Blog archive security • ctf • smart contracts • ethereum Writeup of Paradigm CTF: Bank February 14, 2021 This is a writeup of the “bank” challenge, which I was the first to solve, from the Ethereum Paradigm CTF. security • ctf • smart contracts • ethereum Writeup of Paradigm CTF: Vault February 9, 2021 I was the first to solve a particularly interesting smart contract challenge in a recent CTF competition. This post explains the vulnerability I found and how to exploit it. firebase • firestore Building a Leaderboard With Firestore: OrderBy and Limit January 14, 2021 Firestore queries can sort and limit the data they retrieve using precomputed indexes. Security rules can limit what types of queries are allowed. firebase • firestore • security Refactoring Firestore Security Rules January 12, 2021 Firestore security rules can use functions and local variables. This allows for refactoring for code reuse and clarity. firebase • firestore • javascript • security Rate Limiting With Firestore Security Rules January 10, 2021 Firestore apps can implement rate limiting through security rules, even with untrusted clients. firebase • authentication • javascript Firestore and Authentication January 8, 2021 Firebase Authentication makes it easy to add user identities to your app. When combined with Firestore, it can help to secure user data. firebase • firestore • javascript Hello, Firestore: Adding Live Data to Your Web Apps January 3, 2021 Firebase Cloud Firestore is an easy way to add live updating data to your web apps without writing any server-side code. python • computer science Memoization in One Line of Python December 20, 2020 Thanks to Python’s cache decorator, memoization is just one line of code away. computer science • algorithms Dynamic Programming Is Easy September 23, 2020 Don’t be scared of dynamic programming! It’s a simple technique with a confusing name. cryptography Convergent Encryption and Why No One Uses It September 18, 2020 End-to-end encryption with server-side deduplication. Why are we not doing this? security • ctf SSRF to Redis CTF Solution September 11, 2020 Combining SSRF, CRLF injection, and a little knowledge of the Redis protocol to topple the HashCache CTF challenge. smart contracts • ethereum Schrödinger's Dollar September 11, 2020 Probabilistic payments are an efficient solution for practical micropayments. compression • python Delta Encoding September 9, 2020 A data compression technique so simple even a kitten can do it. twitch • javascript Building Custom Twitch Commands With Glitch September 7, 2020 Learn how to build custom Twitch commands using Glitch and an OBS browser source. slack • go Shove It Up Your Bot: an Intro to Slack Bots September 6, 2020 How to build a simple Slack bot that responds when it’s mentioned. privacy • cryptography Privacy and the Google/Apple Exposure Notification System September 3, 2020 Understanding the privacy features of the Google/Apple Exposure Notification System. dart Extension Methods in Dart: a Tale of Two Kitties August 31, 2020 A story of the ugliness of duck punching and the cuteness of kittens. cryptography Cracking BIP39 Seed Phrases August 28, 2020 BIP39 seed phrases have a checksum. This helps speed up cracking a phrase with missing words. cryptography BIP39: Mnemonics for Recording Long Keys August 26, 2020 The “seed phrases” used for storing cryptocurrency have a number of desirable features that make them ideal for recording random keys. design • css Visualizing Statistics With Dynamic Ranges August 24, 2020 How I solved a design challenge when visualizing key COVID-19 statistics for my state. security • ctf HashCache Capture the Flag Challenge August 22, 2020 Test your hacking skills in this fun Capture the Flag challenge. smart contracts • blockchain • ethereum Smart Contracts Are Stored Procedures August 20, 2020 The Ethereum blockchain has a programming capability called “smart contracts”. That term is misleading. For the purpose of understanding, I prefer the term “stored procedures”. cryptography TOTP: How Most 2FA Apps Work August 18, 2020 Have you ever wondered how two-factor auth apps like Google Authenticator work? It’s pretty neat. Flutter Automatic Scroll-To-Bottom in Flutter August 13, 2020 Learn how to scroll to the bottom of a Flutter ListView when new items are added. AWS URL Rewriting With Lambda@Edge August 13, 2020 For a typical single-page app (SPA), pure static hosting is insufficient. You need to rewrite requests to reach your index.html, and AWS Lambda@Edge can help. algorithm • art Chaikin Curves: a Beautifully Simple Algorithm August 9, 2020 Chaikin’s corner cutting algorithm is an astonishingly simple way to turn a jagged line into a smooth curve.
