A Security Engineer's Guide to Reviewing Core Blockchain Nodes
A comprehensive methodology for conducting security reviews of blockchain infrastructure, using Reth as a practical example
Common Vulnerabilities: Oracles and Pricing - Smart Contracts
To achieve composability in DeFi, many projects require external sources of truth or price feeds. This article explores the common vulnerabilities in the use of pricing and oracles with real-world examples.
Transitioning from EVM to SVM: Key Concepts for Solana Security Assessments
Key concepts to understand the Solana Virtual Machine (SVM).
NEAR Smart Contract Auditing: Accounts & Access Control
This article explores how NEAR's unique account system combines human-readable names with multi-tiered permissions, examining the security implications and providing practical guidance for implementing robust access control in smart contracts.
Unraveling a Curious Edge Case in EigenLayer's Slashing Accounting
Examining an interesting edge case discovered in EigenLayer's beacon chain slashing calculation that affects withdrawable share calculations.
NEAR Smart Contract Auditing: Storage
Introduction In this article, we dive into the storage system of the NEAR blockchain. We'll explore how storage works on NEAR, how to use it securely, and highlight some of the common pitfalls. This is our second post about the NEAR blockchain....
NEAR Smart Contract Auditing: Sharding & Cross Contract Calls
NEAR Protocol introduces Nightshade sharding to tackle blockchain scalability while maintaining security. This article explores the security implications of cross-contract calls in sharded environments, demonstrating both proper implementation...
Common Vulnerabilities: Protocol Governance and DAOs - Smart Contracts
Many DeFi Protocols have decentralised using DAOs and token governance. This article explores the common vulnerabilities in the governance of DAOs with real-world examples.
Common Vulnerabilities: Liquid Restaking Protocols - Smart Contracts
Liquid Restaking protocols are a big trend in the DeFi space. This article explores the common vulnerabilities in liquid restaking protocols with real-world examples.
Forge Testing Leveling
Enhancing Forge testing with fuzzing and invariant testing for smart contract security.