Archive
Archive
2022
- - Move Fast & Break Things, Part 2: A Sui Security Primer
- - Formally Verifying the World's Most Popular Smart Contract
- - You Could Have Found the Nomad Hack
- - Hosting an Ethereum CTF Challenge, the Easy Way
- - Ante x Zellic: Audit Incentive Alignment
- - Binance Bridge Hack in Layman’s Terms
- - Move Fast & Break Things, Part 1: Move Security (Aptos)
- - The Vulnerabilities You’ll Write With Anchor
- - TradFi, Meet DeFi: Breaking Down the Economics of DeFi Hacks
- - ETH 2 Proof-of-Stake: What Devs Need to Know
- - The Auditooor Grindset
2023
- - Finding a Critical Vulnerability in Astar
- - Paradigm CTF 2023 Challenges
- - CSPRNGs: How to Properly Generate Random Numbers
- - ERC-4337 Primer: What You Need to Know
- - Browsing for Bugs: Finding and Reporting a $3M Bug in Premia Finance
- - Intro to Zero-Knowledge: A Guided Tour of the ZK Landscape, Part 2
- - How (Not) to Create a DeFi CDP or Lending Protocol
- - Exploring Cairo: A Security Primer
- - Your Sandwich Is My Lunch: How to Drain MEV Contracts V2
- - Algebraic Attacks on ZK-Friendly Hash Functions
- - Intro to Zero-Knowledge: A Guided Tour of the ZK Landscape, Part 1
- - Exploring ERC-4626: A Security Primer
- - ZK-Friendly Hash Functions
- - The Billion Dollar Bug: Finding and Fixing a Critical Issue in the Move Bytecode Verifier
- - Top 10 Most Common Bugs In Your Aptos Move Contract
- - Announcing Smart Contract Fiesta: A Treasure Trove of Ethereum Smart Contracts
- - How Does Tornado Cash Work?
- - SafeMoon Exploit Explained
- - Can ChatGPT Audit Smart Contracts?
- - Euler Finance Exploit Analysis
- - Exploring Cosmos: A Security Primer
2024
- - Far From Random: Three Mistakes From Dart/Flutter's Weak PRNG
- - Masamune: The Smart Contract Security Search Tool
- - Web3 Ping of Death: Finding and Fixing a Chain-Halting Vulnerability in NEAR
- - Two Vulnerabilities in gnark's Groth16 Proofs
- - Why We Acquired Code4rena
- - Introducing Movetool: A Move Bytecode Disassembler
- - New Key-Recovery Attacks Against FHE
- - SOLP: A Stand-alone Solidity Analysis Library
- - How Is Groq So Fast? An Overview of Groq's TSP Architecture
- - Issues in Certain Forks of Gains Network
- - Signal's Usernames and Ristretto Hashes
- - Zellic Wins $1M From DARPA in the AI Cyber Challenge
- - How Do MPC Wallets Work?
- - How Does Zcash Work?
- - Breaking Down the Puzzles in ZK Hack IV
- - MPC From Scratch: Everyone Can Do it!
- - What Is a ZK Audit?
- - What Are Elliptic Curve Pairings?
2025
- - Introducing V12
- - You’re Probably Using WebViews Wrong: Common Security Pitfalls for Mobile Developers
- - Introducing Polocolo: A ZK-Friendly Hash Function for PLONK with Lookup (Part 1)
- - What Are BLS Signatures and How Do They Work?
- - Code4rena will run audit contests for free
- - Enumerating All 69,788,231 Ethereum Contracts
- - TON Security Primer: Part 1
- - Choosing an Audit Competition: How to Spot Snake Oil
- - Building with Bitcoin: A Survey of the Use of Its Scripting System Across Projects
- - Choosing a DeFi Protocol: Risks, Red Flags, and Recommendations
- - Breaking Down the Puzzles in ZK Hack V
- - EVM Trackooor: Tracking Anything and Everything on EVM Chains