The InstaDApp team asked us to audit their proxy wallet and wallet registry contracts. Here is a summary of our findings.

The InstaDApp team asked us to audit their proxy wallet and wallet registry contracts. We examined the code and now publish our results.

We describe a vulnerability in the Move IR compiler whereby inline comments can be disguised as executable code.

We found a problem in Libra’s intermediate representation language compiler, the Move IR, that could allow cybercriminals to exploit the yet-to-be-launched cryptocurrency network.

The YouNow team asked us to review and audit their Rewards Engine contracts that distribute their PROPS token. We looked at the code and now publish our results.

The YouNow team asked us to review and audit their PROPS Token contracts. We looked at the code and now publish our results.

Compound Finance is a protocol, currently deployed on the Ethereum network, for automatic, permissionless, and trust-minimized loans of Ether and various ERC20 tokens.

The Compound team asked us to review and audit their platform's smart contracts. We examined their code and our results are published here.

While working on an audit for the Coinbase team, we found a critical vulnerability in the DSChief contract of the DappHub library.

While working on an audit for the Coinbase team, we found a critical vulnerability in one of the DappHub library contracts. This affects the MakerDAO system currently in production.