Anmol-Dhiman/audits
GitHub: Anmol-Dhiman/audits
智能合约安全审计员的专业作品集,收录竞争性审计发现、黑客事件深度分析和区块链安全技术研究文章。
Stars: 0 | Forks: 0
# Anmol 的作品集
### [简历](https://resume-anmol-dhiman.tiiny.site/)
## 简介
- [Code4rena](https://code4rena.com/@Sherlock__VARM)
- [CodeHawks](https://profiles.cyfrin.io/u/sherlockvarm)
- [Sherlock](https://audits.sherlock.xyz/watson/Sherlock_VARM)
- [Cantina](https://cantina.xyz/u/sherlockVARM)
## 竞争性审计
| 比赛 | 平台 | 类别 | 发现 |
| ------------------------------------------------------------------------------- | --------- | ---------------------- | ------------------------------------ |
| [Primev](https://cantina.xyz/competitions/e92be0b9-b4f2-4bf2-9544-ae285fcfc02d) | Cantina | 奖励管理 | [1H](contests/2025-05-primev.md) |
| [THORWallet](https://code4rena.com/audits/2025-02-thorwallet) | Code4rena | 跨链代币 | [1M](contests/2025-02-thorwallet.md) |
| [Next Generation](https://code4rena.com/audits/2025-01-next-generation) | Code4rena | 稳定币 | [1M](contests/2025-02-next-gen.md) |
| [Fjord Token Staking](https://codehawks.cyfrin.io/c/2024-08-fjord) | CodeHawks | 代币质押, 拍卖 | [1M](contests/2024-08-fjord.md) |
## 独立博客与 Twitter 文章
- [WTF Blockchain Re-Orgs?](https://x.com/SherlockVarm/status/2033169609415860722)
- [WTF Rounding Errors?](https://x.com/SherlockVarm/status/2031322973664432360)
- [WTF Solidity IR Codegen?](https://x.com/SherlockVarm/status/2030621011784372355)
- [Elliptic Curve Digital Signature Algorithm](https://sherlockvarm.hashnode.dev/elliptic-curve-digital-signature-algorithm)
- [EIP-7549: Move committee index outside Attestation](https://sherlockvarm.hashnode.dev/eip-7549-move-committee-index-outside-attestation)
- [EIP-7840: Add blob schedule to EL config files](https://sherlockvarm.hashnode.dev/eip-7840-add-blob-schedule-to-el-config-files)
- [EIP-7685: General purpose execution layer requests](https://sherlockvarm.hashnode.dev/eip-7685-general-purpose-execution-layer-requests)
- [EIP-7691: Blob throughput increase](https://sherlockvarm.hashnode.dev/eip-7691-blob-throughput-increase)
- [EIP-7623: Increase calldata cost](https://sherlockvarm.hashnode.dev/eip-7623-increase-calldata-cost)
- [EIP-2718: Typed Transaction Envelope](https://sherlockvarm.hashnode.dev/eip-2718-typed-transaction-envelope)
## 在 [QuillAudits](https://quillaudits.com/) 的工作
### 手册
- [Uniswap v4 技术深度解析](https://www.quillaudits.com/research/uniswap-development)
- [RWA 手册](https://www.quillaudits.com/research/rwa-development)
### 报告
- [被利用的账本:2025 年 Web3 黑客报告](https://www.quillaudits.com/reports/exploited-ledgers-web3-2025-hack-report)
### 安全检查清单
- [Solana 程序安全审计检查清单](https://www.quillaudits.com/security-hub/solana-audit-checklist)
### 黑客攻击分析
- [Solv Protocol 250 万美元漏洞利用:双重铸造 Bug 解析](https://www.quillaudits.com/blog/hack-analysis/solv-protocol-exploit)
- [FoomCash 160 万美元漏洞利用(错误的 zk 验证 - 解析)](https://www.quillaudits.com/blog/hack-analysis/foomcash-exploit-explained)
- [YeildBlox 1000 万美元黑客攻击(预言机操纵 - 解析)](https://www.quillaudits.com/blog/hack-analysis/yeildblox-10m-hack-explained)
- [Cross Curve 140 万美元实现 Bug [解析]](https://www.quillaudits.com/blog/hack-analysis/cross-curve-exploit)
- [Makina 400 万美元黑客攻击(预言机操纵 - 解析)](https://www.quillaudits.com/blog/hack-analysis/makina-4m-hack-explained)
- [Truebit 2600 万美元黑客攻击(数学溢出 - 解析)](https://www.quillaudits.com/blog/hack-analysis/truebit-26m-hack-explained)
- [Yearn 900 万美元不变量求解器漏洞利用(解析)](https://www.quillaudits.com/blog/hack-analysis/yearn-9m-exploit)
- [2025 年 Balancer 黑客攻击(解析)](https://www.quillaudits.com/blog/hack-analysis/the-balancer-hack)
- [Abracadabra 黑客攻击(180 万美元逻辑错误)](https://www.quillaudits.com/blog/hack-analysis/abracadabra-hack-explained)
- [Griffin AI 漏洞利用:管理员 EOA 泄露解析](https://www.quillaudits.com/blog/hack-analysis/griffin-ai-exploit)
