OtterSec @osec_io Twitter profile

Pinned Tweet

OtterSec

@osec_io

2 years

Thread of interesting audits we have done, blog posts for a quick read, and more!

41

97

250

Last Seen Profiles

@__aautiiy

@NEOOKITA

@Ayanth3blerdDom

@AppleWiz1

@RebeccaDRobbins

@PrincetonSovFin

@corpsebridey

@masterofgayops

@loocvox

@BhawaniSaw5

@ashslippedawayy

@ZINEyokikoto

@resuvation

@dwnsearnest_red

@jadlesss

@cenkumeyraksoy

@brettwaltner

@UNHCR_de

@pinkmantaray

@AimbotP_

@PanelPerDay

@Basharkk

$mel 👽🛸 | BAMBAM DAY /ᐠ. .ᐟ\ฅ$

@sevenfiniti

@molbo_

@stw_pdg

@me_i7_tori

@slar4m

@kemptonparkrace

@matthewsuber

@Hallncin0gen

@p_minamikawa

@Inga_Gorbunova

@The_T

@spectatorindex

@ruhig_bauer

@LexicYoda

OtterSec

@osec_io

2 years

In light of our recent partnership with @xNFT_Backpack , we are giving away 20 invite codes to the Backpack Beta! 🎒 To enter: -Follow @xNFT_Backpack and @osec_io -Like and retweet this tweet 20 people will be randomly selected on October 29th @ 3PM PST! #WAO

249

312

402

OtterSec

@osec_io

2 years

@mangomarkets was just drained for over $100M. 🧵

242

616

2K

OtterSec

@osec_io

1 year

🦦 🤝 🎒 Bag Secured. We're proud to keep @xNFT_Backpack safe with ongoing security audits. To celebrate our ongoing partnership, we’re giving away 5 @MadLadsNFT madlist. To participate simply: 🦦 Like & RT 🦦 Follow @osec_io and @xNFT_Backpack

483

946

1K

OtterSec

@osec_io

2 years

Closed source @Solana programs used to be safe. We’ve changed that. Learn how to hack Solana programs with our open-source #BinaryNinja plugin 👇

33

167

758

OtterSec

@osec_io

2 years

Over $4M was drained from Solana wallets over the past 2 days. We’ve been working directly with @solana and @slope_finance to investigate. Here’s what we found.

151

188

444

OtterSec

@osec_io

2 years

Over 5000 Solana wallets have been drained in the past few hours.

35

153

470

OtterSec

@osec_io

2 years

SPL-token-swap: This February, we discovered a critical rounding exploit in the Solana Program Library token-swap implementation. With over $74 M at risk, this was one of the most impactful bugs we’ve reported. Let’s take a deep dive: 1/

12

82

398

OtterSec

@osec_io

2 years

We’re continuing to investigate the recent Mango Markets hack. Let’s clear up some misinformation. 🧵

15

70

282

OtterSec

@osec_io

1 year

As part of our ongoing security partnership and collaboration with @ape16z , we are giving away 3 apelists for the big mint at the end of the month! To enter: - Follow @ape16z and @osec_io - Like and retweet this tweet 3 spots to be given away on November 27th 3PM PST! ⬇️

41

236

283

OtterSec

@osec_io

1 year

. @iearnfinance was just hacked for over $10M. Here's what we know. 🧵

6

95

297

OtterSec

@osec_io

2 years

It appears the attacker was able to manipulate their Mango collateral. They temporarily spiked up their collateral value, and then took out massive loans from the Mango treasury.

12

34

255

OtterSec

@osec_io

2 years

Rent Thief: 1/ An MEV bot has been stealing rent from @solendprotocol by abusing the account initialization process. This is the story of the curious rent thief ; 🧵

5

33

209

OtterSec

@osec_io

2 years

Over the past two weeks, we’ve worked closely with @slope_finance , @phantom , and @solana to investigate the root cause of the drained wallets. Here’s what we found.

24

62

230

OtterSec

@osec_io

2 years

We're recruiting security researchers! Competitive salary at up to 250/hr (500k annualized). Please send an email to contact @osec .io or DM us!

16

46

244

OtterSec

@osec_io

2 years

Building on Move? Let’s talk about the Move Prover. The complete guide for formally verifying your smart contracts 👇

5

53

209

OtterSec

@osec_io

2 years

Want to learn how to hack smart contracts? We're excited to release our introduction to Solana (from an auditor's perspective)!

