Blog
Security research, vulnerability analysis, and product updates.
Smart Contract Upgrade Safety: Proxy Patterns and Their Pitfalls
Upgradeable contracts let you fix bugs after deployment. They also let you introduce new ones. Here are the proxy patterns, their trade-offs, and the specific mistakes that cause storage corruption, bricked contracts, and stolen funds.
Reentrancy in 2026: The Bug That Refuses to Die
Ten years after The DAO hack, reentrancy is still draining protocols. The classic variant is well-understood. The modern variants are not. Here is what reentrancy looks like in 2026.
Smart Contract Testing: What Your Test Suite Is Missing
Your tests pass. Your contracts still get drained. Here is why: most test suites verify the happy path and skip the exact conditions attackers exploit.
EVM Smart Contract Security: The Developer's Practical Guide
Billions lost. Mostly to the same handful of bugs. Here is the complete practical guide to EVM smart contract security: what the vulnerabilities are, why they happen, and how to prevent them.
LST/LRT Oracle Pricing: The Pattern Behind $100M+ in DeFi Losses
The same misconfiguration pattern has drained protocols multiple times. LST and LRT price composition is not complicated, but getting it wrong is catastrophic.
Vibe Coding Smart Contracts: What Could Go Wrong?
AI coding assistants write fast, confident code. Smart contracts hold real money. That combination has a growing track record of going badly wrong.