blockchain on The Trail of Bits Blog

Level up your Solidity LLM tooling with Slither-MCP

Sat, 15 Nov 2025 07:00:00 -0500

We’re releasing Slither-MCP, a new tool that augments LLMs with Slither’s unmatched static analysis engine.

Balancer hack analysis and guidance for the DeFi ecosystem

Fri, 07 Nov 2025 18:00:00 -0500

A retrospective on the $100M Balancer hack that occurred in November 2025, including long-term, strategic guidance on how to avoid similar bugs.

Use mutation testing to find the bugs your tests don't catch

Thu, 18 Sep 2025 07:00:00 -0400

Mutation testing reveals blind spots in test suites by systematically introducing bugs and checking if tests catch them. Blockchain developers should use mutation testing to measure the effectiveness of their test suites and find bugs that traditional testing can miss.

How Sui Move rethinks flash loan security

Wed, 10 Sep 2025 07:00:00 -0400

Sui’s Move language significantly improves flash loan security by replacing Solidity’s reliance on callbacks and runtime checks with a “hot potato” model that enforces repayment at the language level. This shift makes flash loan security a language guarantee rather than a developer responsibility.

Safer cold storage on Ethereum

Fri, 05 Sep 2025 07:00:00 -0400

By using smart contract programmability, exchanges can build custody solutions that remain secure even when multisig keys are compromised.

Implement EIP-7730 today

Wed, 27 Aug 2025 07:00:00 -0400

EIP-7730 enables hardware wallets to decode transactions into human-readable formats, eliminating blind signing vulnerabilities with minimal implementation effort for dApp developers.

Inside EthCC[8]: Becoming a smart contract auditor

Wed, 23 Jul 2025 07:00:00 -0400

At EthCC[8], Trail of Bits blockchain security engineer Nicolas Donboly laid out a clear, actionable path for aspiring smart contract auditors, drawing from his own experience transitioning from a non-technical background into a leading security role.

Maturing your smart contracts beyond private key risk

Tue, 24 Jun 2025 07:00:00 -0400

Private key compromise accounted for 43.8% of crypto hacks in 2024, yet traditional smart contract audits rarely address architectural access control weaknesses. This post introduces a four-level maturity framework for designing protocols that can tolerate key compromise, progressing from single EOA control to radical immutability, with practical examples demonstrating multisigs, timelocks, and the principle of least privilege.

The Custodial Stablecoin Rekt Test

Thu, 29 May 2025 00:00:00 -0400

Introducing the Custodial Stablecoin Rekt Test; a new spin on the classic Rekt Test for evaluating the security maturity of stablecoin issuers.

How Threat Modeling Could Have Prevented the $1.5B Bybit Hack

Tue, 25 Feb 2025 00:00:00 -0500

Learn how comprehensive threat modeling could have identified the operational security gaps that led to Bybit’s $1.5B hack and prevented similar breaches.

The $1.5B Bybit Hack: The Era of Operational Security Failures Has Arrived

Fri, 21 Feb 2025 00:00:00 -0500

The $1.5B Bybit Hack demonstrates how the Era of Operational Security Failures has arrived, and most cryptocurrency companies are not prepared for its implications.

Unleashing Medusa: Fast and scalable smart contract fuzzing

Fri, 14 Feb 2025 00:00:00 -0500

Introducing Medusa v1, a cutting-edge fuzzing framework designed to enhance smart contract security.

We’re partnering to strengthen TON’s DeFi ecosystem

Thu, 13 Feb 2025 09:00:03 -0500

TVM Ventures has selected Trail of Bits as its preferred security partner to strengthen the TON developer ecosystem. Through this partnership, we’ll lead the development of DeFi protocol standards and provide comprehensive security services to contest-winning projects deploying on TON. TVM Ventures will host ongoing developer contests where teams can showcase innovative applications that advance […]

The call for invariant-driven development

Wed, 12 Feb 2025 09:30:36 -0500

Writing smart contracts requires a higher level of security assurance than most other fields of software engineering. The industry has evolved from simple ERC20 tokens to complex, multi-component DeFi systems that leverage domain-specific algorithms and handle significant monetary value. This evolution has unlocked immense potential but has also introduced an escalating number […]

