Lesson 10 — Putting it together: walk through an exploit's commit log

**Stage 1: identify the on-chain transaction.** Most exploits are reported with a transaction hash. If not, the loss usually shows up as a large outflow from a known protocol contract — visible on Etherscan / Arbiscan / etc. by sorting the contract's outgoing transactions by value. Within minutes of any exploit, accounts like @samczsun, @peckshieldalert, @blocksecteam post the transaction hash. Capture the hash, the block, and the contracts involved.

**Stage 2: decode the exploit transaction.** Open the transaction on a block explorer and click 'Decode Input.' This shows the function being called and its parameters. For exploits with complex multi-step traces, use Phalcon (phalcon.xyz/explorer) or Tenderly's debugger to view the full call graph — every internal call, every storage read/write, every event emission. A typical exploit traces 30-100 internal calls; reading this graph is the primary skill.

**Stage 3: identify the vulnerable contract source.** From the call graph, identify which contract's function had the bug. Check Etherscan for 'Verified Contract' source — most modern protocols verify, so the Solidity source is available. If not, you're reading bytecode (much harder; use evm.codes and a decompiler like dedaub.com or panoramix). Capture the vulnerable function's source.

**Stage 4: map the bug to a lesson class.** Most exploits fit one of: (1) Reentrancy (lesson 4) — look for external calls before state updates. (2) Arithmetic / precision (lesson 5) — look for division-before-multiplication or overflow paths. (3) Access control (lesson 6) — look for missing modifiers or signature verification flaws. (4) Oracle (lesson 7) — look for price reads from manipulable sources. (5) Upgrade (lesson 8) — look for storage corruption or upgrade-authorisation bugs. (6) Lifecycle (lesson 3) — look for flash-loan-amplified governance or share-pricing attacks. Some bugs are combinations; few are genuinely novel.

**Stage 5: identify which defence would have caught the bug.** For each class, the defence is specific. Reentrancy → CEI + ReentrancyGuard. Arithmetic → Solidity 0.8 + multiply-before-divide + decimals normalisation. Access control → modifier + Ownable2Step + EIP-712 with nonce/deadline/chain ID + initializer modifier. Oracle → Chainlink/Pyth with staleness + deviation checks + circuit breakers + conservative LTV. Upgrade → storage-gap + _disableInitializers + timelocked multisig. Lifecycle → prior-block voting snapshots + commit-reveal + multi-block timelocks.

**Stage 6: read the post-mortem.** Within 24-72 hours of any major exploit, the protocol (and often the attacker) publishes a post-mortem. Compare your reconstruction to the official account. Skilled researchers like @samczsun, RektNews, BlockSec Insights, PeckShield typically publish detailed analyses within hours. The act of reconstructing the bug from primary sources first — then comparing to the published analysis — is what trains the skill. Reading post-mortems alone is education; reconstructing from primary sources is training.

**Stage 7: feedback loop.** Every exploit walk-through reveals something about your model. The bug that surprised you — that you didn't classify quickly, or whose defence you didn't immediately name — is the lesson to re-read. Maintain a running list of exploits you've walked through; over 20-30 cases you'll develop fast pattern recognition. The professionals in this space (the Trail of Bits team, ChainSecurity, OpenZeppelin Security, Sherlock judges) all share this pattern: they read every major exploit and absorb the lesson.