Contributor: Script Money
Full-stack engineer, familiar with Web3 development ecosystem, has written some technical tutorials
This article is the fourth issue of the technical newsletter produced by CryptoChasers (no update last week due to illness, this time two weeks are combined), the information comes from personal collection and community group chats. It mainly focuses on practical content related to Web3 development and Crypto activities.
Section settings:
Editor's Picks: 3 most noteworthy information recommended by the author
Tools Recommendation: 3 developer tools worth trying recommended by the author
Hot Topics in the Community: 3 hot topics from this week and a previous week in the community group chat
Developer Activities: Grants and hackathons that can be participated in the coming weeks
Recommendations: Community projects, recruitment, advertisements, etc.
Editor's Picks#
zk book by rareskills#
Website: https://www.rareskills.io/zk-book
Reason for recommendation: I have recommended their Solidity tutorial before, which is concise and clear. This zk tutorial continues the same style and is claimed to be the most programmer-friendly zero-knowledge proof tutorial, worth learning.
0xHacked x OtterSec CTF#
Website: https://github.com/0xHackedLabs/ctf
Reason for recommendation: Just ended CTF, official answers are provided, and the highlight is submitting zkProof answers. It is recommended to give it a try.
Stylus ERC721 Demo Project#
Website: https://twitter.com/yahgwai/status/1707479541071913460
Reason for recommendation: Stylus is an open-source SDK developed by Arbitrum for building applications that support multiple languages. You can develop contracts using Wasm or Solidity with multi-language support, and more chains will be supported in the future. You can refer to this tweet to get started.
Tools#
Artemis#
Website: https://mteam88.github.io/posts/how-to-use-the-artemis-mev-framework/
Reason for recommendation: Artemis MEV framework developed by Paradigm is a useful tool for MEV searchers who want to write MEV bots in Rust. Someone has written an Artemis tutorial, which also includes many additional resources to help you get started.
ComfyUI#
Website: https://www.bilibili.com/video/BV1CF411k7LU/?vd_source=74f7adf85cf4c26433269d832a5c3f14
Reason for recommendation: ComfyUI is a tool for running Stable Diffusion more efficiently. New features require ComfyUI to run, such as various popular dance videos recently. The tool has a certain learning curve, and you can follow the tutorial to use it.
onlypwner#
Website: https://onlypwner.xyz/
Reason for recommendation: Recommended by a senior security researcher in the community, this is a new CTF platform with normal content.
Hot Topics in the Community#
About daily privacy protection#
- Viewpoint 1: Private Relay is a system-level proxy system developed in cooperation with Cloudflare, mainly for privacy improvement. It has regression obfuscation and hiding functions in foreign IP addresses, but cannot be used in domestic IP addresses. After routing the iPhone through the routing layer, this function can be used.
- Viewpoint 2: iCloud now supports encryption using Yubikey, but some users are concerned about the issue of key loss. On the other hand, Google 2FA can be backed up, but it may reduce security. Therefore, when choosing an encryption scheme, it is necessary to balance security and convenience.
- Viewpoint 3: Some suggestions have been made for the issue of securely storing private keys. For situations without automation requirements, single-signature hardware wallets or multi-signature Gnosis can be used. For situations with automation requirements, single-signature KMS or multi-signature MPC can be used.
How to migrate contract data#
- Viewpoint 1: Migrating the state of an old contract to a new contract may face the problem of high gas fees. For maps that contain a large number of addresses, one-time migration may not be feasible. You can consider separating important data into a data contract or using the proxy contract pattern to separate the logic contract and data contract.
- Viewpoint 2: The values of Map variables can be traversed at the underlying level, but it may require scanning blocks on the chain. Geth or Erigon can be used to dump specific contracts, but gas fees are still a problem. You can consider allowing the administrator to set slots arbitrarily, but this method may bring other issues.
- Viewpoint 3: Contract state migration usually allows users to migrate from the old version to the new version on their own. In this way, the project can avoid high gas fees and other potential issues. For example, some stablecoin projects have adopted this method for migration.
Earning bounties by contributing to open source projects on GitHub#
- Some people discussed the possibility of earning airdrops and bonuses by contributing to open source projects on GitHub. It was mentioned that someone earned a lot of bonuses by fixing typos in the onlydust project.
- The discussion included how to view the contributor's records on onlydust. One user mentioned that they have about 300 GitHub accounts, accounting for 3% of their total.
- They discussed a case where a user earned $130k by making three small contributions, but someone pointed out that this number may be the total bonus for the entire project, and the user may have actually only received $3k.
