All Posts

The CPIMP Attack: an insanely far-reaching vulnerability, successfully mitigated
[by the Dedaub team] A major attack on several prominent DeFi protocols over many blockchains was (largely) successfully mitigated last week. The …
15 July 2025
START READING
The CPIMP Attack: an insanely far-reaching vulnerability, successfully mitigated
[by the Dedaub team] A major attack on several prominent DeFi protocols over many blockchains was (largely) successfully mitigated last week. The …
15 July 2025
START READING![Dedaub at EthCC[8] | Smart Contract Security Before and After Deployment](/blog/ethcc/Dedaub-at-EthCC-Smart-Contract-Security-Before-and-After-Deployment-500x281.jpg)
Dedaub at EthCC[8] | Smart Contract Security Before and After Deployment
Dedaub at ETHCC Dedaub is heading to Cannes! As a WAGMI sponsor at EthCC[8], we’re bringing end-to-end smart contract …

The $11M Cork Protocol Hack: A Critical Lesson in Uniswap V4 Hook Security
On 28th of May 2025, Cork Protocol suffered an $11M exploit due multiple security weaknesses, culminating in a critical …

The Cetus AMM $200M Hack: How a Flawed “Overflow” Check Led to Catastrophic Loss
On May 22, 2025, the Cetus AMM on the Sui Network suffered a devastating hack resulting in over $200 million in losses. …

Dedaub Partners with Immunefi to Bring Native Firewall Capabilities to Magnus
Dedaub Partners with Immunefi to Bring Native Firewall Capabilities to Magnus Dedaub has joined forces with Immunefi to …

From Ethereum to Solana: How Developer Assumptions Can Introduce Critical Security Vulnerabilities
Ethereum Developers on Solana Solana stands out as one of the most popular blockchains, known for its high throughput …

Dedaub at ETHDenver 2025 | Showcasing Real-Time Security Monitoring
Dedaub is excited to sponsor ETHDenver once again! This year, we will showcase the Dedaub Security Suite‘s real-time …

Dedaub Security Suite Updates Q4-24
FREE MONITORING for all! The Dedaub Security Suite continues to evolve with features designed to simplify blockchain …

Dedaub at DeFi Security Summit 2024
DSS 2024 | Dedaub is sponsoring the DeFi Security Summit 2024 in Bangkok, Nov 7-9! 🎉 We’re contributing to …

Transient Storage in the wild: An impact study on EIP-1153
With the recent introduction of transient storage in Ethereum, the landscape of state management within the Ethereum …

DEDAUB Supports Privacy4Web3 Hackathon
Privacy4Web3 Hackathon The Privacy4Web3 Hackathon, supported by Oasis Network, is an excellent opportunity for …

Bedrock vulnerability disclosure and actions
A few hours ago, the Dedaub team discovered a smart contract vulnerability in a number of uniBTC vault smart contracts …

Dedaub coordinated the Secureum RACE-32
Smart contracts are the underpinning of blockchain technology, and they present unique security challenges. To address …

Dedaub Named Member of ZKsync Security Council
We’re thrilled to announce that Dedaub is now a member of the ZKsync Security Council. We’re grateful for the …

Strengthening Legal Protections for White Hat Hackers
White Hat Hackers in the Crosshair **Update (Mar/11/2025): Legal pardon given to the white-hats by parliamentary vote. …

Dedaub at SPLASH 2024
Dedaub at SPLASH 2024 Dedaub is proud to sponsor the SPLASH 2024 conference, helping unite top thinkers in software, …

Rho Markets Incident
On July 19th, Rho Markets - a Compound V2 fork on Scroll - was involved in an incident that led to the creation of …

Web 3 Audit Methodology by Dedaub
Web3 Audit Methodology Dedaub’s Security Audit teams comprise at least two senior security researchers, as well as any …

Common Solidity Security Vulnerabilities
Solidity Security Vulnerabilities Understanding and Mitigating Solidity Security Vulnerabilities Solidity Security …

SEAL 911: A Few Lessons from the Frontlines
SEAL 911 Today, I’d like to share my personal experience as a member of SEAL 911, the emergency hotline that assists …
Dedaub Security Suite Updates Q3-24
Dedaub Security Suite is renowned for its powerful EVM bytecode decompiler, which users have hailed as the best in the …

Dedaub Selected as Arbitrum DAO Security Advisor
Dedaub is now the Security Advisor for Arbitrum DAO’s Procurement Committee (ADPC). The community backed us with 114.9M …

