Skip to content

Blog

Use this space to tell everyone about what you have to offer.

Research

All
Security Insights
Development Insights
Security Audits
    Filters Filters
    Sort Sort
    Square view
    List view
    The Notorious Bug Digest #4: Deflationary Token Risks, ERC4626 Override Gaps, and Rust Shift Overflows
    The Notorious Bug Digest #4: Deflationary Token Risks, ERC4626 Override Gaps, and Rust Shift Overflows
    Security Insights · August 6, 2025
    Inside ZKStack's Crosschain Architecture — Part I: A Deep Dive into Merkle Tree Hierarchies
    Inside ZKStack's Crosschain Architecture — Part I: A Deep Dive into Merkle Tree Hierarchies
    Security Insights · July 17, 2025
    Testing Arbitrum Stylus Smart Contracts with Motsu
    Testing Arbitrum Stylus Smart Contracts with Motsu
    Security Insights · June 26, 2025
    6 Questions To Ask Before Writing a Uniswap v4 Hook
    6 Questions To Ask Before Writing a Uniswap v4 Hook
    Security Insights · June 10, 2025
    The Notorious Bug Digest #3
    The Notorious Bug Digest #3
    Security Insights · June 2, 2025
    A Developer’s Guide to Building Safe Noir Circuits
    A Developer’s Guide to Building Safe Noir Circuits
    Security Insights · March 26, 2025
    The Notorious Bug Digest #2
    The Notorious Bug Digest #2
    Security Insights · March 18, 2025
    The Notorious Bug Digest #1
    The Notorious Bug Digest #1
    Security Insights · February 19, 2025
    Poseidon go brr with Stylus: Cryptographic functions are 18x more gas-efficient via Rust on Arbitrum
    Poseidon go brr with Stylus: Cryptographic functions are 18x more gas-efficient via Rust on Arbitrum
    Security Insights · February 10, 2025
    ZK-SNARKS & The Last Challenge Attack: Mind Your Fiat-Shamir!
    ZK-SNARKS & The Last Challenge Attack: Mind Your Fiat-Shamir!
    Security Insights · December 14, 2023
    Arbitrary Address Spoofing Attack: ERC2771Context Multicall Public Disclosure
    Arbitrary Address Spoofing Attack: ERC2771Context Multicall Public Disclosure
    Security Insights · December 7, 2023
    OpenZeppelin Security Analysis: UniswapX
    OpenZeppelin Security Analysis: UniswapX
    Security Insights · October 10, 2023
    OpenZeppelin Security Report: Top Security Incidents and Insights from April - June 2023
    OpenZeppelin Security Report: Top Security Incidents and Insights from April - June 2023
    Security Insights · July 27, 2023
    Security Report: Top Incidents and Insights from April - June 2023
    Security Report: Top Incidents and Insights from April - June 2023
    Security Insights · July 27, 2023
    Auditing Like A Pro With Nikesh Nazareth
    Auditing Like A Pro With Nikesh Nazareth
    Security Insights · June 28, 2023
    Auditing Like A Pro With Nikesh Nazareth
    Auditing Like A Pro With Nikesh Nazareth
    Security Insights · June 28, 2023
    Incident Response in Web3: Balancing Speed, Values, and Security
    Incident Response in Web3: Balancing Speed, Values, and Security
    Security Insights · June 15, 2023
    Cryptography 101: Building Blocks for Blockchain Security
    Cryptography 101: Building Blocks for Blockchain Security
    Security Insights · June 15, 2023
    Cryptography 101: Building Blocks for Blockchain Security
    Cryptography 101: Building Blocks for Blockchain Security
    Security Insights · June 15, 2023
    Incident Response in Web3: Balancing Speed, Values, and Security
    Incident Response in Web3: Balancing Speed, Values, and Security
    Security Insights · June 15, 2023
    ChatGPT vs Ethernaut
    ChatGPT vs Ethernaut
    Security Insights · June 1, 2023
    ChatGPT vs Ethernaut
    ChatGPT vs Ethernaut
    Security Insights · June 1, 2023
    Account Abstraction's Impact on Security and User Experience
    Account Abstraction's Impact on Security and User Experience
    Security Insights · May 23, 2023
