Tech Deep Dive

CLEAR
All Posts
News
Research
Tech Deep Dive
The CPIMP Attack: an insanely far-reaching vulnerability, successfully mitigated

The CPIMP Attack: an insanely far-reaching vulnerability, successfully mitigated

[by the Dedaub team] A major attack on several prominent DeFi protocols over many blockchains was (largely) successfully mitigated last week. The …

15 July 2025

START READING
The $11M Cork Protocol Hack: A Critical Lesson in Uniswap V4 Hook Security
Tech Deep Dive

The $11M Cork Protocol Hack: A Critical Lesson in Uniswap V4 Hook Security

On 28th of May 2025, Cork Protocol suffered an $11M exploit due multiple security weaknesses, …

30 May 2025
The Cetus AMM $200M Hack: How a Flawed “Overflow” Check Led to Catastrophic Loss
Tech Deep Dive

The Cetus AMM $200M Hack: How a Flawed “Overflow” Check Led to Catastrophic Loss

On May 22, 2025, the Cetus AMM on the Sui Network suffered a devastating hack resulting in over $200 …

23 May 2025
From Ethereum to Solana: How Developer Assumptions Can Introduce Critical Security Vulnerabilities
Tech Deep Dive

From Ethereum to Solana: How Developer Assumptions Can Introduce Critical Security Vulnerabilities

Ethereum Developers on Solana Solana stands out as one of the most popular blockchains, known for …

25 April 2025
Bedrock vulnerability disclosure and actions
Tech Deep Dive

Bedrock vulnerability disclosure and actions

A few hours ago, the Dedaub team discovered a smart contract vulnerability in a number of uniBTC …

26 September 2024
Rho Markets Incident
Tech Deep Dive

Rho Markets Incident

On July 19th, Rho Markets - a Compound V2 fork on Scroll - was involved in an incident that led to …

5 September 2024
Web 3 Audit Methodology by Dedaub
Tech Deep Dive

Web 3 Audit Methodology by Dedaub

Web3 Audit Methodology Dedaub’s Security Audit teams comprise at least two senior security …

4 September 2024
Common Solidity Security Vulnerabilities
Tech Deep Dive

Common Solidity Security Vulnerabilities

Solidity Security Vulnerabilities Understanding and Mitigating Solidity Security Vulnerabilities …

27 August 2024
Bulk Storage Extraction
Tech Deep Dive

Bulk Storage Extraction

Most Dapp developers have heard of and probably use the excellent Multicall contract to bundle …

7 February 2024
Arbitrum Sequencer Outage | Root Cause Analysis
Tech Deep Dive

Arbitrum Sequencer Outage | Root Cause Analysis

The Arbitrum network experienced significant downtime on December 15 due to problems with its …

17 December 2023
Thestandard.io Exploit | A Thorough Analysis by Dedaub
Tech Deep Dive

Thestandard.io Exploit | A Thorough Analysis by Dedaub

Hello everyone, this is Yannis Bollanos, Security Researcher at Dedaub. A few days ago, we published …

16 December 2023
Transaction Simulation Solutions | An In-depth Guide
Tech Deep Dive

Transaction Simulation Solutions | An In-depth Guide

Introduction to Transaction Simulation Solutions Transaction simulation tools improve developer and …

16 December 2023
Smart Contracts | Tale of Little Bugs
Tech Deep Dive

Smart Contracts | Tale of Little Bugs

As most programmers would admit, the most annoying bugs are often the “little” ones. Tiny logic …

14 December 2023
The Critical Thirdweb Vulnerability
Tech Deep Dive

The Critical Thirdweb Vulnerability

Summary: The root cause of the thirdweb critical vulnerability is that independent libraries …

7 December 2023
Smart Contract Audits Guide
Tech Deep Dive

Smart Contract Audits Guide

Smart Contract Audit Essentials: Navigating the Web 3 Landscape with Expertise and Security With …

2 December 2023
Smart Contract Security Tools | A Guide to Dedaub Security Suite, Step-by-step Tutorial
Tech Deep Dive

Smart Contract Security Tools | A Guide to Dedaub Security Suite, Step-by-step Tutorial

Dedaub Security Suite (former Watchdog) is a comprehensive security system designed for Smart …

18 October 2023
Platypus Finance Hack
Tech Deep Dive

Platypus Finance Hack

Platypus Finance Hack: The platform was targeted by a flashloan attack, resulting in an approximate …

12 October 2023
Preparing for Your First Web3 Audit
Tech Deep Dive

Preparing for Your First Web3 Audit

Your project is at an advanced state of engineering and you have decided to hire an auditor to …

16 June 2023
I See Dead Code
Tech Deep Dive

I See Dead Code

What if I told you that over one-third of recently-deployed Ethereum smart contracts consist mostly …

11 February 2023
Poly Network Hack Postmortem
Tech Deep Dive

Poly Network Hack Postmortem

On July 2nd, 2023 06:47:20 PM UTC Poly Network suffered what was initially reported to be a notional …

