiva at Thirumaraikkadu,Sambandar received a message to travel to Madurai.
During that time, Samanam was on the rise in the Pandya Kingdom.The Pandya King converted to Samanam.The Queen Mangaiyarkkarasi was a staunch Shiva devotee and was upset.

Kularchirai Nayanar ,Chief Minister of Pandya kingdom was in agony by the turn of events.Queen requested Kulachirai Nayanar to escort Thiru gnana Sambandar to Madurai.Kularchirai Nayanar met Thiru gnana Sambandar at Thirumaraikkadu & requested him to visit Madurai.
ALL
Advertisement
itrade(DJ)
itrade(DJ)
@ITRADE191
Here is the detailed information of about strategy,

Entry time : 9.30 - 10
Exit : Upto you

Strategy :
Sell weekly ATM CE & PE at almost equal price
For ex : Sell Nifty 17250 CE at 50 and Nifty 17250 PE at 48 so it will become short straddle

Buy monthly ATM or near ATM CE & PE at matching price (5-10 points diff should be fine) as hedge
For ex : Buy Nifty 17250 CE at 150 and Nifty 17300 PE at 155 so it will become long straddle.

Weekly Short straddle + Monthly Long straddle

Adjustment:

โ€ข If you feel slightly bullish/bearish then no adjustment needed
โ€ข If Nifty moves 50 up or down and sustain then just simply roll up or down half of qnty and keep rest of the quantity. If market goes up or down further then roll up or down rest.

โ€ข If Nifty moves one side or about to breach BEP then add equal amount of lot. This can balance tested side. For ex: If I bought 17300 CE 4 lot as hedge then add 4 lot so you will have only one side risk . Note: Remember to keep SL at cost price (only for additional lot bought)

Capital requirement:
2.2 L for 4 lot
Adjustment requires additional capital upto 1L

Note : High risk high reward strategy, please donโ€™t execute until you fully understand. Kindly do paper trading or backtest.
RR : 1:1
POP : 45-55%
OPTIONSLEARNINGS , ALL
Ax
Ax
@AchuthArora
@AJA_Cortes @buzz_chronicles @rattibha @SaveToBookmarks save as Workouts
ALL
Buzz Chronicles
Buzz Chronicles
@buzz_chronicles
@SaveToBookmarks Ciao! Of course! Original tweet by @AnJamison: "@LakotaMan1 @buzz\_chronicles @buzz\\\_chronicles @buzz_chronicles save as categ...". Enjoy โœŒ

Hello! You can find it here. Original tweet by @SaveToBookmarks: "@AnJamison @LakotaMan1 @buzz @buzz_chronicles @pdfmakerapp @Readwiseio @threader...". Thanks! โœŒ
ALL

You May Also Like

Vibhu Vashisth
Vibhu Vashisth
@VIBHU_Tweet
THE UNTOLD TALE OF THE LESSER KNOWN WARRIORS:JOGRAJ GURJAR & RAMPYARI GURJAR AND HOW DID THEY DEFEAT THE CRUELEST ISLAMIC INVADER, TIMUR LANG.

Timur Lang, was the founder of Timurid Empire. He was born in April 1336 CE, somewhere in central asia.


During his reign, he conquered Persia, Egypt, Central Asia and emerged as the most powerful and heinous ruler. He was a religious fanatic like the rest of the Islamic invaders who tried to invade India.

Timur Lang decided to invade India in 1398 as he heard about India's splendid wealth and had a desire to conquer India which his ancestor Genghis Khan couldn't do.


After Firoz Shah's demise in1388, Delhi Sultanate was in a state of political turmoil.During this time, Timur sent his grandson Pir Mohammad to attack Indian front. He invaded Multan&was able to defeat Iqbal Khan's brother but when he met with resistance,he asked help from Timur.


Iqbal Khan secured his hold on Delhi under Muhammad Tughluq after Firoz Shah died.
Timur provided the required back-up to his grandson with 100000 men approx. Timur sacked and plundered all the cities coming in his way &later in October 1398 reunited with his grandson.
ALL
Vigilant AFA
Vigilant AFA
@AfaVigilant
One fascist to watch in 2021 is Joseph Charles "Oakman" Golinske of SE MI. He's been a Proud Boy for a couple years, but took a break recently from the group and promotes himself through the "Oak Nation" channel on Telegram.


Most people may be familiar with him as the tall guy in the Proud Boys bridge shot, from their August 17, 2019 attack on Portland, which featured an American Guard bus trying (and failing) to bludgeon antifascists with hammers.