Preventing account takeover on centralized cryptocurrency exchanges in 2025

Wed, 05 Feb 2025 09:00:37 -0500

This blog post highlights key points from our new white paper Preventing Account Takeovers on Centralized Cryptocurrency Exchanges, which documents ATO-related attack vectors and defenses tailored to CEXes. Imagine trying to log in to your centralized cryptocurrency exchange (CEX) account and your password and username just… don’t work. You […]

Best practices for key derivation

Tue, 28 Jan 2025 09:00:18 -0500

Key derivation is essential in many cryptographic applications, including key exchange, key management, secure communications, and building robust cryptographic primitives. But it’s also easy to get wrong: although standard tools exist for different key derivation needs, our audits often uncover improper uses of these tools that could compromise key security. Flickr’s API […]

Celebrating our 2024 open-source contributions

Thu, 23 Jan 2025 09:00:30 -0500

While Trail of Bits is known for developing security tools like Slither, Medusa, and Fickling, our engineering efforts extend far beyond our own projects. Throughout 2024, our team has been deeply engaged with the broader security ecosystem, tackling challenges in open-source tools and infrastructure that security engineers rely on every day. This year, our engineers […]

Evaluating Solidity support in AI coding assistants

Tue, 19 Nov 2024 09:00:37 -0500

AI-enabled code assistants (like GitHub’s Copilot, Continue.dev, and Tabby) are making software development faster and more productive. Unfortunately, these tools are often bad at Solidity. So we decided to improve them! To make it easier to write, edit, and understand Solidity with AI-enabled tools, we have: Added support for Solidity into Tabby […]

Killing Filecoin nodes

Wed, 13 Nov 2024 06:00:12 -0500

In January, we identified and reported a vulnerability in the Lotus and Venus clients of the Filecoin network that allowed an attacker to remotely crash a node and trigger a denial of service. This issue is caused by an incorrect validation of an index, resulting in an index out-of-range panic. The vulnerability […]

Finding mispriced opcodes with fuzzing

Mon, 17 Jun 2024 09:00:43 -0400

Fuzzing—a testing technique that tries to find bugs by repeatedly executing test cases and mutating them—has traditionally been used to detect segmentation faults, buffer overflows, and other memory corruption vulnerabilities that are detectable through crashes. But it has additional uses you may not know about: given the right invariants, we can use […]

Using benchmarks to speed up Echidna

Wed, 08 May 2024 09:30:07 -0400

During my time as a Trail of Bits associate last summer, I worked on optimizing the performance of Echidna, Trail of Bits’ open-source smart contract fuzzer, written in Haskell. Through extensive use of profilers and other tools, I was able to pinpoint and debug a massive space leak in one of Echidna’s […]

Curvance: Invariants unleashed

Tue, 30 Apr 2024 09:30:43 -0400

Welcome to our deep dive into the world of invariant development with Curvance. We’ve been building invariants as part of regular code review assessments for more than 6 years now, but our work with Curvance marks our very first official invariant development project, in which developing and testing invariants is all we […]

Why fuzzing over formal verification?

Fri, 22 Mar 2024 09:00:28 -0400

We recently introduced our new offering, invariant development as a service. A recurring question that we are asked is, “Why fuzzing instead of formal verification?” And the answer is, “It’s complicated.” We use fuzzing for most of our audits but have used formal verification methods in the […]

Releasing the Attacknet: A new tool for finding bugs in blockchain nodes using chaos testing

Mon, 18 Mar 2024 09:00:59 -0400

Today, Trail of Bits is publishing Attacknet, a new tool that addresses the limitations of traditional runtime verification tools, built in collaboration with the Ethereum Foundation. Attacknet is intended to augment the EF’s current test methods by subjecting their execution and consensus clients to some of the most challenging network conditions […]

Secure your blockchain project from the start

Wed, 13 Mar 2024 09:00:45 -0400

Systemic security issues in blockchain projects often appear early in development. Without an initial focus on security, projects may choose flawed architectures or make insecure design or development choices that result in hard-to-maintain or vulnerable solutions. Traditional security reviews can be used to identify some security issues, but by the time they are complete, it […]