EIP-3074 Impact Study
Pectra’s EIP-3074, and its Impact on Deployed Smart Contracts Introduction Ethereum’s end-user experience (UX) is about …

Ethdenver 2024 | Dedaub Showcases Its Web3 Security Technology
Dedaub is excited to participate in ETHDenver 2024. During the conference, Dedaub will showcase its advanced security …

Dedaub Celebrates Seal’s Public Debut and the Launch of the Safe Harbor Initiative
As a founding collaborator of the Security Alliance (SEAL), Dedaub celebrates SEAL’s public debut, a significant …

Bulk Storage Extraction
Most Dapp developers have heard of and probably use the excellent Multicall contract to bundle their eth_calls and …

Introducing Dedaub Tx Simulator Snap for Metamask
At Dedaub, we have solid expertise in Smart Contract security, which allows us to contribute significantly to protecting …

Arbitrum Sequencer Outage | Root Cause Analysis
The Arbitrum network experienced significant downtime on December 15 due to problems with its sequencer and feed. The …

Thestandard.io Exploit | A Thorough Analysis by Dedaub
Hello everyone, this is Yannis Bollanos, Security Researcher at Dedaub. A few days ago, we published a tweet about the …

Transaction Simulation Solutions | An In-depth Guide
Introduction to Transaction Simulation Solutions Transaction simulation tools improve developer and user experience …

Web3 Monitoring
WEB3 Monitoring Web3 Monitoring continuously tracks blockchain activities, such as transactions and smart contract …

Smart Contracts | Tale of Little Bugs
As most programmers would admit, the most annoying bugs are often the “little” ones. Tiny logic errors caused by a few …

The Critical Thirdweb Vulnerability
Summary: The root cause of the thirdweb critical vulnerability is that independent libraries implementing ERC2771 & …

Smart Contract Audits Guide
Smart Contract Audit Essentials: Navigating the Web 3 Landscape with Expertise and Security With blockchain platforms, …

Smart Contract Security Tools | A Guide to Dedaub Security Suite, Step-by-step Tutorial
Dedaub Security Suite (former Watchdog) is a comprehensive security system designed for Smart Contract analysis and …

Platypus Finance Hack
Platypus Finance Hack: The platform was targeted by a flashloan attack, resulting in an approximate $2 million loss. …

Ethereum improvement proposal 4788 | EIP-4877 Summary
Dedaub was commissioned by the Ethereum Foundation to perform a security audit of the bytecode of a smart contract that …

Ethereum Study – Rlp to Ssz Mpt Commitment Migration
The Ethereum Foundation commissioned our team to examine the potential impact of Ethereum Improvement Proposals (EIPs) …

Preparing for Your First Web3 Audit
Your project is at an advanced state of engineering and you have decided to hire an auditor to maximize security and …

EIP-4758 and EIP-6780 | Removal of Selfdestruct
Dedaub was commissioned by the Ethereum Foundation to perform an impact study of Ethereum Improvement Proposals (EIPs) …

I See Dead Code
What if I told you that over one-third of recently-deployed Ethereum smart contracts consist mostly of unusable junk? …

Poly Network Hack Postmortem
On July 2nd, 2023 06:47:20 PM UTC Poly Network suffered what was initially reported to be a notional $34b hack (the …

Uniswap Reentrancy Vulnerability Disclosure
By the Dedaub team! Uniswap Reentrancy | Uniswap Labs recently advertised a boosted $3M bounty program for bug reports …

Latent Bugs in Billion-plus Dollar Code
You are probably safe, but be aware…! Daniel Von Fange pinged me last week: Hey, I just realized that the xSushi reward …

Mass Disclosure of Griefing Vulnerabilities
This week, with the help of @drdr_zz and @wh01s7 of SecuRing, we tackled a backlog of warnings from the Dedaub Watchdog …

Rari Capital Vulnerability
Security researchers actively participating in Tribe DAO’s Discord security channel, raised concerns about a security …

Elipmoc: Advanced Decompilation of Ethereum SmartContracts
NEVILLE GRECH, University of Malta, Malta and Dedaub Ltd SIFIS LAGOUVARDOS, University of Athens, Greece and Dedaub Ltd …

The Dedaub Watchdog Service
The Dedaub Watchdog is a technology-driven continuous auditing service for smart contracts. What does this even mean? …

Phantom Functions and the Billion-dollar No-op
By the Dedaub team On Jan. 10 we made a major vulnerability disclosure to the Multichain project (formerly “AnySwap”). …

Etheria | A Six-year-old Solc Riddle
By the Dedaub team The Assignment A few weeks ago, we were approached with a request to work on a project unlike any …

