Security Audits
InstaDApp Audit Summary
The InstaDApp team asked us to audit their proxy wallet and wallet registry contracts. Here is a summary of our findings.
InstaDApp Audit
The InstaDApp team asked us to audit their proxy wallet and wallet registry contracts. We examined the code and now publish our results.
Libra’s Move IR Compiler Vulnerability: Technical Description
We describe a vulnerability in the Move IR compiler whereby inline comments can be disguised as executable code.
OpenZeppelin Uncovers Vulnerability in Libra’s Move IR Compiler
We found a problem in Libra’s intermediate representation language compiler, the Move IR, that could allow cybercriminals to exploit the yet-to-be-launched cryptocurrency network.
PROPS Rewards Engine Contracts Audit
The YouNow team asked us to review and audit their Rewards Engine contracts that distribute their PROPS token. We looked at the code and now publish our results.
PROPS Token Contracts Audit
The YouNow team asked us to review and audit their PROPS Token contracts. We looked at the code and now publish our results.
Compound Finance Audit Summary
Compound Finance is a protocol, currently deployed on the Ethereum network, for automatic, permissionless, and trust-minimized loans of Ether and various ERC20 tokens.
Compound Audit
The Compound team asked us to review and audit their platform's smart contracts. We examined their code and our results are published here.
Bypassing Smart Contract Timelocks
In this article, we look at a game theoretical attack against smart contract timelock systems that allows the beneficiary (i.e., the early ICO investor or the company founder)...
Exploiting Uniswap: from reentrancy to actual profit
Uniswap is a public, open-source protocol to exchange tokens in Ethereum. In Uniswap, there is a separate exchange contract for each token. While it was designed to seamlessly work with ERC20…
InstaDApp Audit Summary
The InstaDApp team asked us to audit their proxy wallet and wallet registry contracts. Here is a summary of our findings.
InstaDApp Audit
The InstaDApp team asked us to audit their proxy wallet and wallet registry contracts. We examined the code and now publish our results.
Libra’s Move IR Compiler Vulnerability: Technical Description
We describe a vulnerability in the Move IR compiler whereby inline comments can be disguised as executable code.
OpenZeppelin Uncovers Vulnerability in Libra’s Move IR Compiler
We found a problem in Libra’s intermediate representation language compiler, the Move IR, that could allow cybercriminals to exploit the yet-to-be-launched cryptocurrency network.
PROPS Rewards Engine Contracts Audit
The YouNow team asked us to review and audit their Rewards Engine contracts that distribute their PROPS token. We looked at the code and now publish our results.
PROPS Token Contracts Audit
The YouNow team asked us to review and audit their PROPS Token contracts. We looked at the code and now publish our results.
Compound Finance Audit Summary
Compound Finance is a protocol, currently deployed on the Ethereum network, for automatic, permissionless, and trust-minimized loans of Ether and various ERC20 tokens.
Compound Audit
The Compound team asked us to review and audit their platform's smart contracts. We examined their code and our results are published here.
Bypassing Smart Contract Timelocks
In this article, we look at a game theoretical attack against smart contract timelock systems that allows the beneficiary (i.e., the early ICO investor or the company founder)...
Exploiting Uniswap: from reentrancy to actual profit
Uniswap is a public, open-source protocol to exchange tokens in Ethereum. In Uniswap, there is a separate exchange contract for each token. While it was designed to seamlessly work with ERC20…