CU optimizations come with risks. This post details a critical bug we found in p-token before mainnet, subtle enough to survive in a heavily scrutinized codebase.
Relay Protocol's contracts trusted Ed25519 verification without validating offsets, opening the door to forged allocator signatures and potential double-spends. Learn about the bug, the risks it posed to cross-chain liquidity, and how the issue was addressed.
A new instruction broke the flash loan logic, creating a way to borrow without repaying and putting $160M at risk. We explain the vulnerability, potential impact, and how it was fixed.
In this post, we describe a vulnerability in Heimdall, the validator software of the Polygon Proof-of-Stake (PoS) blockchain. This flaw, if exploited, could have allowed a rogue/compromised validator to take over the Heimdall consensus layer and inject fraudulent events into the StakeSync mechanism.
Subscribe to be notified whenever we publish new security research.