3

61

232

OtterSec

@osec_io

2 years

If you've been affected, please fill out this form!

Solana hack Aug 2 2022

docs.google.com

10

115

200

OtterSec

@osec_io

2 years

1/ @nirvana_fi was hacked for $3.49 M a few hours ago. How did this happen? 🧵

6

46

202

OtterSec

@osec_io

1 year

Hackers stole $44.6M this month. The best threads to understand each exploit:

3

36

192

OtterSec

@osec_io

1 year

A large MEV bot was recently hacked for almost 20M. It all happened in one block. Here's what we know 🧵

10

32

191

OtterSec

@osec_io

1 year

1/ Alameda has been a long-standing, loyal security audit client of ours. We also work closely with many projects on Solana, many of which are directly or indirectly affected by FTX’s insolvency. Here’s our perspective.

13

73

182

OtterSec

@osec_io

2 years

Credit goes to @TomGeshury for alerting us. This is an ongoing investigation, follow us @osec_io to stay up to date on the latest.

6

7

161

OtterSec

@osec_io

2 years

1/ In our recent audit report on @JetProtocol ’s governance program, we listed 13 findings and 4 vulnerabilities. One of these vulnerabilities stand out from the others: OS-JET-ADV-01 Let’s take a deep dive into this rounding error, the implications, as well as its exploitability

3

27

162

OtterSec

@osec_io

1 year

. @SushiSwap 's RouteProcessor2 contract was recently hacked. Let's dive into what happened. 🧵

11

36

145

OtterSec

@osec_io

1 year

We’ve spent hundreds of hours auditing Solana protocols. There are several unique aspects of Rust that developers should keep in mind to write secure contracts. An otter’s complete guide to Rust 🧵 🦦

6

30

154

OtterSec

@osec_io

2 years

We’ve been following the recent Solana wallet draining. Let’s clear up some misinformation. 🧵

5

63

140

OtterSec

@osec_io

2 years

We have independently confirmed that Slope’s mobile app sends off mnemonics via TLS to their centralized Sentry server. These mnemonics are then stored in plaintext, meaning anybody with access to Sentry could access user private keys.

15

33

133

OtterSec

@osec_io

1 year

As part of a routine audit, we found a critical memory corruption issue in Solana’s onchain SDK. If you’ve ever used account reallocation, pay close attention ⏰ Here’s how it all happened.

9

40

136

OtterSec

@osec_io

6 months

Maintain security. Maintain transparency. 🦦🤝🏼🎒

Armani Ferrante (hiring)

@armaniferrante

6 months

We've made a ton of progress here, partnering with an incredible team of security researchers at @osec_io . In fact, the proofs are done, but we need to integrate them into our general system. We need to run verification from the wallet. We expect to be held to this standard.

1

3

111

6

16

118

OtterSec

@osec_io

5 months

New blog post: Jumping Around In The VM We explore low-level Solana VM behavior, leveraging Jump Oriented Programming inside the Solana VM, and look at how to escalate from a powerful memory corruption primitive to full program control. Read more here →

Solana: Jumping Around in the VM

An exploration of low-level Solana VM behavior. How to escalate from a powerful memory corruption primitive to full program control.

osec.io

3

33

121

OtterSec

@osec_io

2 years

@Crema_Finance was recently hacked for over $6M. Unlike previous attacks, this hacker used Solend flashloans to drain the pool. We’re working closely with the Crema team to help resolve this issue. In the meantime, we’ll be sharing what we know about the exploit 🧵

10

57

116

OtterSec

@osec_io

2 years

Over the next few days, we will be publishing our analysis of two critical vulnerabilities in spl-lending and spl-token-swap. Turn notifications on to get them first

7

11

115

OtterSec

@osec_io

1 year

@RaydiumProtocol just got hacked. It doesn't seem like a smart contract vulnerability. Here's our analysis.

3

45

116

OtterSec

@osec_io

1 year

We present a novel framework for formally verifying Solana smart contracts — and a case study application to @SquadsProtocol . A story about bounded model checking, practical specifications, and Anchor macro internals.