    Account Abstraction's Impact on Security and User Experience
    Account Abstraction's Impact on Security and User Experience
    Security Insights · May 23, 2023
    Defining Industry Standards for Custom Error Messages
    Defining Industry Standards for Custom Error Messages
    Security Insights · January 4, 2023
    Defining Industry Standards for Custom Error Messages
    Defining Industry Standards for Custom Error Messages
    Security Insights · January 4, 2023
    $15B Rugpull Vuln. in Convex Finance protocol Uncovered and Resolved
    $15B Rugpull Vuln. in Convex Finance protocol Uncovered and Resolved
    Security Insights · April 4, 2022
    ANZ Bank's $30 million stablecoin transaction secured by OpenZeppelin
    ANZ Bank's $30 million stablecoin transaction secured by OpenZeppelin
    Security Insights · March 31, 2022
    Introducing OpenZeppelin Subgraphs
    Introducing OpenZeppelin Subgraphs
    Security Insights · July 16, 2021
    Admin Accounts and Multisigs
    Admin Accounts and Multisigs
    Security Insights · March 21, 2021
    GST2 Bytecode Deep Dive
    GST2 Bytecode Deep Dive
    Security Insights · March 18, 2021
    GST2 Bytecode Deep Dive
    GST2 Bytecode Deep Dive
    Security Insights · March 18, 2021
    Fundamentals of Gas Tokens
    Fundamentals of Gas Tokens
    Security Insights · March 15, 2021
    An Introduction to Decentralized DevSecOps
    An Introduction to Decentralized DevSecOps
    Security Insights · February 17, 2021
    An Introduction to Decentralized DevSecOps
    An Introduction to Decentralized DevSecOps
    Security Insights · February 17, 2021
    The State of Smart Contract Upgrades
    The State of Smart Contract Upgrades
    Security Insights · October 6, 2020
    The State of Smart Contract Upgrades
    The State of Smart Contract Upgrades
    Security Insights · October 6, 2020
    Flash-Mintable Asset-Backed Tokens
    Flash-Mintable Asset-Backed Tokens
    Security Insights · June 24, 2020
    Argent Audit Technical Report
    Argent Audit Technical Report
    Security Insights · June 18, 2020
    DeFi Reflections on Hackers and Viruses
    DeFi Reflections on Hackers and Viruses
    Security Insights · April 28, 2020
    What is DeFi? An Introduction to Decentralized Finance
    What is DeFi? An Introduction to Decentralized Finance
    Security Insights · April 3, 2020
    Backdooring Gnosis Safe Multisig wallets
    Backdooring Gnosis Safe Multisig wallets
    Security Insights · March 12, 2020
    Flash Loans and the Advent of Episodic Finance
    Flash Loans and the Advent of Episodic Finance
    Security Insights · March 2, 2020
    Aave Protocol Audit Summary
    Aave Protocol Audit Summary
    Security Insights · January 15, 2020
    A Year of Research at OpenZeppelin
    A Year of Research at OpenZeppelin
    Security Insights · December 18, 2019
    Review Summary of Bounties Network
    Review Summary of Bounties Network
    Security Insights · December 6, 2019
    Changing the feedback experience using positive psychology
    Changing the feedback experience using positive psychology
    Security Insights · December 2, 2019
    Reentrancy After Istanbul
    Reentrancy After Istanbul
    Security Insights · November 12, 2019
    GSN: The Ultimate Ethereum Onboarding Solution
    GSN: The Ultimate Ethereum Onboarding Solution
    Security Insights · August 6, 2019
    Getting the most out of CREATE2
    Getting the most out of CREATE2
    Security Insights · June 3, 2019
    Sign it like you mean it: creating and verifying Ethereum signatures
    Sign it like you mean it: creating and verifying Ethereum signatures
    Security Insights · May 19, 2019
    Technical Description of Critical Vulnerability in MakerDAO Governance
    Technical Description of Critical Vulnerability in MakerDAO Governance
    Security Insights · May 9, 2019
