Blockchain Cybersecurity

Go for Security Auditors: Part 1 - Syntax That Will Trip You Up

The first in a three-part series on auditing Go code, covering deceptive syntax, common pitfalls like nil maps and slice aliasing, testing gotchas, and compiler pragmas that hide security-relevant behaviour.

By Elmedin Burnik 9 June 2026

Defensive Protocol Design

This article covers protective steps developers can take to prevent protocol exploits via defensive design.

By Kree Dotcom 31 March 2026

Common Vulnerabilities: Oracles and Pricing - Smart Contracts

To achieve composability in DeFi, many projects require external sources of truth or price feeds. This article explores the common vulnerabilities in the use of pricing and oracles with real-world examples.

By Kree Dotcom 7 May 2025

NEAR Smart Contract Auditing: Accounts & Access Control

This article explores how NEAR's unique account system combines human-readable names with multi-tiered permissions, examining the security implications and providing practical guidance for implementing robust access control in smart contracts.

By Elmedin Burnik 14 April 2025

NEAR Smart Contract Auditing: Sharding & Cross Contract Calls

NEAR Protocol introduces Nightshade sharding to tackle blockchain scalability while maintaining security. This article explores the security implications of cross-contract calls in sharded environments, demonstrating both proper implementation patterns and potential vulnerabilities through practical examples.

By Elmedin Burnik 1 December 2024

Common Vulnerabilities: Protocol Governance and DAOs - Smart Contracts

Many DeFi Protocols have decentralised using DAOs and token governance. This article explores the common vulnerabilities in the governance of DAOs with real-world examples.

By Kree Dotcom 21 October 2024

Beacon Fuzz - Update #09

By Mehdi Zerouali 11 November 2020

Beacon Fuzz - Update #08

By Mehdi Zerouali 1 October 2020

Beacon Fuzz - Update #07

By Mehdi Zerouali 19 August 2020

Beacon Fuzz - Update #06

By Mehdi Zerouali 12 July 2020

Beacon Fuzz - Update #05

By Mehdi Zerouali 17 June 2020

Beacon Fuzz - Update #04

By Mehdi Zerouali , Nathaniel Jensen 6 May 2020

Beacon Fuzz - Update #03

By Mehdi Zerouali 7 April 2020

Beacon Fuzz - Update #02

By Nathaniel Jensen 24 February 2020

Beacon Fuzz - Update #01

By Nathaniel Jensen 31 December 2019

Announcing Beacon Fuzz, an Eth2 Differential Fuzzer

Beacon Fuzz Update #00

By Mehdi Zerouali 21 November 2019

Dapper Ethereum Smart Contract Wallet: Security Review

This post shares publicly the details of a security assessment conducted by Sigma Prime, which targeted an Ethereum smart contract wallet developed by Dapper Labs.

By Mehdi Zerouali 9 May 2019

Status ENS Integration: Smart Contract Security Review

This post shares with the public details of a security review performed by Sigma Prime, which targeted an Ethereum Name Service (ENS) registrar developed by Status.

By Adrian Manning , Mehdi Zerouali 24 October 2018

Solidity Security: Comprehensive list of known attack vectors and common anti-patterns

This post aims to be a relatively in-depth and up-to-date introductory post detailing the past mistakes that have been made by Solidity developers in an effort to prevent future devs from repeating history.

By Adrian Manning 30 May 2018