7

32

108

OtterSec

@osec_io

1 year

While smart contract security is important, there are other simple attack vectors, like Discord, that have been used to socially engineer community members for their Discord credentials and private keys. Let's dive into the recent attacks on #Aptos Discords 👇 1/9

5

47

97

OtterSec

@osec_io

1 year

Safe contracts start with clean code. Here are three cheat sheets to write better contracts in Solidity ⬇️ 🦦

4

17

108

OtterSec

@osec_io

2 years

Over 5,300 private keys which were not a part of the exploit were found in the Sentry instance. 2,358 of these addresses have tokens in them. If you used Slope, PLEASE MOVE YOUR FUNDS.

OtterSec

@osec_io

2 years

This affects multiple wallets - Phantom, Slope, Solflare, TrustWallet - across a wide variety of platforms. FOR USERS, please move your assets to a hardware ledger or a centralized exchange.

13

9

33

7

48

106

OtterSec

@osec_io

2 years

Calling all Move devs and security engineers 🗣️ We are holding a space with @TsunamiFinance_ and @STARSPACEio to discuss the current state of cybersecurity on Aptos and Sui! If you are developing in Move or have interest in how we operate, tune in:

7

22

93

OtterSec

@osec_io

1 year

We’ve spent hundreds of hours auditing protocols on Aptos and Sui. There are several unique aspects of the Move language that developers should keep in mind to write secure contracts. An otter’s complete guide to writing safer contracts in Move:

8

23

94

OtterSec

@osec_io

9 months

🚨Announcement🚨 OtterSec has added @ArkhamIntel to our tech stack in order to track, recover, and blacklist stolen funds across all ecosystems in the event of an exploit. Their alert system and API will allow us to take action swiftly and return user funds quicker than ever.🤝

6

22

87

OtterSec

@osec_io

2 years

These transactions are being signed by the actual owners, suggesting some sort of private key compromise.

8

25

85

OtterSec

@osec_io

2 years

At a high level, 1. This was not a flashloan attack 2. The attacker addresses were funded 5.5M via FTX 3. It appears the attacker manipulated prices across all exchanges, not just Solana oracles

6

82

OtterSec

@osec_io

2 years

Congrats to @AptosLabs on mainnet launch! 🎉 Join @cuffyCapital , @EVNFT , and @cyber_porter in our AMA tomorrow for all community members and projects building in the space! Looking forward to hearing from everyone about #Aptos and #Move 👂🏼

5

11

78

OtterSec

@osec_io

2 years

Josh Siegel, 17 year veteran at @jump_ , plays Mastermind against founder of OtterSec, Robert Chen, while discussing @wormholecrypto , @SuiNetwork , @AptosFoundation , @Solana and @NEARProtocol .

5

7

89

OtterSec

@osec_io

2 years

Are you attending the Solana Hacker house in Stockholm? Look out for our panel on August 25 (4:30 to 5:00pm) where we are joined by @goFYEO , @HalbornSecurity , and @QuickNode to discuss security and digital trust in web3!

1

6

49

OtterSec

@osec_io

8 months

Head of Accounts, @cuffyCapital , presenting on the importance of Formal Verification for @StellarOrg . We are excited to make @SorobanOfficial a more secure place to develop smart contracts! #Meridian2023 #StellarSocialClub

2

19

77

OtterSec

@osec_io

1 year

OtterSec and Sui Foundation announce the SuiTF Challenge for Denver #SuiBuilderHouse attendees!

7

16

76

OtterSec

@osec_io

1 year

Excited to announce our partnership with @SuiNSdapp ! We will be hosting a community AMA tomorrow to discuss the Sui Ecosystem and Security 💧🦦

1

17

68

OtterSec

@osec_io

4 months

NEW: Rounding Problems, published January 18th, 2024. Rounding-related hacks are having a moment in the spotlight. We explore these exploits, correct some popular misunderstandings, and provide mitigations. Read more here:

Rounding Bugs: An Analysis

Rounding-related hacks are having a moment in the spotlight. We explore these exploits, correct some popular misunderstandings, and provide mitigations.

osec.io

3

14

73

OtterSec

@osec_io

1 year

We caught over $840M in critical exploits over the last 12 months. How? One audit at a time. Line by line. Day by day. For 12 months. 🦦

4

75

OtterSec

@osec_io

1 month

OtterSec is excited to introduce what we’ve been cooking lately: OtterChain! OtterChain is a new L3, built with security in mind. We’re more than a multisig: we’re two multisigs! Going forward, every protocol we audit will exclusively launch on OtterChain 🦦