    MakerDAO Critical Vulnerability Notice
    MakerDAO Critical Vulnerability Notice
    Security Insights · May 6, 2019
    A new wave of applications
    A new wave of applications
    Security Insights · February 11, 2019
    Building Blocks
    Building Blocks
    Security Insights · February 8, 2019
    Building Blocks
    Building Blocks
    Security Insights · February 8, 2019
    Follow this quality checklist before an audit
    Follow this quality checklist before an audit
    Security Insights · February 5, 2019
    Testing real-world contract upgrades
    Testing real-world contract upgrades
    Security Insights · February 4, 2019
    EVM package deployment with ZeppelinOS—Part II
    EVM package deployment with ZeppelinOS—Part II
    Security Insights · January 28, 2019
    EVM package deployment with ZeppelinOS—Part II
    EVM package deployment with ZeppelinOS—Part II
    Security Insights · January 28, 2019
    State of EVM Packages – End of 2018
    State of EVM Packages – End of 2018
    Security Insights · December 21, 2018
    State of EVM Packages – End of 2018
    State of EVM Packages – End of 2018
    Security Insights · December 21, 2018
    Toward a secure code ecosystem
    Toward a secure code ecosystem
    Security Insights · November 28, 2018
    Toward a secure code ecosystem
    Toward a secure code ecosystem
    Security Insights · November 28, 2018
    Deconstructing a Solidity Contract — Part VI: The Metadata Hash
    Deconstructing a Solidity Contract — Part VI: The Metadata Hash
    Security Insights · September 28, 2018
    Deconstructing a Solidity Contract — Part VI: The Metadata Hash
    Deconstructing a Solidity Contract — Part VI: The Metadata Hash
    Security Insights · September 28, 2018
    Deconstructing a Solidity Contract  - Part VI: The Metadata Hash
    Deconstructing a Solidity Contract  - Part VI: The Metadata Hash
    Security Insights · September 28, 2018
    Compliant Decentralization?: Exploring an Approach to Utility Token Distribution
    Compliant Decentralization?: Exploring an Approach to Utility Token Distribution
    Security Insights · September 6, 2018
    Deconstructing a Solidity Contract - Part III: The Function Selector
    Deconstructing a Solidity Contract - Part III: The Function Selector
    Security Insights · September 5, 2018
    Deconstructing a Solidity Contract — Part III: The Function Selector
    Deconstructing a Solidity Contract — Part III: The Function Selector
    Security Insights · September 5, 2018
    Deconstructing a Solidity Contract —Part I: Introduction
    Deconstructing a Solidity Contract —Part I: Introduction
    Security Insights · August 13, 2018
    Deconstructing a Solidity Contract - Part II: Creation vs. Runtime
    Deconstructing a Solidity Contract - Part II: Creation vs. Runtime
    Security Insights · August 13, 2018
    Deconstructing a Solidity Smart Contract - Part 1: Introduction
    Deconstructing a Solidity Smart Contract - Part 1: Introduction
    Security Insights · August 13, 2018
    Deconstructing a Solidity Contract — Part II: Creation vs. Runtime
    Deconstructing a Solidity Contract — Part II: Creation vs. Runtime
    Security Insights · August 13, 2018
    Ethereum in Depth, Part 2
    Ethereum in Depth, Part 2
    Security Insights · July 24, 2018
    Ethereum in Depth, Part 1
    Ethereum in Depth, Part 1
    Security Insights · May 11, 2018
    Ethereum in Depth, Part 1
    Ethereum in Depth, Part 1
    Security Insights · May 11, 2018
    On crowdsales and multiple inheritance
    On crowdsales and multiple inheritance
    Security Insights · April 8, 2018
    On crowdsales and multiple inheritance
    On crowdsales and multiple inheritance
    Security Insights · April 8, 2018
    Smart Contract Upgradeability using Eternal Storage
    Smart Contract Upgradeability using Eternal Storage