7 February 2023
Uniswap Reentrancy Vulnerability Disclosure
Tech Deep Dive

Uniswap Reentrancy Vulnerability Disclosure

By the Dedaub team! Uniswap Reentrancy | Uniswap Labs recently advertised a boosted $3M bounty …

16 December 2022
Latent Bugs in Billion-plus Dollar Code
Tech Deep Dive

Latent Bugs in Billion-plus Dollar Code

You are probably safe, but be aware…! Daniel Von Fange pinged me last week: Hey, I just realized …

19 April 2022
Mass Disclosure of Griefing Vulnerabilities
Tech Deep Dive

Mass Disclosure of Griefing Vulnerabilities

This week, with the help of @drdr_zz and @wh01s7 of SecuRing, we tackled a backlog of warnings from …

15 April 2022
Rari Capital Vulnerability
Tech Deep Dive

Rari Capital Vulnerability

Security researchers actively participating in Tribe DAO’s Discord security channel, raised concerns …

2 April 2022
The Dedaub Watchdog Service
Tech Deep Dive

The Dedaub Watchdog Service

The Dedaub Watchdog is a technology-driven continuous auditing service for smart contracts. What …

28 January 2022
Phantom Functions and the Billion-dollar No-op
Tech Deep Dive

Phantom Functions and the Billion-dollar No-op

By the Dedaub team On Jan. 10 we made a major vulnerability disclosure to the Multichain project …

24 January 2022
Etheria | A Six-year-old Solc Riddle
Tech Deep Dive

Etheria | A Six-year-old Solc Riddle

By the Dedaub team The Assignment A few weeks ago, we were approached with a request to work on a …

23 November 2021
Harvest Finance Vulnerability | $200k Bounty
Tech Deep Dive

Harvest Finance Vulnerability | $200k Bounty

We disclosed a critical bug to Harvest Finance. The contracts in scope held a total of $6.4M in …

12 November 2021
Symbolic Value-flow Static Analysis of Ethereum Smart Contracts
Tech Deep Dive

Symbolic Value-flow Static Analysis of Ethereum Smart Contracts

We present a static analysis approach that combines concrete values and symbolic expressions. This …

28 October 2021
Verkle Tree Gas Metering Impact
Tech Deep Dive

Verkle Tree Gas Metering Impact

Dedaub was commissioned by the Ethereum Foundation to investigate the impact of Vitalik Buterin’s …

10 August 2021
Yield Skimming: Forcing Bad Swaps on Yield Farming
Tech Deep Dive

Yield Skimming: Forcing Bad Swaps on Yield Farming

By the Dedaub team Yield Skimming Last week we received bug bounties for disclosing smart contract …

30 March 2021
R-bounty / Primitive Finance Analysis
Tech Deep Dive

R-bounty / Primitive Finance Analysis

Three articles on the Primitive Finance vulnerability disclosure and rescue: PrimitiveFi post-mortem …

18 March 2021
Killing a Bad (Arbitrage) Bot … To Save Its Owner
Tech Deep Dive

Killing a Bad (Arbitrage) Bot … To Save Its Owner

Following the previous white-hat hacks (1, 2), on contracts flagged by our analysis tools, today …

11 February 2021
“look Ma’, No Source!” Hacking a Defi Service With No Source Code Available
Tech Deep Dive

“look Ma’, No Source!” Hacking a Defi Service With No Source Code Available

By the Dedaub team This story describes a cool hack, for over $300K (even nearly $600K, if done at …

2 February 2021
Ethereum Pawn Stars: “$5.7m in Hard Assets? Best I Can Do is $2.3m”
Tech Deep Dive

Ethereum Pawn Stars: “$5.7m in Hard Assets? Best I Can Do is $2.3m”

defi saver Saving DeFi Saver with Static Contract Analysis By the Dedaub team In the complex DeFi …

7 January 2021
Rising Gas Prices Are Threatening Our Security (No, It’s Not the Saudi Attack)
Tech Deep Dive

Rising Gas Prices Are Threatening Our Security (No, It’s Not the Saudi Attack)

Mr. Out of gas exception EIP 1884 is set to be implemented into the upcoming Ethereum ‘Istanbul’ …

22 September 2019
Gigahorse: Thorough, Declarative Decompilation of Smart Contracts
Tech Deep Dive

Gigahorse: Thorough, Declarative Decompilation of Smart Contracts

The rise of smart contract-autonomous applications running on blockchains-has led to a growing …

25 May 2019
Chronicle of an Attack Foretold
Tech Deep Dive

Chronicle of an Attack Foretold

Co-written with Neville Grech In a few hours, an attacker will claim the prize for the first …

27 February 2019
Bad Randomness is Even Dicier Than You Think
Tech Deep Dive

Bad Randomness is Even Dicier Than You Think

Co-written with Neville Grech Bad Randomness Trivial Exploits of Bad Randomness In Ethereum, and How …

14 February 2019