246536 61520 22 14807 679 254949
237874 623380 8947
Circle
New

Latest blog post

Doppler Doppler
30.05.2023

Ethereum Foundation study: removal of SELFDESTRUCT

We were commissioned by the Ethereum Foundation to perform an impact study of Ethereum Improvement Proposals (EIPs) 4758 and 6780 on existing contracts.

Start Reading
Circles


Down
28.10.2021

Symbolic Value-Flow Static Analysis of Ethereum Smart Contracts

A technical paper describing our most recent analysis technology, responsible for 7 major vulnerabilities detected in-the-wild.

Start Reading


10.08.2021

Verkle tree gas metering impact

We were commissioned by the Ethereum Foundation to study the impact of a new gas cost model, based on Verkle tree access costs.

Start Reading


27.05.2021

EIP-3074 Impact Study

We were commissioned by the Ethereum Foundation to do a study of the impact of EIP-3074 (AUTH and AUTHCALL) on existing contracts.

Start Reading


30.03.2021

Yield Skimming: Forcing Bad Swaps on Yield Farming

Received bug bounties from Vesper Finance and BT Finance for vulnerability disclosures. Both vulnerabilities follow the same pattern and we study when it can be exploited.

Start Reading


18.03.2021

R-Bounty / Primitive Finance Analysis

We reported a critical vulnerability to Primitive Finance, leading to the generous R bounty and an article on the war room operation.

Start Reading


18.02.2021

Killing a Bad (Arbitrage) Bot ... to Save Its Owner

A vulnerable bot was controlling some $80K. We killed it, saving the funds of its owner(s).

Start Reading


10.02.2021

“Look ma’, no source!” Hacking a DeFi Service with No Source Code Available

Reported critical vulnerability to Dinngo/DeFlast team leading to their rescue of all threatened funds. The vulnerable contract had no public source.

Start Reading


21.01.2021

Ethereum Pawn Stars: “$5.7M in hard assets? Best I can do is $2.3M”

Reported critical vulnerability to DeFi Saver team which would have allowed hackers to steal over $3.5m. Vulnerability was originally flagged by one of our tools.

Start Reading


05.11.2020

Ethainter: A Smart Contract Security Analyzer for Composite Vulnerabilities

Technical paper on our analysis technology for tainted contract guards. Interesting observations on symbolic execution vs. static analysis approaches.

Start Reading


Left
2
Right