Backdooring Gnosis Safe Multisig wallets

Disclosure of a severe attack vector in the deployment of the popular Gnosis Safe Multisig wallet. Proof of concept included.

A Year of Research at OpenZeppelin

It's been a busy 2019 for our dearest Research team. These are the main highlights of the year!.

Deep dive into the Minimal Proxy contract

In this deep dive into low-level EVM code, you will learn how to code a Minimal Proxy (EIP 1167) from scratch, no Solidity involved. Finally, we see how to easily deploy the proxy using OpenZeppelin's SDK.

Exploiting Uniswap: from reentrancy to actual profit

Uniswap is a public, open-source protocol to exchange tokens in Ethereum. In Uniswap, there is a separate exchange contract for each token. While it was designed to seamlessly work with ERC20 tokens...