    Security Insights · January 19, 2018
    How We Can Improve the Structure of Founder’s Tokens
    How We Can Improve the Structure of Founder’s Tokens
    Security Insights · December 12, 2017
    How We Can Improve the Structure of Founder’s Tokens
    How We Can Improve the Structure of Founder’s Tokens
    Security Insights · December 12, 2017
    Designing the architecture for your Ethereum application
    Designing the architecture for your Ethereum application
    Security Insights · November 21, 2017
    Designing the architecture for your Ethereum application
    Designing the architecture for your Ethereum application
    Security Insights · November 21, 2017
    A Gentle Introduction to Ethereum Programming, Part 2
    A Gentle Introduction to Ethereum Programming, Part 2
    Security Insights · November 17, 2017
    A Gentle Introduction to Ethereum Programming, Part 1
    A Gentle Introduction to Ethereum Programming, Part 1
    Security Insights · November 14, 2017
    Evolution of Smart Contract Security in the Ethereum Ecosystem
    Evolution of Smart Contract Security in the Ethereum Ecosystem
    Security Insights · November 2, 2017
    Evolution of Smart Contract Security in the Ethereum Ecosystem
    Evolution of Smart Contract Security in the Ethereum Ecosystem
    Security Insights · November 2, 2017
    Thin Protocols
    Thin Protocols
    Security Insights · October 3, 2017
    Thin Protocols
    Thin Protocols
    Security Insights · October 3, 2017
    The Parity Wallet Hack Explained
    The Parity Wallet Hack Explained
    Security Insights · July 19, 2017
    The 4 Stages of a Token Sale
    The 4 Stages of a Token Sale
    Security Insights · June 7, 2017
    The 4 Stages of a Token Sale
    The 4 Stages of a Token Sale
    Security Insights · June 7, 2017
    Handling Crowdsale Funds Securely
    Handling Crowdsale Funds Securely
    Security Insights · June 2, 2017
    Handling Crowdsale Funds Securely
    Handling Crowdsale Funds Securely
    Security Insights · June 2, 2017
    Handling Crowdsale Funds Securely
    Handling Crowdsale Funds Securely
    Security Insights · June 2, 2017
    HackerGold Bug Analysis
    HackerGold Bug Analysis
    Security Insights · January 9, 2017
    On Tokens and Crowdsales: 4 Challenges and How to Tackle Them
    On Tokens and Crowdsales: 4 Challenges and How to Tackle Them
    Security Insights · October 28, 2016
    Open Zeppelin and Ethereum
    Open Zeppelin and Ethereum
    Security Insights · October 11, 2016
    Open Zeppelin and Ethereum
    Open Zeppelin and Ethereum
    Security Insights · October 11, 2016
    15 lines of code that could have prevented TheDAO Hack
    15 lines of code that could have prevented TheDAO Hack
    Security Insights · October 5, 2016
    The Ugly Truth About Blockchain Applications
    The Ugly Truth About Blockchain Applications
    Security Insights · September 29, 2016
    The Ugly Truth About Blockchain Applications
    The Ugly Truth About Blockchain Applications
    Security Insights · September 29, 2016
    The Hitchhiker’s Guide to Smart Contracts in Ethereum
    The Hitchhiker’s Guide to Smart Contracts in Ethereum
    Security Insights · July 29, 2016
    The Hitchhiker’s Guide to Smart Contracts in Ethereum
    The Hitchhiker’s Guide to Smart Contracts in Ethereum
    Security Insights · July 29, 2016
    Smart Contracts You Already Signed
    Smart Contracts You Already Signed
    Security Insights · July 22, 2016
    Smart Contracts You Already Signed
    Smart Contracts You Already Signed
    Security Insights · July 22, 2016
    v2 Strengthening DeFi: OpenZeppelin and Compound's Security Partnership in 2024 (Clone)
    v2 Strengthening DeFi: OpenZeppelin and Compound's Security Partnership in 2024 (Clone)
    Security Insights · January 1, 1970
    View more View more