Harvest Finance Vulnerability | $200k Bounty
We disclosed a critical bug to Harvest Finance. The contracts in scope held a total of $6.4M in Uniswap V3 positions. …

Symbolic Value-flow Static Analysis of Ethereum Smart Contracts
We present a static analysis approach that combines concrete values and symbolic expressions. This symbolic value-flow …

Symbolic Value-Flow Static Analysis: Deep, Precise, Complete Modeling of Ethereum Smart Contracts
YANNIS SMARAGDAKIS, University of Athens, Greece NEVILLE GRECH, University of Malta, Malta SIFIS LAGOUVARDOS, …

Verkle Tree Gas Metering Impact
Dedaub was commissioned by the Ethereum Foundation to investigate the impact of Vitalik Buterin’s Verkle tree gas …

Yield Skimming: Forcing Bad Swaps on Yield Farming
By the Dedaub team Yield Skimming Last week we received bug bounties for disclosing smart contract vulnerabilities to …

R-bounty / Primitive Finance Analysis
Three articles on the Primitive Finance vulnerability disclosure and rescue: PrimitiveFi post-mortem analysis Awarded …

Killing a Bad (Arbitrage) Bot … To Save Its Owner
Following the previous white-hat hacks (1, 2), on contracts flagged by our analysis tools, today we’ll talk about …

“look Ma’, No Source!” Hacking a Defi Service With No Source Code Available
By the Dedaub team This story describes a cool hack, for over $300K (even nearly $600K, if done at the right time). It …

Ethereum Pawn Stars: “$5.7m in Hard Assets? Best I Can Do is $2.3m”
defi saver Saving DeFi Saver with Static Contract Analysis By the Dedaub team In the complex DeFi protocols and …

Precise Static Modeling of Ethereum “Memory”
SIFIS LAGOUVARDOS, University of Athens, Greece NEVILLE GRECH, University of Athens, Greece ILIAS TSATIRIS, University …

MadMax: Analyzing the Out-of-Gas World of Smart Contracts
Abstract Ethereum is a distributed blockchain platform, serving as an ecosystem for smart contracts: full-fledged …

Ethainter: A Smart Contract Security Analyzer for Composite Vulnerabilities
Lexi Brent∗ Int’l Computer Science Institute Berkeley, CA, USA [email protected] Neville Grech University of …

Rising Gas Prices Are Threatening Our Security (No, It’s Not the Saudi Attack)
Mr. Out of gas exception EIP 1884 is set to be implemented into the upcoming Ethereum ‘Istanbul’ hard fork. It: …

Gigahorse: Thorough, Declarative Decompilation of Smart Contracts
The rise of smart contract-autonomous applications running on blockchains-has led to a growing number of threats, …

Chronicle of an Attack Foretold
Co-written with Neville Grech In a few hours, an attacker will claim the prize for the first Consensys Diligence …

Bad Randomness is Even Dicier Than You Think
Co-written with Neville Grech Bad Randomness Trivial Exploits of Bad Randomness In Ethereum, and How To Do On-Chain …
All Posts
Research
Search
Tech Deep Dive
![Dedaub at EthCC[8] | Smart Contract Security Before and After Deployment](/blog/ethcc/Dedaub-at-EthCC-Smart-Contract-Security-Before-and-After-Deployment-1024x576.jpg)
Dedaub at EthCC[8] | Smart Contract Security Before and After Deployment
Dedaub at ETHCC Dedaub is heading to Cannes! As a WAGMI sponsor at EthCC[8], we’re bringing …

The $11M Cork Protocol Hack: A Critical Lesson in Uniswap V4 Hook Security
On 28th of May 2025, Cork Protocol suffered an $11M exploit due multiple security weaknesses, …

The Cetus AMM $200M Hack: How a Flawed “Overflow” Check Led to Catastrophic Loss
On May 22, 2025, the Cetus AMM on the Sui Network suffered a devastating hack resulting in over $200 …

Dedaub Partners with Immunefi to Bring Native Firewall Capabilities to Magnus
Dedaub Partners with Immunefi to Bring Native Firewall Capabilities to Magnus Dedaub has joined …

From Ethereum to Solana: How Developer Assumptions Can Introduce Critical Security Vulnerabilities
Ethereum Developers on Solana Solana stands out as one of the most popular blockchains, known for …

Dedaub at ETHDenver 2025 | Showcasing Real-Time Security Monitoring
Dedaub is excited to sponsor ETHDenver once again! This year, we will showcase the Dedaub Security …

