Reported critical vulnerability to Dinngo/DeFlast team leading to their rescue of all threatened funds. The vulnerable contract had no public source.
Reported critical vulnerability to DeFi Saver team which would have allowed hackers to steal over $3.5m. Vulnerability was originally flagged by one of our tools.
Technical paper on our analysis technology for tainted contract guards. Interesting observations on symbolic execution vs. static analysis approaches.
Research article on our analysis technology, especially the modeling of "memory" in EVM smart contracts.
Received bounty from the Ethereum Foundation for our analysis of the gas impact of EIP-1884.
Research article, at ICSE'19 conference, describing our decompiler.
Solution to a clever CTF, using a new opcode...
Trivial Exploits of Bad Randomness In Ethereum, and How To Do On-Chain Randomness (Reasonably) Well.
Research Article, distinguished paper award at OOPSLA'18 conference, later appeared as "Research Highlight" in the Communications of the ACM.