hi, does anyone have any information on how this could happen with Pickle Finance. I cannot understand how it is possible to execute remote code in a contract

I think they replaced a jar with another mailicious one but full details are not out yet

they will release more details when the timelock changes get implemented

this is what we know so far

thanks, can you find out how to protect yourself, what tools are needed, and is there any literature on the security of smart contracts?

I am planning for forming a study group soon

for smart contract security

I did some audits long time ago but want to learn more and get back into smart contract security now

Best way to learn is to study the cases and audits

thank you very much for the answer

I'm very much interested in this, please hit me up whenever it goes live

here https://github.com/EthereumCommonwealth/Auditing/issues?q=is%3Aissue+is%3Aclosed+label%3Aapproved

sure thing

good

Everything we know about Pickle hack so far https://twitter.com/sawinyh/status/1330231595886899203

it would be great if you opened a channel about the security of smart contracts, I do not insist. I imagine that the content will have to work, but I think it would be useful for everyone to read and protect their decentralized applications. thanks