All Media Mentions

“Wallets need to clearly convey intent and surface risk. We also need more adoption of naming systems like ENS, because human-readable identifiers make lookalike address attacks harder.”

“DeFi protocols often gain an edge over their competitors by having the cheapest fees. Adding extra checks on transactions would increase gas costs, potentially losing them users. Invariant checks are a great security strategy, but they can't account for everything — especially exploits that a protocol's developers can't reasonably anticipate. It's not the silver bullet.”

“I've taught crypto devs for many years. If you want to go from zero to hero in smart contracts, Mastering Ethereum is the definitive no-fluff guide I recommend above all to achieve that.”

“This is why firms should focus on operating under frameworks that prevent these scenarios entirely, like scaling bug bounty programs that channel security efforts into authorized, constructive activities. When security researchers work within this framework, they're protected legally, companies get stronger security, and innocent third parties are never put at risk.”

“In this guide, we break down practical DeFi security solutions: how real-time monitoring works, which exploits it catches, and how to roll it out without slowing product velocity.”

“Embora a queda nas perdas seja encorajadora, as ameaças persistem [...] Em 2024, observamos um foco maior em ataques a chaves privadas, infraestrutura de projetos e CeFi. O volume de fundos disponíveis em DeFi atingiu $137B este ano (+163%), e, à medida que capital institucional entra no ecossistema, cripto torna-se um alvo irresistível para hackers.”

“Projects are increasingly adopting robust security measures, including enhanced auditing processes, improved smart contract designs, the implementation of bug bounty programs, among others. They also have access to a larger pool of skilled security professionals. The maturity of the current security stack is far better than what we were seeing 2 or 3 years ago, making it more difficult for hackers to exploit vulnerabilities.”

“After reviewing this year's contest submissions, it appears we can draw several conclusions, particularly since no one encountered any significant issues. First, transient storage remains largely unknown and unused by the broader developer community, likely due to its exclusive use in assembly...”

“Most of the losses in 2024 are attributed to attacks targeting CeFi infrastructure. We've known for a while that infrastructure compromises tend to be the most devastating hacks in the cryptocurrency world.”

“[North Korean hackers] focus on a small number of high-value targets and can play a very long game, combining detailed technical knowledge with social engineering and spear-phishing capabilities.”

“Self destruction is, as one can imagine, one of the scariest things one can casually add as an extra function. Changing the logic of a contract provides endless possibilities.”

“Though we're still early in this whole story, there are indications that there were major centralization issues on the Merlin DEX smart contracts. Specifically, the address receiving pool fees was allowed to drain all funds from every pool in the protocol.”

“The specific bug's root cause was the lack of proper access control to a function which should be for privileged usage only. This is a common security vulnerability which is usually caught at the auditing phase of a smart contract.”

“In this article, we will be analyzing the exploited vulnerability in the 0xbad smart contract without looking at any actual source code. We'll analyze the massive profit arbitrage transaction and see what we can learn from there, but also try a few decompiling tools to help us reach the same conclusion as the hacker.”

“[W]e must fully understand how the human body and mind are affected by the environment in space. NASA astronauts Scott and Mark Kelly are genetically identical twins and they will show us some answers.”

“The points derive from the three-body problem, which considers the gravitational pull of just two bodies (in this case, the Sun and Jupiter), and then the few points where smaller points can remain stable are found through algebraic methods. The Trojan asteroids are celestial bodies that gathered around Jupiter's L4 and L5. The Lucy mission is crucial to understanding the history of the solar system.”