Blog

We are constantly learning new things, and believe that knowledge should be shared.

AVS

October 28, 2024

Build secure Uniswap V4 Hooks in AVS

In recent months, both Uniswap V4 and EigenLayer’s Actively Validated Services (AVS) have gained significant attention – not without reason. Uniswap V4 introduced a […]

Damian Rusinek

Managing Partner & Smart Contract Security Auditor

Top 7 Findings in Off-Chain Components

This article highlights seven interesting vulnerabilities discovered during security audits of off-chain components. These findings are presented with detailed descriptions, potential attack vectors, recommended […]

Damian Rusinek

Managing Partner & Smart Contract Security Auditor

Thoughts After Auditing Multiple Off-chain Components

The security of Web3 projects is often synonymous with the robustness of their smart contracts, which reside on the blockchain. However, a significant portion […]

Damian Rusinek

Managing Partner & Smart Contract Security Auditor

ERC-8004: a practical explainer for trustless agents

For agents to cooperate with each other, they need to know about the existence of other agents, what abilities they have, and to be […]

Paweł Kuryłowicz

Managing Partner & Smart Contract Security Auditor

Red Flags and Green Flags of Yield Bearing Stablecoins

Below are practical green flags and red flags you can verify yourself using a project’s website, documentation, and a blockchain explorer. Each flag includes […]

Paweł Kuryłowicz

Managing Partner & Smart Contract Security Auditor

Yield bearing stablecoins

Yield bearing stablecoins are tokens designed to hold a peg while earning interest for holders. Sounds good, right? However, where there’s yield, there’s also […]

Paweł Kuryłowicz

Managing Partner & Smart Contract Security Auditor

Smart Security Practices From The Best

What do Lido, Red Stone, YieldNest, and Braintrust have in common? They’ve developed effective methods for improving security without drastically increasing costs. Top-tier protocol […]

Paweł Kuryłowicz

Managing Partner & Smart Contract Security Auditor

Lido – Node Operator can exit and slash their validator to move withdrawal finalization border epoch

Bypassing the border epoch as determined by the mass slashing event. Vulnerability Details During a mass slashing event, the withdrawal queue may delay finalization […]

Paweł Kuryłowicz

Managing Partner & Smart Contract Security Auditor

Lido – Uncaught exception on creating ejection report

The report generation cannot be completed and submitted due to this bug. Vulnerability Details The get_remaining_forced_validators function is designed to remove validators that are […]

Paweł Kuryłowicz

Managing Partner & Smart Contract Security Auditor

Security Guide

Security Guide for DApps CTOs, Lead Developers, and Security Enthusiasts This forthcoming resource cuts straight to the point, delivering practical, effective security strategies without […]

Damian Rusinek

Managing Partner & Smart Contract Security Auditor

Join the newsletter now

Please wait...

Thank you for sign up!

Let us help

Get throughly tested by the creators of Smart Contract Security Verification Standard

Request audit