8

5

72

OtterSec

@osec_io

2 years

We are excited to announce the release of our open-source Binary Ninja plugin for Solana EBPF. We’ve been developing it internally for a few weeks and it is finally mature enough to be useful for actual program analysis:

GitHub - otter-sec/bn-ebpf-solana: Binary Ninja plugin for Solana eBPF

Binary Ninja plugin for Solana eBPF. Contribute to otter-sec/bn-ebpf-solana development by creating an account on GitHub.

github.com

1

5

61

OtterSec

@osec_io

1 year

Serious answers only 🦦

17

8

58

OtterSec

@osec_io

2 years

Approximately 1,400 of the addresses in the exploit were present in Sentry logs. Notably, this does not account for all the hacked addresses. We are still investigating this discrepancy and possible other vectors.

3

59

OtterSec

@osec_io

1 month

We had a great team bonding activity during our Japan offsite today: otters 🤝 otters!!!

6

1

59

OtterSec

@osec_io

10 months

🚨Otters On-Chain: Episode 07🚨 💰Solana DeFi Edition: @DriftProtocol , @marginfi , @cypher_protocol , @jito_labs , and more💰 Drop everything you’re doing and start providing liquidity💦 July 12th at 3PM EST

5

14

53

OtterSec

@osec_io

2 years

We were engaged by the @cega_fi team to perform a security audit of their smart contract code and we’re proud to announce its successful conclusion! Code quality was high, and all vulnerabilities were patched and confirmed. Deep dive below into interesting technical findings: 🧵

2

7

52

OtterSec

@osec_io

1 year

Yo 🚨🦦 Join Episode [01] of “Otters On-Chain”, where we sit down with some of the biggest names in crypto to chat market conditions, protocol development, and security. Our first guest is @VRRBFounder , he is the creator of @VRRBLabs and will be joining …

7

19

52

OtterSec

@osec_io

1 year

Excited to partner with @getcode on their timelock program, a novel approach to Solana transaction UX.

Code

@getcode

1 year

On Code, transactions are always instant. This is enabled through a novel on-chain program called the Timelock program. @osec_io just completed their audit of the Timelock program, found here: Next up is the Splitter program.

3

11

55

0

14

48

OtterSec

@osec_io

10 months

Hackers switched it up in June. It's important to remember that not all attacks stem from bad code. Here are the top 4 most unique hacks from last month.

1

13

52

OtterSec

@osec_io

1 year

Introducing our first CTF challenge of 2023: The ISTM List! The challenge is now live till 20th January, more info below 👇

3

14

52

OtterSec

@osec_io

6 months

Been hearing a lot about Metamask Snaps? Let's take a look at what they are, how they work, and some of the vulnerability research OtterSec has done, including a bug we found in the sandboxing layer. More technical details can be found in our blog post:

Metamask Snaps: Playing in the Sand

A deep dig into Metamask Snaps. We explore safety considerations, environment design, and break down a property spoofing vulnerability in the Snaps sandboxing layer.

osec.io

OtterSec

@osec_io

6 months

Metamask Snaps: Playing in the Sand Published November 1st, 2023

1

18

45

1

15

47

OtterSec

@osec_io

2 years

In our analysis of the @phantom mobile wallet codebase, we did not find any evidence of vulnerabilities which would lead to compromise of mnemonics or the application itself.

3

5

38

OtterSec

@osec_io

3 months

OtterSec is excited to announce that our audit of the restaking vaults has been completed! We’re proud to have partnered on supporting the first restaking vaults on Solana 🔥

Picasso 🎨

@Picasso_Network

3 months

1/ 🎨 Restaking Vaults on @Solana are now live! 🗓️ Experience the first instance of Restaking on @Solana . ⚔️ Dive into the MANTIS Games Competition. 🤝 Time to build or join a team. 🖥️ Live on

46

104

464

2

10

46

OtterSec

@osec_io

1 year

An update on the flashbots hacker. What we know:

5

7

47

OtterSec

@osec_io

1 year

Ω 🤝 🦦 Olympus is building $OHM, DeFi’s decentralized reserve currency, and @osec_io keeps this vision secure. We’re proud to announce the completion of our @OlympusDAO audit!

3

8

43

OtterSec

@osec_io

2 years

Slope has been very helpful in sharing data related to the hack. We received the database 4:45 PM UTC August 3rd and immediately began our investigation. The Sentry logs spanned between July 28th and August 3rd.

