Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Bitswift only allows people to interact with the blockchain via their web client. This puts in classic web vulnerabilities into the mix.

When claiming a voucher (for a coin), a user makes a POST request to /claim. Since this happens in web server code, there is a small window where multiple web requests can be made on the voucher. So, a claim can be made multiple times with something like Turbo Intruder. Nice!