When try, try, try again leads to out-of-order execution bugs

Fri, 01 Mar 2024 07:00:42 -0500

Have you ever wondered how a rollup and its base chain—the chain that the rollup commits state checkpoints to—communicate and interact? How can a user with funds only on the base chain interact with contracts on the rollup? In Arbitrum Nitro, one way to call a method on a contract deployed on […]

Circomspect has been integrated into the Sindri CLI

Mon, 26 Feb 2024 09:00:02 -0500

Our tool Circomspect is now integrated into the Sindri command-line interface (CLI)! We designed Circomspect to help developers build Circom circuits more securely, particularly given the limited tooling support available for this novel programming framework. Integrating this tool into a development environment like that provided by Sindri is a significant step toward […]

Improving the state of Cosmos fuzzing

Mon, 05 Feb 2024 09:00:53 -0500

Cosmos is a platform enabling the creation of blockchains in Go (or other languages). Its reference implementation, Cosmos SDK, leverages strong fuzz testing extensively, following two approaches: smart fuzzing for low-level code, and dumb fuzzing for high-level simulation. In this blog post, we explain the differences between these approaches and show how […]

Celebrating our 2023 open-source contributions

Wed, 24 Jan 2024 09:00:22 -0500

At Trail of Bits, we pride ourselves on making our best tools open source, such as Slither, PolyTracker, and RPC Investigator. But while this post is about open source, it’s not about our tools… In 2023, our employees submitted over 450 pull requests (PRs) that were merged into non-Trail of Bits repositories. This demonstrates our […]

Billion times emptiness

Fri, 29 Dec 2023 09:00:51 -0500

Behind Ethereum’s powerful blockchain technology lies a lesser-known challenge that blockchain developers face: the intricacies of writing robust Ethereum ABI (Application Binary Interface) parsers. Ethereum’s ABI is critical to the blockchain’s infrastructure, enabling seamless interactions between smart contracts and external applications. The complexity of data types and the need for precise encoding […]

Introducing invariant development as a service

Thu, 05 Oct 2023 08:00:52 -0400

Understanding and rigorously testing system invariants are essential aspects of developing robust smart contracts. Invariants are facts about the protocol that should remain true no matter what happens. Defining and testing these invariants allows developers to prevent the introduction of bugs and make their code more robust in the long term. However, it is difficult […]

The Engineer’s Guide to Blockchain Finality

Wed, 23 Aug 2023 07:00:53 -0400

Many security-critical off-chain applications use a simple block delay to determine finality: the point at which a transaction becomes immutable in a blockchain’s ledger (and is impossible to “undo” without extreme economic cost). But this is inadequate for most networks, and can become a single point of failure for the centralized exchanges, […]

Can you pass the Rekt test?

Mon, 14 Aug 2023 04:00:50 -0400

One of the biggest challenges for blockchain developers is objectively assessing their security posture and measuring how it progresses. To address this issue, a working group of Web3 security experts, led by Trail of Bits CEO Dan Guido, met earlier this year to create a simple test for profiling the security of blockchain teams. We […]

A mistake in the bulletproofs paper could have led to the theft of millions of dollars

Wed, 02 Aug 2023 07:00:30 -0400

We discovered a critical vulnerability in Incognito Chain that would allow an attacker to mint arbitrary tokens and drain user funds. Incognito offers confidential transactions through zero-knowledge proofs, so an attacker could have stolen millions of dollars of shielded funds without ever being detected or identified. The vulnerability stemmed from an insecure […]

Fuzzing on-chain contracts with Echidna

Fri, 21 Jul 2023 07:00:31 -0400

With the release of version 2.1.0 of Echidna, our fuzzing tool for Ethereum smart contracts, we’ve introduced new features for direct retrieval of on-chain data, such as contract code and storage slot values. This data can be used to fuzz deployed contracts in their on-chain state or to test […]

Evaluating blockchain security maturity

Fri, 14 Jul 2023 03:00:03 -0400

Holistic security reviews should reveal far more than simple bugs. Often, these bugs indicate deeper issues that can be challenging to understand and address. Given the time-boxed nature of reviews, security engineers may not have the opportunity to identify all bugs caused by these problems—and they may continue to […]