4

3

42

OtterSec

@osec_io

1 year

We’ve audited 60+ leading protocols. Yet 66% of audits contain at least one critical vulnerability. Why blockchain security is so difficult for world-class teams:

1

10

47

OtterSec

@osec_io

10 months

What does "memory-safe" actually do? Join us on an exploration into the Solidity compilation pipeline, optimization assumptions, and how it all relates to "memory-safe" assembly 🦦

Solidity Compilers: Memory Safety

An exploration into the Solidity compilation pipeline, optimization assumptions, and how it all relates back to memory-safe assembly.

osec.io

0

13

45

OtterSec

@osec_io

6 months

Metamask Snaps: Playing in the Sand Published November 1st, 2023

Metamask Snaps: Playing in the Sand

A deep dig into Metamask Snaps. We explore safety considerations, environment design, and break down a property spoofing vulnerability in the Snaps sandboxing layer.

osec.io

1

18

45

OtterSec

@osec_io

6 months

First step of Solana #Breakpoint2023 : MEV Camp. Find us in Amsterdam this week 🦦

1

9

44

OtterSec

@osec_io

3 months

We would also like to state that LFG has not worked with us, and the report on their page is fake. If you want to find our reports, they are available here:

Sampled Public Audit Reports | Notion

Built with Notion, the all-in-one connected workspace with publishing capabilities.

ottersec.notion.site

Trail of Bits

@trailofbits

3 months

Warning: @lfgexchange is falsely claiming to have worked with us on an audit. The report on their page is fake. If you want to verify the authenticity of a @trailofbits report, find it on our publications repo, the authoritative source straight from us.

16

42

181

3

10

40

OtterSec

@osec_io

2 years

Going to Lisbon for @SolanaConf ? We'd love to see you there along with some of our amazing partners :) @saydialect @SquadsProtocol @marginfi @clockwork_xyz @jito_labs

3

39

OtterSec

@osec_io

2 years

We’re proud to announce that the @mrgntrade blackbox vault is now live! Always a pleasure to work with teams that put an emphasis on security!

6

2

41

OtterSec

@osec_io

3 months

Hey crypto security researchers... will you be our valentine? We’re excited to help spread the word about the Safe Harbor Agreement, along with sending love to our security crushes @samczsun and the @_SEAL_Org ❤️

Security Alliance

@_SEAL_Org

3 months

Hello world!

24

62

339

3

13

43

OtterSec

@osec_io

2 years

The attacker created a ~480M MNGO-PERP position and countertraded themself on another account. They then manipulated the price of MNGO up across a number of exchanges, borrowing against their unrealized MNGO gains to drain the protocol.

1

37

OtterSec

@osec_io

2 years

1/ We were engaged by @port_finance to audit their fixed-rate lending program, Sundial. In our audit, we found 3 bugs that could lead to loss of funds for Port and its users. Let’s take a deep dive into OS-PRT-ADV-00, a surprisingly subtle rounding bug in the liquidation handler

2

40

OtterSec

@osec_io

1 year

Hackers stole $214M last month. A summary of March’s seven biggest exploits 🧵:

1

4

40

OtterSec

@osec_io

1 year

Excited to partner here 🤝🏼 Give our friends some attention 🃏 ♠️♥️♣️♦️

Duel

@DuelCasino

1 year

DUEL X OTTERSEC We are proud to announce our newest partnership with OSEC, one of the leading audit firms in web3! @osec_io will be auditing all new features and games produced by Duel. With their help, we look forward to bringing you more secure and provably fair games.🤝

8

23

83

2

10

39

OtterSec

@osec_io

1 year

@historyinmemes Otters protect each other 🤝

OtterSec

@osec_io

1 year

Serious answers only 🦦

17

8

58

0

39

OtterSec

@osec_io

1 year

Excited to partner with @solendprotocol on the new v2!

Solend

@solendprotocol

1 year

Solend V2 is rolling out in 3 phases, the first of which has completed audit with @osec_io . Phase 1 features include borrow weights, TWAP oracles, and outflow rate limits. The rollout of Phase 1 will enable the Main pool to reopen. Stay tuned for more details!

2

6

34

3

4

32

OtterSec

@osec_io

11 months

. @Aptos_Network just launched a novel approach to storage: Move Objects. Working closely with both Aptos projects and the Foundation, our auditors have caught dozens of bugs before they hit mainnet. Here are 3 key security tips to help you launch safely 🧵

1

5

40

OtterSec

@osec_io

1 year

OtterSec got $BONK-ed

1

39

OtterSec

@osec_io

2 years

Also, late thanks to @Tristan0x for the Dune query tracking hacked assets.

