Then I traced the JUMPDEST that should be unreachable — but a storage collision could reanimate it.
(thread-style) 2. A short blog/forum post exploring a "dead code" vulnerability in smart contracts 1. X (Twitter) Post by @0xdeadcode Main post: 0xdeadcode 0xdeadcode
"Dead code" isn't harmless — it’s a backdoor waiting to be activated. Then I traced the JUMPDEST that should be
Last week I audited a contract with 14% unreachable instructions. The owner swore they were "leftover from testing." EVM (Ethereum Virtual Machine) internals
Since "0xdeadcode" evokes low-level programming, EVM (Ethereum Virtual Machine) internals, security exploits, and perhaps a bit of rebellious cypherpunk energy, I'll write two versions:
Don't bury code. Delete it.