Skip to content

Instantly share code, notes, and snippets.

View ccashwell's full-sized avatar
🤔
¯\_(ツ)_/¯

ccashwell

🤔
¯\_(ツ)_/¯
68 followers · 22 following
View GitHub Profile
@ccashwell
ccashwell / SKILL.md
Created April 30, 2026 16:28
Type-Driven Solidity Skill
name type-driven-design
description Design Solidity contracts using type-driven composition instead of inheritance. Structs encapsulate storage, free functions define behavior via `using for global`, and contracts become thin external shells. Eliminates inheritance hell, exposes the full interface explicitly, and enables granular isolated testing at every layer of composition. Based on JT Riley's type-driven-tokens pattern.

Type-Driven Solidity Design

Type-driven design replaces object inheritance with struct composition and free functions. Instead of deep inheritance trees where storage layouts are hidden and method overriding is opaque, each data concern is a standalone struct with free functions bound via using ... for ... global. Contracts compose these types and serve only as the external interface.

Reference implementation: jtriley2p/type-driven-tokens

@ccashwell
ccashwell / ANALYSIS.md
Last active November 6, 2025 22:51
Balancer V2 Rate Manipulation Attack Reproduction (Nov 2025)

Balancer V2 Rate Manipulation Exploit (November 2025)

Overview

Balancer V2 experienced a rate manipulation exploit on November 3, 2025, resulting in approximately $128 million in losses in the initial attack, followed by many millions more in subsequent attacks against other vulnerable pools, protocols and networks.

Attack Summary

The Vulnerability, TLDR: Down-rounding in Balancer V2's stable math (_calcOutGivenIn) allows systematic manipulation of pool invariants through accumulated rounding errors. Carefully crafted swap sequences cause rounding errors to compound.

@ccashwell
ccashwell / deploy_immutable_create2_factory.md
Last active October 15, 2025 21:44
Immutable Create2 Factory Deployment
@ccashwell
ccashwell / helpers.ts
Created November 29, 2021 17:18
HardHat Test Helpers
import * as hre from "hardhat";
import { RequestArguments } from "hardhat/types";
import { BigNumber } from "@ethersproject/abi/node_modules/@ethersproject/bignumber";
import { Block } from "@ethersproject/abstract-provider";
import { SignerWithAddress } from "@nomiclabs/hardhat-ethers/signers";
// Mine the next block
export async function mineBlock(): Promise<void> {
await rpc({ method: "evm_mine" });
@ccashwell
ccashwell / cattributes.csv
Last active July 20, 2018 04:55 — forked from eugeneotto/gist:192af598a911318b5f43b3f3bd1a0e71
List of CryptoKitties cattribute values and masks
We can make this file beautiful and searchable if this error is corrected: It looks like row 8 should actually have 5 columns, instead of 1 in line 7.
mask_value,gene_value,cattribute_name,cattribute_type,recessiveness
0x000000000000000000000000000000000000000000000000000000000000001f,0x000000000000000000000000000000000000000000000000000000000000000b,himalayan,body,D
0x00000000000000000000000000000000000000000000000000000000000003e0,0x0000000000000000000000000000000000000000000000000000000000000160,himalayan,body,R1
0x0000000000000000000000000000000000000000000000000000000000007c00,0x0000000000000000000000000000000000000000000000000000000000002c00,himalayan,body,R2
0x00000000000000000000000000000000000000000000000000000000000f8000,0x0000000000000000000000000000000000000000000000000000000000058000,himalayan,body,R3
0x000000000000000000000000000000000000000000000001f000000000000000,0x0000000000000000000000000000000000000000000000008000000000000000,caffeine,eyes,D
0x00000000000000000000000000000000000000000000003e0000000000000000,0x0000000000000000000000000000000000000000000000100000000000000000,caffeine,eyes,R1
0x0000000000000000000000000000000000000000000007
@ccashwell
ccashwell / ABI.json
Last active February 16, 2018 18:40
Transferring Mythereum Cards with MyEtherWallet
[{"constant":true,"inputs":[],"name":"name","outputs":[{"name":"","type":"string"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":false,"inputs":[{"name":"_to","type":"address"},{"name":"_tokenId","type":"uint256"}],"name":"approve","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":true,"inputs":[],"name":"totalSupply","outputs":[{"name":"","type":"uint256"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":false,"inputs":[{"name":"_from","type":"address"},{"name":"_to","type":"address"},{"name":"_tokenId","type":"uint256"}],"name":"transferFrom","outputs":[],"payable":false,"stateMutability":"nonpayable","type":"function"},{"constant":true,"inputs":[{"name":"_tokenId","type":"uint256"}],"name":"approvedFor","outputs":[{"name":"","type":"address"}],"payable":false,"stateMutability":"view","type":"function"},{"constant":true,"inputs":[],"name":"decimals","outputs":[{"name":"","type":"uint8"}],"payable":false,"stateMutabil
@ccashwell
ccashwell / ProjectWyvernAudit.md
Created January 2, 2018 20:14
Audit of the Project Wyvern Platform's Solidity Smart Contracts

Audit: Project Wyvern

Completed on January 2, 2018 @ 7358a6c065

Abstract

Project Wyvern is a decentralized item exchange platform (the “Platform”) comprised of three primary components: (1) The WYV Token; (2) The Wyvern Exchange; and (3) The Wyvern Decentralized Autonomous Organization (DAO). This goal of this audit has been to ascertain the overall security of the Platform. In pursuit of that goal, this author has reviewed the Solidity source code of all relevant Smart Contracts, deployed and tested a live version of the Platform on the Ethereum Main Network.

This audit is presented as a Code Review which reflects a deep analysis of the Smart Contracts that comprise the Platform. It is broken into sub-sections, each of which relate to a single Smart Contract. Each sub-section includes a link to the Smart Contract’s Solidity source code as it stood at the ti

@ccashwell
ccashwell / QuillTable.jsx
Last active November 2, 2017 22:35
Building Proof-of-Concept Table Support for Quill.js using React Components
import Quill from 'quill'
import TableComponent from 'TableComponent'
import ReactDOM from 'react-dom'
const QuillEmbed = Quill.import('blots/block/embed');
class QuillTable extends QuillEmbed {
static create(values) {
let node = super.create(values);
@ccashwell
ccashwell / getDiscountCode.html
Last active February 10, 2025 17:21
Autofill Discount Code from Shopify URL
<script>
/* Put this in theme.liquid, preferably right before "</body>" */
(function() {
var discountParam = document.location.search.match(/discount=(\w+)/);
if (discountParam && discountParam.length > 1) {
document.cookie = discountParam[0];
}
})();
</script>
@ccashwell
ccashwell / keybase.md
Created March 11, 2015 13:08

Keybase proof

I hereby claim:

  • I am ccashwell on github.
  • I am ccashwell (https://keybase.io/ccashwell) on keybase.
  • I have a public key whose fingerprint is DD00 5D98 747D 1207 DBBB EB9B 5BA0 9DC7 E2E8 DA34

To claim this, I am signing this object: