API1:2019 — Broken object-level authorization Attackers replace their resource ID in an API call with another user’s resource ID. The lack of proper authorization checks allows attackers to gain access to the resource. This attack is also known as IDOR. Use case The sequence of API calls uses the ID of the resource available to […]
We all know what a database is. A database is a collection of tables that have related data organized in the form of rows. A database is typically stored in a centralized server, and if someone gets unauthorized access to the database server, then the entire data is compromised. FIVE BLOCKCHAIN SECURITY ISSUES AND SOLUTIONS […]
Decentralized finance, also known as DeFi, uses cryptocurrency and blockchain technology to manage financial transactions.Blockchain and cryptocurrency are the core technologies that enable decentralized finance.When making a transaction in a conventional checking account, it’s recorded in a private ledger—banking transaction history—which is owned and managed by a large financial institution. Blockchain is a decentralized, distributed public ledger […]
Smart contracts are self-executing contracts in which the contents of the buyer-seller agreement are inscribed directly into lines of code.According to Nick Szabo, an American computer scientist who devised a virtual currency called “Bit Gold” in 1998, Smart contracts are computerized transaction protocols that execute contract conditions.Using it makes the transactions traceable, transparent, and irreversible. […]
Web3.0 has become a catch-all term for the vision of a new, better internet. At its core, Web3 uses blockchains, cryptocurrencies, and NFTs to give power back to the users in the form of ownership. A 2020 post on Twitter said it best: Web1 was read-only, Web2 is read-write, and Web3 will be read-write-own. Top […]