🗞️
25-06-A: Dive into LLM
Search
25-06-A: Dive into LLM
🗞️

25-06-A: Dive into LLM

Publish
Jun 30, 2025
Categroy
Monthly Report
Tags
#Cursor
Summary
月报重启计划
Good FindsResearch NotesMisc

Good Finds

  • 🧑🏻‍💻 Cursor
    • Claude-4-Sonnet Thinking 模式
      • 该模式能实现更高的代码质量。使用 auto 模式面向某一需求反复修改了十几版都不行,在切换到 C4S-T 后,一步到位,并直接通过了 vite build 的检查。
      • 但是相比较于 auto 模式,C4S-T 偏向于给出超过 Prompt 提示的内容,这会导致平白增加很多代码。可以尝试在交互时,提示「尽可能少地改动代码」进行约束。

Research Notes

  • Meta PoolMeta PoolMeta Pool security incident on mpETH contract on Ethereum
    Meta Pool security incident on mpETH contract on Ethereum

    Meta Pool security incident on mpETH contract on Ethereum

    Introduction

    Meta PoolMeta Pool
    • Date: 25.06.17; Loss: ~45.7 ETH
    • Root Cause: 项目方在复写 OpenZeppelin ERC-4626 库的函数 deposit()_deposit() 时,将 _deposit() 的存款逻辑提至 deposit(),而未考虑 mint() 函数同样会调用_deposit() 逻辑,导致攻击者通过 mint() 无偿获利。
    • Lesson: 在改写或复写(override)标准库的时候,需考虑清楚其牵涉的调用链逻辑,防止在进行功能迁移时,导致其他入口的逻辑缺失。【这次 metapool 的漏洞是升级后引入的,很少有过 fixed contract 比 buggy contract 更老的情况哈哈】

Misc

分享一首最近看到的小诗:
New York is three hours ahead of California, but that doesn’t make California slow. Someone graduated at the age of twenty two, but waited five years before securing a good job. Somebody became a CEO at twenty five, and died at fifty, while another became CEO at fifty and lived to ninety years. Someone is still single, while someone else got married. Obama retired at fifty five, and Trump started at seventy. Everyone in this world works based on their time zone. People around you might seem ahead of you, and some might seem to be behind you. But everyone is running their own race, in their own time. Do not envy them and do not mock them. They are in their time zone, and you are in yours. Life is about waiting for the right moment to act. So relax. You’re not late. You’re not early. You are very much on time.