Blog

Security research, vulnerability analysis, and product updates.

Allai-securityanchorannouncementsbest-practicescosmoscosmwasmdefievmexploit-teardownmultisignorth-koreaoracleproductrustsecuritysolanasoliditysupply-chainvulnerability-class
EVM Smart Contract Security: The Developer's Practical Guide
|Odin Scan Team

EVM Smart Contract Security: The Developer's Practical Guide

Billions lost. Mostly to the same handful of bugs. Here is the complete practical guide to EVM smart contract security: what the vulnerabilities are, why they happen, and how to prevent them.

evmsoliditysecurity
Solana Smart Contract Security: The Complete Guide for Anchor Developers
|Odin Scan Team

Solana Smart Contract Security: The Complete Guide for Anchor Developers

Anchor's macro system handles a lot. Not everything. Here are the vulnerabilities Solana programs still ship with regularly, and how to prevent them.

solanaanchorsecurity
CosmWasm Security: The 8 Most Common Vulnerabilities
|Odin Scan Team

CosmWasm Security: The 8 Most Common Vulnerabilities

CosmWasm contracts are written in Rust, which eliminates entire classes of bugs. But the ones that remain are subtle, Cosmos-specific, and routinely missed. Here are the eight patterns that show up most often in real audits.

cosmwasmsecurityrust
LST/LRT Oracle Pricing: The Pattern Behind $100M+ in DeFi Losses
|Odin Scan Team

LST/LRT Oracle Pricing: The Pattern Behind $100M+ in DeFi Losses

The same misconfiguration pattern has drained protocols multiple times. LST and LRT price composition is not complicated, but getting it wrong is catastrophic.

oracleevmdefi