Tristan

@Tristan0x

2 years

Tough day for everyone on Solana today, but here's a breakdown of what we know: 1/ At approximately 22:37 UTC yesterday a hacker began a widespread exploit, the extent of which has so far affected $4M+ of assets from 9.2k+ unique wallets.

62

252

802

1

3

40

OtterSec

@osec_io

2 years

For our full analysis, see our blog post:

1

6

41

OtterSec

@osec_io

1 year

6/ Looking forward, we strongly recommend using multisigs as a safe and secure way to custody assets. Protocols should also switch deployment keys over to a multisig if possible.

5

7

36

OtterSec

@osec_io

1 year

🗣️ZK-Security panel moderated by @claudijd of @jump_ . Accompanied by Founder @NotDeGhost , @mpfzajac , and @evanashapiro with @MinaProtocol , all on one stage at @thepit . 🦦🕳️

1

5

35

OtterSec

@osec_io

6 months

Security companies unite? 👀

toly 🇺🇸| bip-420

@aeyakovenko

6 months

@metaproph3t @osec_io @Neodyme Let’s make them.

4

1

24

2

7

36

OtterSec

@osec_io

1 year

Oracle attacks are responsible for over $590M in smart contract exploits. But oracle security is largely seen as a black box. We’ve been busy helping protocols develop new risk mitigation techniques to keep users safe. An otter’s guide to preventing oracle attacks 🧵

1

5

39

OtterSec

@osec_io

2 years

This is a developing situation and we’re actively investigating. If you have any more information, please reach out to us @osec_io .

1

0

33

OtterSec

@osec_io

1 year

2/ Even before FTX filed for bankruptcy, there were some red flags. A few days prior, their Solana USDC Account ran out of funds for withdrawals.

Robert Chen

@NotDeGhost

1 year

Solana USDC wallet has $88 in it..

4

0

35

2

7

34

OtterSec

@osec_io

2 years

As @JetProtocol 's governance module goes live, we’re excited to open-source our audit report! From 13 findings, we’re breaking down the two most interesting ones: conversion rate abuse and improper rounding, both allowing malicious users to drain funds from the program. 1/

Jet Protocol

@JetProtocol

2 years

Jetters, we landed. 🛬 Jet is extremely excited to announce that the Governance module is now LIVE on mainnet! Introducing the JetGovern App: A New Horizon for Decentralized Collaboration Users can: 🛩️ Claim Airdrop 🛩️ Stake/Unstake 🛩️ Vote (soon!)

13

20

78

3

7

34

OtterSec

@osec_io

1 year

3/ Soon after the confirmed insolvency, suspicious transactions emerged on the FTX side, draining roughly $1B in user funds. A variety of token types were drained over the course of a few hours.

1

9

34

OtterSec

@osec_io

1 year

Security is always evolving. If you stop learning, you expose yourself to vulnerabilities. Let’s explore two of the newest mitigation technique on the block: 🧵

1

5

38

OtterSec

@osec_io

2 years

OtterSec x @CastleFinance

2

5

38

OtterSec

@osec_io

7 months

OtterSec is proud to support the Cypher team as they embark on the next chapter of their journey!

cypher ©️

@cypher_protocol

7 months

The time is here The IDO is around the corner Lets dive in to how the IDO will be conducted cypher will use a liquidity bootstrapping curve (LBC) from @ArmadaFi Why? Dynamic Price Discovery: The LBC ensures a gradual & organic valuation. The market will find its rightful…

8

26

81

2

15

33

OtterSec

@osec_io

2 years

Currently, the hacker has made a proposal on Mango Governance to try and negotiate for a bounty.

2

3

34

OtterSec

@osec_io

1 year

Gray-hat hackers are tricky to deal with and abundant in crypto. Not knowing how to to deal with them can leave your protocol vulnerable to blackmail or a critical exploit. How to best approach “gray-hats” 🧵:

1

3

34

OtterSec

@osec_io

7 months

ICYMI: On Wednesday's spaces, we talked about how our CEO @notdeghost , in partnership with @rimeissner , @AckeeBlockchain , @HatsFinance , @chain_security , and @OpenZeppelin introduced ERC-7512 in response to the critical need for onchain access and verification of audits.

1

13

32