Today
Intel
Market
Earn
Settings
Account
Theme Selection
Light
Dark
Language
English
简体中文
繁體中文
Tiếng Việt
한국어
Followin APP
Mine Web3 Possibilities
App Store
Google Play
Log in
Zero Cipher
215 Twitter followers
Follow
Blockchain Security Researcher. Open for Audits. Resident @cantina
Posts
Zero Cipher
02-04
Thread
#Thread#
Uniswap v4 Hooks are a massive new attack surface. Most developers see flexibility. I see risk. In v3, pool logic was rigid and battle-tested. In v4, Hooks let developers inject custom logic at key points - before swaps, after swaps, during liquidity changes. A malicious Hook can: - Redirect swapped tokens to attacker addresses - Block execution to lock user assets - Manipulate dynamic fees to extract value from LPs The "Dynamic Fee Griefing" vector is subtle. If a Hook can alter fees based on sender or pool state, it can extract value from every transaction. Most auditors reviewing v4 integrations focus on core protocol logic. They assume Hooks are safe because they're "just custom logic." But Hooks execute with trust. They access critical pool state. A malicious Hook drains users as effectively as any reentrancy bug. If you're building on v4, your Hook isn't a feature - it's a security surface.
UNI
2.21%
-- END --
