Tech Deep Dive
Rho Markets Incident
On July 19th, Rho Markets — a Compound V2 fork on Scroll — was involved in an incident that led to t ...
5 September 2024
Web 3 Audit Methodology by Dedaub
Dedaub’s Security Audit teams comprise at least two senior security researchers, as well as any supp ...
4 September 2024
Common Solidity Security Vulnerabilities
Understanding and Mitigating Solidity Security Vulnerabilities Solidity Security Vulnerabilities&nbs ...
27 August 2024
Bulk Storage Extraction
Most Dapp developers have heard of and probably use the excellent Multicall contract to bu ...
7 February 2024
Arbitrum Sequencer Outage | Root Cause Analysis
The Arbitrum network experienced significant downtime on December 15 due to problems with its sequen ...
17 December 2023
Thestandard.io Exploit | A Thorough Analysis by Dedaub
Hello everyone, this is Yannis Bollanos, Security Researcher at Dedaub. A few days ago, we published ...
16 December 2023
Transaction Simulation Solutions | An In-depth Guide
Introduction to Transaction Simulation Solutions Transaction simulation tools improve developer and ...
16 December 2023
Smart Contracts | Tale of Little Bugs
As most programmers would admit, the most annoying bugs are often the “little” ones. Tin ...
14 December 2023
The Critical Thirdweb Vulnerability
Summary: The root cause of the thirdweb critical vulnerability is that independent libraries im ...
7 December 2023
Smart Contract Audits Guide
Smart Contract Audit Essentials: Navigating the Web 3 Landscape with Expertise and Security With blo ...
2 December 2023
Smart Contract Security Tools | A Guide to Dedaub Security Suite, Step-by-step Tutorial
Dedaub Security Suite (former Watchdog) is not just a tool; it’s a comprehensive security ...
18 October 2023
Platypus Finance Hack
Platypus Finance Hack: The platform was targeted by a flashloan attack, resulting in an approximate ...
12 October 2023
Preparing for Your First Web3 Audit
Your project is at an advanced state of engineering and you have decided to hire an auditor to maxim ...
16 June 2023
I See Dead Code
What if I told you that over one-third of recently-deployed Ethereum smart contracts consist mostly ...
11 February 2023
Poly Network Hack Postmortem
On July 2nd, 2023 06:47:20 PM UTC Poly Network suffered what was initially reported to be a notional ...
7 February 2023
Uniswap Reentrancy Vulnerability Disclosure
By the Dedaub team Uniswap Reentrancy | Uniswap Labs recently advertised a boosted $3 ...
16 December 2022
Latent Bugs in Billion-plus Dollar Code
You are probably safe, but be aware… Daniel Von Fange pinged me last week: Hey, I just realized ...
19 April 2022
Mass Disclosure of Griefing Vulnerabilities
This week, with the help of @drdr_zz and @wh01s7 of SecuRing, we tackled a ...
15 April 2022
Rari Capital Vulnerability
Security researchers actively participating in Tribe DAO’s Discord security channel, raised concerns ...
2 April 2022
Elipmoc: Advanced Decompilation of Ethereum Smart Contracts
Smart contracts on the Ethereum blockchain greatly benefit from cutting-edge analysis techniques and ...
21 March 2022
The Dedaub Watchdog Service
The Dedaub Watchdog is a technology-driven continuous auditing service for smart contracts ...
28 January 2022
Phantom Functions and the Billion-dollar No-op
By the Dedaub team On Jan. 10 we made a major vulnerability disclosure to the Multich ...
24 January 2022
Etheria | A Six-year-old Solc Riddle
By the Dedaub team The Assignment A few weeks ago, we were approached with a request to wo ...
23 November 2021
Harvest Finance Vulnerability | $200k Bounty
We disclosed a critical bug to Harvest Finance. The contracts in scope held a total of $6.4M in Unis ...
12 November 2021
Symbolic Value-flow Static Analysis of Ethereum Smart Contracts
We present a static analysis approach that combines concrete values and symbolic expressions. This s ...
28 October 2021
Verkle Tree Gas Metering Impact
Dedaub was commissioned by the Ethereum Foundation to investigate the impact of Vitalik Buterin ...
10 August 2021
Yield Skimming: Forcing Bad Swaps on Yield Farming
By the Dedaub team Last week we received bug bounties for disclosing smart contract vulner ...
30 March 2021
R-bounty / Primitive Finance Analysis
Three articles on the Primitive Finance vulnerability disclosure and rescue: ...
18 March 2021
Killing a Bad (Arbitrage) Bot … To Save Its Owner
Following the previous white-hat hacks (1, 2), on contracts flagged by our analysis tools, today we’ ...
11 February 2021
“look Ma’, No Source!” Hacking a Defi Service With No Source Code Available
By the Dedaub team This story describes a cool hack, for over $300K (even nearly $600K, if ...
2 February 2021
Ethereum Pawn Stars: “$5.7m in Hard Assets? Best I Can Do is $2.3m”
Saving DeFi Saver with Static Contract Analysis By the Dedaub team In the complex DeFi pro ...
7 January 2021
Rising Gas Prices Are Threatening Our Security (No, It’s Not the Saudi Attack)
Mr. Out of gas exception EIP 1884 is set to be implemented into the upcoming Ethereum ‘Istanbul ...
22 September 2019
Gigahorse: Thorough, Declarative Decompilation of Smart Contracts
The rise of smart contract—autonomous applications running on blockchains—has led to a growing numbe ...
25 May 2019
Chronicle of an Attack Foretold
Co-written with Neville Grech In a few hours, an attacker will claim the prize for the first&n ...
27 February 2019
Bad Randomness is Even Dicier Than You Think
Co-written with Neville Grech Trivial Exploits of Bad Randomness In Ethereum, and How To Do On- ...
14 February 2019