Security Audits

In this article, we look at a game theoretical attack against smart contract timelock systems that allows the beneficiary (i.e., the early ICO investor or the company founder)...

Uniswap is a public, open-source protocol to exchange tokens in Ethereum. In Uniswap, there is a separate exchange contract for each token. While it was designed to seamlessly work with ERC20…

While working on an audit for the Coinbase team, we found a critical vulnerability in the DSChief contract of the DappHub library.

While working on an audit for the Coinbase team, we found a critical vulnerability in one of the DappHub library contracts. This affects the MakerDAO system currently in production.

The dYdX team asked us to review and audit their Solo project. We looked at the code and our results are published below.

The RCN team asked us to review and audit their Marmo contracts. We looked at the code and here are the results.

The Circle and Coinbase teams asked us to review and audit the minting contracts of the Centre Token. We looked at the code and now publish our results.

At Zeppelin we help protect the core infrastructure of open and decentralized applications. I’m part of the Research team, which is in charge of conducting security audits.

The OTOY team asked us to review and audit their RNDR Token contracts. We looked at the code and now publish our results.

The Augur team and the Ethereum Foundation (through a joint grant) asked us to review and audit the Solidity compiler. We looked at the code and now publish our results. The audited project can be…