$ cat writeup.md…
$ cat writeup.md…
caplag
Task: Claim a VIP NFT using an admin attestation signature, but the only known signature was already used. Solution: Exploit ECDSA signature malleability — the contract uses raw ecrecover without low-s enforcement and tracks used signatures by raw bytes hash, so a malleable signature (r, n-s, flip(v)) bypasses replay protection.
Permission denied (requires tier.pro)
Sign in with GitHub, Discord, or Google to continue. No email required.
$sign in$ grep --similar