27 / Evil ownerOf

We talk about OpenSea insider trading charge, facts, legal analysis, allow list to your (testnet) beta testers, beer of the day, make your own bridge (simple, insecure), drops with random timing, cross chain minting by centralizing, and Evil ownerOf.

Timeline

01:07 OpenSea insider trading charge, facts
02:21 Legal analysis
06:42 Give allow list to your (testnet) beta testers
09:03 Beer of the day
09:12 Make your own bridge (simple, insecure)
11:51 Drops with random timing!
13:06 Cross chain minting by centralizing
15:05 Evil ownerOf

Participants


Episode notes

Edit these notes…
// SPDX-License-Identifier: UNLICENED
pragma solidity 0.5.0;

interface NFT {
  function ownerOf(uint256) external view returns (address);
}

contract EvilNFT {
  Marketplace public marketplace;

  function setMarketplace(Marketplace marketplace_) external {
    marketplace = marketplace_;
  }

  function ownerOf(uint256) external returns (address) {
    marketplace.reprice();
    return address(tx.origin);
  }
}

contract Marketplace {
  uint256 public price = 0;

  function reprice() external {
    price++;
  }

  function doSomething(NFT nft, uint256 tokenID) external {
    // collect money from msg.sender
    require(nft.ownerOf(tokenID) == msg.sender);
    // check price
    // send money to DAO
  }
}