They transfer out at the same block where the transfer-in transaction is in, and the block have an above average MEV. Apparently draining your wallet is now part of the MEV lol
They transfer out at the same block where the transfer-in transaction is in, and the block have an above average MEV. Apparently draining your wallet is now part of the MEV lol
Blockchain is a decentralized database. People use vote to determine what content is in the database (99% of the time there is only 1 candidate). People setup rules to tell their computers how to vote, and leave them on “auto-vote” mode. That is basically what mining and running a validator is.
The problem is what count as a vote. There are many ways one computer can pretend to be 100 computers with very little cost, but that 100 computers combined still only have 1 computer’s computing power.
PoW asks miners to find a number, that on average need X amount of guesses to find every block. The longest chain is actually the chain that received most “total guesses”. Essentially, 1 guess = 1 vote.
To maximize the number of guesses per second, miners need to 100% load their computers, even invent no-other-purpose computers that specialized in guessing. Those computers use 0.001% of their power to process transactions, and 99.999% to guess numbers.
On the other hand, PoS use X amount of coin as 1 vote. So no crazy number guessing. All powers are used to process transactions. Most validators use less than 5% of their CPU.
If the chain selection rules doesn’t have something like “All addresses must start at zero, except for that one premine wallet”, the attacker can start the chain with 1 million addresses that already have 32 ETH in it.
He simulates several decades of on-chain time (hours in real time). 1 million validators entering the system is probably done in the first year.
The idea is that he starts Ethereum network from when the ledger is empty. This is not far-fetched, because the real Ethereum network also started form an empty ledger. How do we tell one is real, the other is not?
Many exchanges are not able to detect funds sent from smart contracts. They can still access the funds with the seed phrase manually, but their automatic fund credit system cannot credit the fund. Most exchanges will refuse to manually access the funds, because it will be a hassle.
I made the same mistake on Binance before. I was lucky, I sent another 0.0001 ETH to the address, somehow Binance fund credit system pulled the entire thing including the fund sent by the smart contract into their main wallet. So I was able to get my ETH after showing them the ETH has gone to their main wallet.