Rugging ERC20 Allowances via Permit2

On November 17th Uniswap released a new generation token approval contract - Permit2.

Permit2 is an exciting new piece of infrastructure enabling token approval management independent of the ERC20 token implementation itself.

However, it also enables a new rug vector to steal allowances via sandwich selfdestruct-ing and redeploying the token.

Introduction to solmate

The solmate contracts from t11s are “not designed with user safety in mind”. Implicit invariants are expected to be followed, and it’s easy to shoot yourself in the foot.

Therefore, I thought it’s a good idea to introduce some of the contracts, their footguns, and cross-check them with the OpenZeppelin library.

Entering the Huff Ecosystem

This article introduces the evolving Huff language and ecosystem by developing a non-trivial contract, an Ownable contract with a Two-Step Transfer pattern, called TSOwnable.

Ampleforth is Hayek Money

This article introduces Ferdinando M. Ametrano’s concept of Hayek Money as defined in his paper Hayek Money: The Cryptocurrency Price Stability Solution and a follow-up argument that, following this definition, Ampleforth is Hayek Money.

Solution to Hats.finance CTF #1

Hats.finance is a decentralized smart bug bounty marketplace that intends to regularly run CTF competitions.

This article provides a quick walkthrough of hats’ first challenge and the solution I came up with.