submitted by /u/SkylightCyber
Let's say to encounter the following smart contract, loaded with 10 ETH, can you grab them?
Well, think again!
We (@SkylightCyber) demonstrate how malicious users can deceive auditors of smart contracts by abusing the Right-To-Left-Override Unicode character. By inserting this character at strategic locations within a block of code, a malicious entity is able to change the underlying functionality of the code while misleading a naive reader.
Read the full article here.