Smart contract security researcher. If you want an audit done, feel free to message me on twitter.
Hot and Cold
Sometimes taking a break is actually bad
A Realistic Web3 Security Maturity Roadmap
If you audit too early, you are paying for feedback on code that might change next week. The report doesn't provide a lifetime guarantee. If you launch without one, the market will audit for you and cost you your TVL. This article is the roadmap for the security evolution that needs to take place in every Web3 project.
A Realistic Web3 Security Maturity Roadmap
If you audit too early, you are paying for feedback on code that might change next week. The report doesn't provide a lifetime guarantee. If you launch without one, the market will audit for you and cost you your TVL. This article is the roadmap for the security evolution that needs to take place in every Web3 project.
The most common vault bugs (from real audits)
Real bugs we keep finding in DeFi vaults: first depositor, bad debt, MEV, lockup gaming, insolvency, broken reward handling, and yield killing routing. If you’re building or integrating vaults, read this before mainnet or you’ll learn these the hard way.
The most common vault bugs (from real audits)
Real bugs we keep finding in DeFi vaults: first depositor, bad debt, MEV, lockup gaming, insolvency, broken reward handling, and yield killing routing. If you’re building or integrating vaults, read this before mainnet or you’ll learn these the hard way.
The most common prediction market bugs (from real audits, not theory)
Prediction markets and the protocols building on top of them are booming. If you're one of those teams, this list of bugs should matter to you. I'm not going to claim this replaces an audit, but every bug here is something we at Phage Security have caught in real engagements, and the patterns were consistent enough that I thought they deserved a write up.
The most common prediction market bugs (from real audits, not theory)
Prediction markets and the protocols building on top of them are booming. If you're one of those teams, this list of bugs should matter to you. I'm not going to claim this replaces an audit, but every bug here is something we at Phage Security have caught in real engagements, and the patterns were consistent enough that I thought they deserved a write up.
You Just Got Hacked: A Realistic Incident Response Plan For Web3 Teams
Most teams freeze. They stare at the screen, not knowing what the immediate step should be. This document is for that moment. It is not a theoretical framework for "security resilience." We have seen the best teams crumble and the worst situations salvaged. This is how you survive.
You Just Got Hacked: A Realistic Incident Response Plan For Web3 Teams
Most teams freeze. They stare at the screen, not knowing what the immediate step should be. This document is for that moment. It is not a theoretical framework for "security resilience." We have seen the best teams crumble and the worst situations salvaged. This is how you survive.
