security

17 posts

AI as a Force Multiplier for Security Engineers

AI has not replaced auditors. It has made strong auditors faster and more powerful, while also amplifying attackers.

By Kirk Baird 15 June 2026

Your first ZK vulnerabilities: From ZeroKnowledge of ZK to OneKnowledge

An introduction to ZK circuit security, exploring fundamental mental models for creating and thinking about ZK circuits. Learn about under-constrained variable vulnerabilities that appear in ZK code through a practical Circom example.

By Carlos Alegre Urquizú 17 March 2026

Fusaka's Impact On Smart Contract Security

A summary of Ethereum's Fusaka upgrade and its implications on smart contract functionality.

By Toon Van Hove 12 January 2026

The Ultimate Guide to the Top for Security Researchers: Setting Sail

A comprehensive four-part series guide for security researchers who want to rise faster, build reputation, and make lasting impact in the web3 security space, from foundations to mastery and consistent results.

By Shealtielanz 17 December 2025

SP1 and zkVMs: A Security Auditor's Guide

Practical security checklist and auditing guide for engineers reviewing SP1/RISC-V guest programs (also useful for Risc0). Covers input validation, 32-bit pitfalls, third-party dependency compatibility, overflow protection and verification key handling.

By Kirk Baird 24 September 2025

The Economics of MEV in Cross-Chain Bridge Exploits: A Game-Theoretic Analysis

An explanation of how MEV affects cross-chain bridge exploits and the incentives driving them.

By Gareth Larkan 26 August 2025

Pectra's Impact On Smart Contract Security

A summary of Ethereum's Pectra upgrade and its implications on smart contract functionality.

By Toon Van Hove 21 August 2025

Live EigenLayer Bug Discovered During Sidecar Security Review

Analysis of a critical division-by-zero vulnerability in the EigenLayer sidecar rewards calculation process, its potential DoS impact, and the implemented fixes.

By Andy Li 24 June 2025

A Security Engineer's Guide to Reviewing Core Blockchain Nodes

A comprehensive methodology for conducting security reviews of blockchain infrastructure, using Reth as a practical example

By Kirk Baird 6 June 2025

Transitioning from EVM to SVM: Key Concepts for Solana Security Assessments

Key concepts to understand the Solana Virtual Machine (SVM).

By Dimaz Wijaya 22 April 2025

Unraveling a Curious Edge Case in EigenLayer's Slashing Accounting

Examining an interesting edge case discovered in EigenLayer's beacon chain slashing calculation that affects withdrawable share calculations.

By EllipticPoint 31 March 2025

NEAR Smart Contract Auditing: Storage

In this article, we dive into the storage system of the NEAR blockchain. We'll explore how storage works on NEAR, how to use it securely, and highlight some of the common pitfalls.

By Toon Van Hove 9 February 2025

Common Vulnerabilities: Liquid Restaking Protocols - Smart Contracts

Liquid Restaking protocols are a big trend in the DeFi space. This article explores the common vulnerabilities in liquid restaking protocols with real-world examples.

By Elmedin Burnik 17 September 2024

Forge Testing Leveling

Enhancing Forge testing with fuzzing and invariant testing for smart contract security.

By Dimaz Wijaya 15 July 2024

The Effects of Ethereum's Upgrades on Smart Contracts

A summary of Ethereum's upgrades and their implications on smart contract functionality.

By Toon Van Hove 20 June 2024

On the Importance of the Security Alliance

About the new Security Alliance and why we support it

By Richard Skinner , Mehdi Zerouali 10 April 2024

Using Proxies: An Essential Guide

A practical guide to safe choices and best practices when deploying proxies for a project

By Richard Skinner 26 September 2023

Working on something in this space?

Sigma Prime audits Ethereum protocols, smart contracts, and consensus implementations.

Request a scoping call

Services

Products

Resources

Company

Social

contact@sigmaprime.io