Mentioned URLs in the Group Chat#
- https://t.me/hezu2 Shared rental group
- https://support.apple.com/zh-cn/HT212520 iOS advanced data protection
- https://github.com/daymade/Twitter-Block-Porn Tool to block porn content
- https://orcaterm.cloud.tencent.com/terminal?from=pwa Tencent Cloud
- https://github.com/atomicals/atomicals-js Recent popular mining project
- https://github.com/duneanalytics/spellbook/blob/main/models/layerzero/ethereum/layerzero_ethereum_send.sql Layerzero data
- https://docs.soliditylang.org/en/stable/internals/layout_in_memory.html Solidity layout documentation
- https://github.com/minaminao/tokyo-payload CTF answer
- https://play.google.com/store/apps/details?id=me.shingle.fridaserver&hl=en_US&pli=1 Tool developed by a community member
- https://github.com/bitcoinerlab/secp256k1 secp256k1 algorithm source code
- https://arxiv.org/abs/2309.07864 LLM Agent paper
- https://twitter.com/_hrkrshnn/status/1667874271064989698 Tips for cleaning ETH before 1559
- https://github.com/ProjectOpenSea/seaport/blob/main/docs/Deployment.md Seaport deployment
- https://github.com/0age/create2crunch Tool for creating multiple 0 contracts using CREATE 2
- https://github.com/1inch/profanity2 Tool for generating multiple 0 addresses
- https://openai.com/blog/chatgpt-can-now-see-hear-and-speak ChatGPT with audio and image input
- https://rodarmor.com/blog/runes/ BTC rune explanation
- https://github.com/zmzimpl/auto-friend Open-source FT trading tool developed by a community member
- https://genesis-api.celestia.org/api/v1/airdrop/eligibility/[your] Celestia airdrop query API
- https://github.com/keep-starknet-strange/madara/commits?author=ptisserand Bounty contributions to Starknet sequencer
- https://mp.weixin.qq.com/s/SVX06n6mg0f5O7xgfzn0ag Explanation of impermanent loss
- https://github.com/aristocratos/btop System monitoring tool
- https://chainlist.org/?search=arb&testnets=true RPC for arb testnet
- https://docs.alchemy.com/reference/sdk-websockets-endpoints Websockets documentation
- https://x.com/zhufengme/status/1706971107885265405?s=20 Tax issues for independent developers in China
- https://github.com/GalaxySciTech/js-particles Open-source mining code developed by a community member
- https://www.particles.digital/ Community project
- https://github.com/alenkimov/better_automation Tool authorized through Twitter
- https://www.tuoniaox.com/news/p-558060.html Eular flash loan attack analysis
Developer Activities#
- https://ethglobal.com/events/ethonline2023/ ETHOnline 2023 Many mainstream projects are participating. Registration deadline is October 6th, submission deadline is October 27th.
- https://dorahacks.io/hackathon/multiversX-gaming/detail Hackathon for the new chain MultiversX. Deadline is October 21st.
- https://itch.io/jam/dojo-game-jam-2 Dojo game jam 2 StarkNet full-chain game engine game jam. Deadline is October 22nd.
- https://www.encode.club/eth-london ETH London has essay propositions for some new technical projects. Deadline is October 29th.
- https://dorahacks.io/hackathon/devxam/detail Polygon DevX Hackathon X DoraHacks. Deadline is November 1st. Limited to the Americas.
- https://docker.devpost.com/ Docker AI/ML Hackathon. Deadline is November 7th.
- https://dorahacks.io/hackathon/build-a-bull/detail Algorand "Build-A-Bull" Hackathon. Deadline is November 15th. High prize money.
- https://coinlist.co/subsquid-testnet Subsquid is an indexer project, testnet activity. Learn to use their tools to set up an indexer and complete tasks to earn points. Coins will be distributed after six months. It is recommended for DApp developers to participate.
- https://www.avax.network/blog/avalanche-foundation-launches-ted-yin-grant-program-to-expand-open-source-technology-development New grant from Avalanche
- https://academy.interchain.io/ The Interchain Developer Academy's 5th session is open for registration. If you are interested in learning about Cosmos, you can sign up.
- https://www.lavanet.xyz/blog/a-new-vision-for-public-rpc Node activity rpc to earn. If you have idle servers, you can run them.
- https://www.zkcamp.xyz/aleo Aleo training camp application. If you are interested in developing on this chain, you can sign up.
Recommendations#
- Very useful Twitter API: https://apidance.pro/
- Fuzzland, a blockchain security analysis company, is hiring. Experience in Rust and Web3 is required, and experience in Fuzzing is preferred. Fully remote work. https://fuzzland.notion.site/We-Are-Hiring-af638527ff654395a950121a2f0809fc
Welcome to provide feedback or contribute to the newsletter in the comments section.