trust nothing, verify everything
Smart contract audit Smart contract security review
Jul 4, 2025 · 7 min read · In recent times a number of web3 security companies have begun offering paid “AI Smart Contract Auditor” services. These services commonly require clients to upload code to a website and after paying a fee, receive an AI-generated audit report. A muc...
Scoop commentedMar 17, 2025 · 15 min read · Decorated auditor deadrosesxyz recently put on their developer hat to create a leveraged yield-farming protocol Yieldoor whose code provided ample opportunity for gas optimization. Many articles have been written listing common gas optimization techn...
Join discussionJan 23, 2025 · 28 min read · Prompt and efficient liquidation is crucial to maintaining solvency in DeFi protocols, yet it is among the hardest and most complex code to implement in a safe and especially trustless manner. There are many potential vulnerabilities and bugs which c...
CMOM and 1 more commentedNov 29, 2024 · 26 min read · At DeFi Security Summit 2024 I presented a workshop on how smart contract developers can use invariant fuzz testing to find high severity issues prior to external audit, based on my real-world experience doing private audits with Cyfrin. Since fuzz t...
Join discussionNov 10, 2024 · 14 min read · Many high severity findings found during private audits by external auditors could have been found by the protocol developers themselves using invariant fuzz testing prior to engaging external auditors. While this doesn’t require developing an “attac...
SPFire commented