Dedaub Security Suite Updates Q4-24
FREE MONITORING for all! The Dedaub Security Suite continues to evolve with features designed to …

Dedaub at DeFi Security Summit 2024
DSS 2024 | Dedaub is sponsoring the DeFi Security Summit 2024 in Bangkok, Nov 7-9! 🎉 We’re …

Transient Storage in the wild: An impact study on EIP-1153
With the recent introduction of transient storage in Ethereum, the landscape of state management …

DEDAUB Supports Privacy4Web3 Hackathon
Privacy4Web3 Hackathon The Privacy4Web3 Hackathon, supported by Oasis Network, is an excellent …

Bedrock vulnerability disclosure and actions
A few hours ago, the Dedaub team discovered a smart contract vulnerability in a number of uniBTC …

Dedaub coordinated the Secureum RACE-32
Smart contracts are the underpinning of blockchain technology, and they present unique security …

Dedaub Named Member of ZKsync Security Council
We’re thrilled to announce that Dedaub is now a member of the ZKsync Security Council. We’re …

Strengthening Legal Protections for White Hat Hackers
White Hat Hackers in the Crosshair **Update (Mar/11/2025): Legal pardon given to the white-hats by …

Dedaub at SPLASH 2024
Dedaub at SPLASH 2024 Dedaub is proud to sponsor the SPLASH 2024 conference, helping unite top …

Rho Markets Incident
On July 19th, Rho Markets - a Compound V2 fork on Scroll - was involved in an incident that led to …

Web 3 Audit Methodology by Dedaub
Web3 Audit Methodology Dedaub’s Security Audit teams comprise at least two senior security …

Common Solidity Security Vulnerabilities
Solidity Security Vulnerabilities Understanding and Mitigating Solidity Security Vulnerabilities …

SEAL 911: A Few Lessons from the Frontlines
SEAL 911 Today, I’d like to share my personal experience as a member of SEAL 911, the emergency …
Dedaub Security Suite Updates Q3-24
Dedaub Security Suite is renowned for its powerful EVM bytecode decompiler, which users have hailed …

Dedaub Selected as Arbitrum DAO Security Advisor
Dedaub is now the Security Advisor for Arbitrum DAO’s Procurement Committee (ADPC). The community …

EIP-3074 Impact Study
Pectra’s EIP-3074, and its Impact on Deployed Smart Contracts Introduction Ethereum’s end-user …

Ethdenver 2024 | Dedaub Showcases Its Web3 Security Technology
Dedaub is excited to participate in ETHDenver 2024. During the conference, Dedaub will showcase its …

Dedaub Celebrates Seal’s Public Debut and the Launch of the Safe Harbor Initiative
As a founding collaborator of the Security Alliance (SEAL), Dedaub celebrates SEAL’s public debut, a …

Bulk Storage Extraction
Most Dapp developers have heard of and probably use the excellent Multicall contract to bundle …

Introducing Dedaub Tx Simulator Snap for Metamask
At Dedaub, we have solid expertise in Smart Contract security, which allows us to contribute …

Arbitrum Sequencer Outage | Root Cause Analysis
The Arbitrum network experienced significant downtime on December 15 due to problems with its …

Thestandard.io Exploit | A Thorough Analysis by Dedaub
Hello everyone, this is Yannis Bollanos, Security Researcher at Dedaub. A few days ago, we published …

Transaction Simulation Solutions | An In-depth Guide
Introduction to Transaction Simulation Solutions Transaction simulation tools improve developer and …

Web3 Monitoring
WEB3 Monitoring Web3 Monitoring continuously tracks blockchain activities, such as transactions and …

Smart Contracts | Tale of Little Bugs
As most programmers would admit, the most annoying bugs are often the “little” ones. Tiny logic …

The Critical Thirdweb Vulnerability
Summary: The root cause of the thirdweb critical vulnerability is that independent libraries …

Smart Contract Audits Guide
Smart Contract Audit Essentials: Navigating the Web 3 Landscape with Expertise and Security With …

Smart Contract Security Tools | A Guide to Dedaub Security Suite, Step-by-step Tutorial
Dedaub Security Suite (former Watchdog) is a comprehensive security system designed for Smart …

Platypus Finance Hack
Platypus Finance Hack: The platform was targeted by a flashloan attack, resulting in an approximate …

Ethereum improvement proposal 4788 | EIP-4877 Summary
Dedaub was commissioned by the Ethereum Foundation to perform a security audit of the bytecode of a …

Ethereum Study – Rlp to Ssz Mpt Commitment Migration
The Ethereum Foundation commissioned our team to examine the potential impact of Ethereum …