He was also with his g/f at the time (Dominique Tota, left of Tarrio), and that's definitely a twitter account folks will want to block/report because he posts on it.


He's been plenty active at the pro-Covid/anti-mask/ReOpen protests in Lansing MI, seen here with Jerry Wayne and an effigy of Gretchen Whitmer, who his militia friends tried to kidnap and publicly execute.


Outside of the Proud Boys, his solo "career" with Oak Nation features the same misogyny, classism and gateway to far-right domestic terrorism the Proud Boys themselves feature. Here's him peddling oxychlorinque and bragging about harassing service workers.
FOR LATER READ
Advertisement
Trader knight
Trader knight
@Traderknight007
Pyramiding 2.0

A thread-


What is pyramiding?

It is simply adding to your winners.

Why use pyramiding?

1. It makes your winners bigger than your losers.

โ€ข Because you are adding positions when your trades are going your way, you are increasing your gains but your losers will be small comparatively.

2. You lose less during Draw-down time ( it saves you from losing big during whipsaws )

โ€ข Many times when the market is in sideways mode, Entering a trade with full risk might not be the best idea.

โ€ข So, you test the waters with a small position first, it could be โ…“ or ยผ of your total risk.

โ€ข So if the Breakout fails or whipsaws come, then you will only lose a small part of your overall risk.

โ€ข Then when position starts to go in your favor you can add to it.

3. It helps you to concentrate on a few trades,

They say that donโ€™t put all your eggs in one basket, but donโ€™t put them in too many either.

โ€ข See, Everyone can see charts and find breakouts, pullbacks etc.
ALL , SWING TRADING , PYRAMIDING
Anumah, Abdulraheem Okehi \U0001f468\u200d\U0001f52c\U0001f1f3\U0001f1ec \U0001f1eb\U0001f1f7 \U0001f1f5\U0001f1f9 \U0001f1ea\U0001f1f8
Anumah, Abdulraheem Ok...
@AnumahABD
Department List of UCAS-China PROFESSORs for ANSO, CSC and UCAS (fully or partial) Scholarship Acceptance
1) UCAS School of physical sciences Professor
https://t.co/9X8OheIvRw
2) UCAS School of mathematical sciences Professor

3) UCAS School of nuclear sciences and technology
https://t.co/nQH8JnewcJ
4) UCAS School of astronomy and space sciences
https://t.co/7Ikc6CuKHZ
5) UCAS School of engineering

6) Geotechnical Engineering Teaching and Research Office
https://t.co/jBCJW7UKlQ
7) Multi-scale Mechanics Teaching and Research Section
https://t.co/eqfQnX1LEQ
๐Ÿ˜Ž Microgravity Science Teaching and Research

9) High temperature gas dynamics teaching and research section
https://t.co/tVIdKgTPl3
10) Department of Biomechanics and Medical Engineering
https://t.co/ubW4xhZY2R
11) Ocean Engineering Teaching and Research

12) Department of Dynamics and Advanced Manufacturing
https://t.co/42BKXEugGv
13) Refrigeration and Cryogenic Engineering Teaching and Research Office
https://t.co/pZdUXFTvw3
14) Power Machinery and Engineering Teaching and Research
EDUCATION
Noah Smith
Noah Smith
@Noahpinion
1/People I know on the Right tend to be obsessed with the idea of "crimethink", taboos, and the (supposedly) oppressive, omnipresent enforcement of liberal cultural norms.

Why?

My new theory: A lot of it is guilt.

2/It's true that in some circles - the media, universities, many big corporations - liberal norms *are* enforced to some degree, and the enforcement has probably gotten stronger in recent years.

But I don't think this explains all of the Right's obsession.

3/The stereotype is that people on the Right tend to be more threat-sensitive. That would help explain the perception that liberal norm-enforcers are lurking everywhere, ready to pounce and anathematize anyone who makes a misstep.

But I don't think that's all of it either.

4/And of course, it's always fun - whether you're on the Right or the Left, or playing a video game, or whatever - to style yourself as the brave iconoclastic rebel fighting against the oppressive forces of blah blah blah.

But I don't think this is all of it, either.

5/The reason I think it's more than these things is that even *in private*, people on the Right express their "crimethink" ideas very gingerly and hesitantly.

I get the sense that they're not just afraid of external censure, but have also internalized liberal norms.
SOCIETY