“Look ma’, no source!” Hacking a DeFi Service with No Source Code Available

Reported critical vulnerability to Dinngo/DeFlast team leading to their rescue of all threatened funds. The vulnerable contract had no public source.

Ethereum Pawn Stars: “$5.7M in hard assets? Best I can do is $2.3M”

Reported critical vulnerability to DeFi Saver team which would have allowed hackers to steal over $3.5m. Vulnerability was originally flagged by one of our tools.

Ethainter: A Smart Contract Security Analyzer for Composite Vulnerabilities

Technical paper on our analysis technology for tainted contract guards. Interesting observations on symbolic execution vs. static analysis approaches.

Precise Static Modeling of Ethereum 'Memory'

Research article on our analysis technology, especially the modeling of "memory" in EVM smart contracts.

Ethereum Foundation EIP-1884 bounty

Received bounty from the Ethereum Foundation for our analysis of the gas impact of EIP-1884.

Gigahorse: Thorough, Declarative Decompilation of Smart Contracts

Research article, at ICSE'19 conference, describing our decompiler.

Chronicle of an Attack Foretold

Solution to a clever CTF, using a new opcode...

Bad Randomness Is Even Dicier than You Think

Trivial Exploits of Bad Randomness In Ethereum, and How To Do On-Chain Randomness (Reasonably) Well.

MadMax: Surviving Out-of-Gas Conditions in Ethereum Smart Contracts

Research Article, distinguished paper award at OOPSLA'18 conference, later appeared as "Research Highlight" in the Communications of the ACM.