Preparing for Your First Web3 Audit
Your project is at an advanced state of engineering and you have decided to hire an auditor to …

EIP-4758 and EIP-6780 | Removal of Selfdestruct
Dedaub was commissioned by the Ethereum Foundation to perform an impact study of Ethereum …

I See Dead Code
What if I told you that over one-third of recently-deployed Ethereum smart contracts consist mostly …

Poly Network Hack Postmortem
On July 2nd, 2023 06:47:20 PM UTC Poly Network suffered what was initially reported to be a notional …

Uniswap Reentrancy Vulnerability Disclosure
By the Dedaub team! Uniswap Reentrancy | Uniswap Labs recently advertised a boosted $3M bounty …

Latent Bugs in Billion-plus Dollar Code
You are probably safe, but be aware…! Daniel Von Fange pinged me last week: Hey, I just realized …

Mass Disclosure of Griefing Vulnerabilities
This week, with the help of @drdr_zz and @wh01s7 of SecuRing, we tackled a backlog of warnings from …

Rari Capital Vulnerability
Security researchers actively participating in Tribe DAO’s Discord security channel, raised concerns …

Elipmoc: Advanced Decompilation of Ethereum SmartContracts
NEVILLE GRECH, University of Malta, Malta and Dedaub Ltd SIFIS LAGOUVARDOS, University of Athens, …

The Dedaub Watchdog Service
The Dedaub Watchdog is a technology-driven continuous auditing service for smart contracts. What …

Phantom Functions and the Billion-dollar No-op
By the Dedaub team On Jan. 10 we made a major vulnerability disclosure to the Multichain project …

Etheria | A Six-year-old Solc Riddle
By the Dedaub team The Assignment A few weeks ago, we were approached with a request to work on a …

Harvest Finance Vulnerability | $200k Bounty
We disclosed a critical bug to Harvest Finance. The contracts in scope held a total of $6.4M in …

Symbolic Value-flow Static Analysis of Ethereum Smart Contracts
We present a static analysis approach that combines concrete values and symbolic expressions. This …

Symbolic Value-Flow Static Analysis: Deep, Precise, Complete Modeling of Ethereum Smart Contracts
YANNIS SMARAGDAKIS, University of Athens, Greece NEVILLE GRECH, University of Malta, Malta SIFIS …

Verkle Tree Gas Metering Impact
Dedaub was commissioned by the Ethereum Foundation to investigate the impact of Vitalik Buterin’s …

Yield Skimming: Forcing Bad Swaps on Yield Farming
By the Dedaub team Yield Skimming Last week we received bug bounties for disclosing smart contract …

R-bounty / Primitive Finance Analysis
Three articles on the Primitive Finance vulnerability disclosure and rescue: PrimitiveFi post-mortem …

Killing a Bad (Arbitrage) Bot … To Save Its Owner
Following the previous white-hat hacks (1, 2), on contracts flagged by our analysis tools, today …

“look Ma’, No Source!” Hacking a Defi Service With No Source Code Available
By the Dedaub team This story describes a cool hack, for over $300K (even nearly $600K, if done at …

Ethereum Pawn Stars: “$5.7m in Hard Assets? Best I Can Do is $2.3m”
defi saver Saving DeFi Saver with Static Contract Analysis By the Dedaub team In the complex DeFi …

Precise Static Modeling of Ethereum “Memory”
SIFIS LAGOUVARDOS, University of Athens, Greece NEVILLE GRECH, University of Athens, Greece ILIAS …

MadMax: Analyzing the Out-of-Gas World of Smart Contracts
Abstract Ethereum is a distributed blockchain platform, serving as an ecosystem for smart …

Ethainter: A Smart Contract Security Analyzer for Composite Vulnerabilities
Lexi Brent∗ Int’l Computer Science Institute Berkeley, CA, USA [email protected] Neville Grech …

Rising Gas Prices Are Threatening Our Security (No, It’s Not the Saudi Attack)
Mr. Out of gas exception EIP 1884 is set to be implemented into the upcoming Ethereum ‘Istanbul’ …

Gigahorse: Thorough, Declarative Decompilation of Smart Contracts
The rise of smart contract-autonomous applications running on blockchains-has led to a growing …

Chronicle of an Attack Foretold
Co-written with Neville Grech In a few hours, an attacker will claim the prize for the first …

Bad Randomness is Even Dicier Than You Think
Co-written with Neville Grech Bad Randomness Trivial Exploits of Bad Randomness In Ethereum, and How …