A collection of writeups and other thoughts
Most people trust, but how many people verify?
Too much raw fish doesn’t make a better roll of sushi
The only thing worse than a bug in your code that breaks everything is a bug in your code that subtly breaks one thing
This is how an attacker could have hid a ticking time bomb on the Ethereum blockchain that, when triggered, would hard fork the entire network
What does it take to find a bug? What about one in a contract that's survived the test of time?
A guided walkthrough for swap, the hardest challenge in Paradigm CTF 2021
In a consensus protocol, the simplest mistake could have devastating effects.
Everything you need to know about price oracles and how to use them safely
A reflection on my transition from Trail of Bits to Paradigm
On September 15, 2020, a small group of people worked through the night to rescue over 9.6MM USD from a vulnerable smart contract. This is our story.
2017 was fun. Let's never do it again.
Price manipulation, now with 100% more blockchain
What happens when good intentions go bad?
An in-depth look at how 0x's Exchange contract was vulnerable
A second CTF from ConsenSys Diligence. The solution is a blast from the past.
A writeup for the ConsenSys CTF "Ethereum Sandbox"
I read a great blog post by @CapacitorSet and @denysvitali about discovering a RCE vulnerability in math.js and thought I'd give it a shot as well.