Blog Posts TaggedSmart Contract

The owner of $TIP is an EOA address holding 65% of tokens, here are some centralization risks you should care.

Earning.Farm fell victim to smart contract logic vulnerability, suffering loss of approximately 288 ETH.

The reentrancy attack on Curve Finance serves as a regrettable security incident and a thought-provoking lesson.

In this analysis, we will examine one of the core contracts of iZiFinance and identify a simple way to reduce gas consumption by eliminating a redundant expression.

Attacker exploited a vulnerability in the Biswap V3Migrator contract on BSC and stole about $144,000 worth of tokens

We've checked Onchain Trade's smart contract and found out there are potential vulnerabilities and centralization risks on token staking, rewarding and trading.

$UN on BSC was attacked by the flash loan with a loss of $26,000

We evaluate and compare seven free or open-source Static Application Security Testing (SAST) tools for Java. The post highlights the importance of SAST tools in detecting security vulnerabilities in software development and provides insights into improving the detection capabilities of these tools.

The study analyzed 20,000 Rust packages and their dependencies to understand vulnerability propagation in the Cargo package ecosystem. Accurately calculating affected versions reduces false positives, and version ranges are not always reliable indicators. Challenges faced include a lack of security awareness and incentives for package maintainers. The study recommends improving package review mechanisms, providing incentives for security, and implementing security governance strategies to reduce the risk of software supply chain attacks.

OpenAI announced on March 24th that a weakness in the Redis client open-source library, redis-py, was responsible for the data breach. In addition to performing a thorough security assessment of smart contract code, MetaScan's Open Source Analyzer is specifically designed to pinpoint vulnerabilities in the open source software components utilized in the project.