- [New Gold Protocol 遭遇 200 万美元闪电贷攻击](https://www.quillaudits.com/blog/hack-analysis/flash-loan-attack-on-gold-protocol)
- [SwissBorg 4100 万美元漏洞利用(详细分解)](https://www.quillaudits.com/blog/hack-analysis/swissborg-exploit)
- [Bunni V2 漏洞利用通过流动性缺陷耗尽 830 万美元](https://www.quillaudits.com/blog/hack-analysis/bunni-v2-exploit)
- [BetterBank 漏洞利用:奖励黑客攻击损失 500 万美元](https://www.quillaudits.com/blog/hack-analysis/betterbank-exploit)
- [Odin.fun 如何在 700 万美元流动性漏洞利用中损失 58.2 BTC](https://www.quillaudits.com/blog/hack-analysis/how-odinfun-lost-58-3BTC-to-worthless-liquidity)
- [CrediX Finance 面临 450 万美元漏洞利用(退出骗局分析)](https://www.quillaudits.com/blog/hack-analysis/credix-finance-4.5m-exploit)
### 博客文章与 Twitter 文章
- [DeFi 中的自主 AI:我们需要的安全框架](https://www.quillaudits.com/blog/ai-agents/autonomous-ai-in-defi)
- [DeFi 仍在失血:2026 年 1 月及 2 月漏洞利用分解](https://x.com/QuillAudits_AI/status/2028797747617477101)
- [基于意图的借贷如何改变 DeFi 风险?](https://www.quillaudits.com/blog/lending-borrowing/intent-based-lending-security-risks)
- [QuillAudits 首版 Claude 技能帮助识别智能合约中的 Bug](https://www.quillaudits.com/blog/ai-agents/first-version-claude-skills)
- [停止像审计 Ethereum 那样审计 Base:DeFi 安全指南](https://www.quillaudits.com/blog/blockchain/stop-auditing-base-like-ethereum)
- [Solana 预测市场:速度背后的隐性安全权衡](https://www.quillaudits.com/blog/prediction-market/solana-prediction-market)
- [每位开发者和审计员必须关注的 10 大 RWA 攻击向量](https://www.quillaudits.com/blog/rwa/top-10-rwa-attack-vectors)
- [Kinetiq 如何为 Hyperliquid 提供流动性质押支持?](https://www.quillaudits.com/blog/staking/kinetiq-liquid-staking-on-hyperliquid)
- [什么是 Hyperliquid 以及它如何工作?(解析)](https://www.quillaudits.com/blog/blockchain/what-is-hyperliquid)
- [跨链 RWA 架构(解析)](https://www.quillaudits.com/blog/rwa/cross-chain-rwa-architecture)
- [RWA 结算与赎回(清晰指南)](https://www.quillaudits.com/blog/rwa/rwa-settlement-and-redemption)
- [ERC-7943:通用 RWA 标准解析](https://www.quillaudits.com/blog/rwa/erc-7943-explained)
- [永续 DEX 架构与安全指南](https://www.quillaudits.com/blog/smart-contract/perp-dex-architecture-and-security)
- [房地产代币化综合技术指南](https://www.quillaudits.com/blog/rwa/technical-guide-to-real-estate-tokenization)
- [用于安全可互操作 RWA 代币化的 ERC 7518](https://www.quillaudits.com/blog/rwa/understanding-erc-7518)
- [ERC-3643 解析:DeFi 中的 T-REX 标准](https://www.quillaudits.com/blog/smart-contract/erc-3643-explained)
- [ERC-8004:自主 AI 代理的基础设施](https://www.quillaudits.com/blog/smart-contract/erc-8004)
- [顶级 DEX 风险及 Uniswap 如何应对它们](https://www.quillaudits.com/blog/smart-contract/how-uniswap-tackles-dex-risks)
- [什么是 Uniswap v4?技术分解](https://www.quillaudits.com/blog/smart-contract/what-is-uniswap-v4)
- [EIP-7702:账户抽象的新时代](https://www.quillaudits.com/blog/smart-contract/eip7702-new-era-in-account-abstraction)
## 演讲
- [构建与运营代币化 RWA | Ft. Brickken, Tokinvest, Zoniqx, Zoth, Polygon](https://x.com/i/spaces/1ypKdqvoERqGW/peek)
- [CEX vs DEX:链上准备金能否最终一决高下](https://x.com/i/spaces/1lPKqvpqaDEGb/peek?s=20)
- [探索 Hooks 并推动协议创新](https://x.com/QuillAudits_AI/status/1966101920709235105)
- [CRACCON 大会:区块链与智能合约安全](https://www.linkedin.com/posts/craccon_cybersecurity-infosec-web3-activity-7378715258124734464-OxdM)
## 推荐
[@RektHQ](https://x.com/RektHQ)
 ## 实习报告 - [Kleros 实习报告](https://docs.google.com/document/d/11vcl93crAtfYFAhUTof30IgfIsZgPyiCvB5oRROBqeM/edit?usp=sharing) - [Coinazer 实习报告](https://drive.google.com/file/d/12q8uG2PjxJTQT-GfEVPWSpk9MWxkk5hQ/view?usp=sharing)
 ## 实习报告 - [Kleros 实习报告](https://docs.google.com/document/d/11vcl93crAtfYFAhUTof30IgfIsZgPyiCvB5oRROBqeM/edit?usp=sharing) - [Coinazer 实习报告](https://drive.google.com/file/d/12q8uG2PjxJTQT-GfEVPWSpk9MWxkk5hQ/view?usp=sharing)
标签:ASN解析, Cantina, Code4rena, CodeHawks, DeFi安全, EIP, Ethereum, Sherlock, Solidity, Web3安全, Windows内核, 云安全监控, 加密货币, 区块链安全, 安全研究员, 开放策略代理, 技术博客, 投资组合, 智能合约审计, 椭圆曲线密码学, 白帽子, 稳定币, 网络安全, 质押, 跨链, 隐私保护, 静态分析