What we told the CFTC about blockchain threats

Wed, 12 Jul 2023 07:00:13 -0400

In March, I joined the Commodity Futures Trading Commission’s Technology Advisory Committee (TAC), helping the regulatory agency navigate the complexities of cybersecurity risks, particularly in emerging technologies like AI and blockchain. During the committee’s first meeting, I discussed how the rapidly changing and public nature of blockchain technology makes it uniquely susceptible […]

Differential fuzz testing upgradeable smart contracts with Diffusc

Fri, 07 Jul 2023 07:00:33 -0400

On March 28, 2023, SafeMoon, a self-styled “community-focused DeFi token” on Binance Smart Chain, lost the equivalent of $8.9 million in Binance Coin BNB to an exploit in a liquidity pool. The exploit leveraged a simple error introduced in an upgrade to SafeMoon’s SFM token contract, allowing the attacker to burn tokens held in the […]

What should governments consider when getting involved with blockchain?

Tue, 25 Apr 2023 07:00:57 -0400

Last September, Principal Security Engineer Dr. Evan Sultanik was on a panel hosted by the Naval Postgraduate School’s Distributed Consensus: Blockchain & Beyond (DC:BB) movement, where faculty and students there are seeking opportunities to learn and share knowledge, research, funding, and events focused on distributed consensus technologies. The panel of nine government, academia, and industry […]

Codex (and GPT-4) can’t beat humans on smart contract audits

Wed, 22 Mar 2023 07:00:49 -0400

Is artificial intelligence (AI) capable of powering software security audits? Over the last four months, we piloted a project called Toucan to find out. Toucan was intended to integrate OpenAI’s Codex into our Solidity auditing workflow. This experiment went far […]

Circomspect has more passes!

Tue, 21 Mar 2023 08:00:24 -0400

TL;DR: We have released version 0.8.0 of Circomspect, our static analyzer and linter for Circom. Since our initial release of Circomspect in September 2022, we have added five new analysis passes, support for tags, tuples, and anonymous components, links to in-depth descriptions of each identified issue, and squashed a […]

Reusable properties for Ethereum contracts

Mon, 27 Feb 2023 08:00:54 -0500

As smart contract security constantly evolves, property-based fuzzing has become a go-to technique for developers and security engineers. This technique relies on the creation of code properties – often called invariants – which describe what the code is supposed to do. To help the community define properties, we are releasing a set of 168 pre-built […]

Hybrid fuzzing: Sharpening the spikes of Echidna

Thu, 08 Dec 2022 08:00:36 -0500

Smart contract fuzzing is an effective bug-finding technique that is largely used at Trail Of Bits during audits. During my internship at Trail of Bits, I contributed to expand our fuzzing capabilities by working on Hybrid Echidna, a “hybrid fuzzer” that couples our smart contract fuzzer, Echidna, with […]

Porting the Solana eBPF JIT compiler to ARM64

Wed, 12 Oct 2022 08:00:55 -0400

Andrew Haberlandt During my summer internship at Trail of Bits, I worked on the fork of the RBPF JIT compiler that is used to execute Solana smart contracts. The RBPF JIT compiler plays a critical role on the Solana blockchain, as it facilitates the execution of contracts on validator nodes by default. Before my […]

Working on blockchains as a Trail of Bits intern

Wed, 05 Oct 2022 09:00:42 -0400

Earlier this year, I successfully completed my internship at Trail of Bits and secured a full-time position as a Blockchain Security Analyst. This post is not intended to be a technical description of the work I did during my internship. Rather, it is intended to describe my general experience as a […]

It pays to be Circomspect

Thu, 15 Sep 2022 00:00:43 -0400

In October 2019, a security researcher found a devastating vulnerability in Tornado.cash, a decentralized, non-custodial mixer on the Ethereum network. Tornado.cash uses zero-knowledge proofs (ZKPs) to allow its users to privately deposit and withdraw funds. The proofs are supposed to guarantee that each withdrawal can be matched against a […]

Using mutants to improve Slither

Wed, 17 Aug 2022 09:00:12 -0400

Improving static analysis tools can be hard; once you’ve implemented a good tool based on a useful representation of a program and added a large number of rules to detect problems, how do you further enhance the tool’s bug-finding power? One (necessary) approach to coming up with new rules […]

Shedding smart contract storage with Slither

Thu, 28 Jul 2022 09:00:07 -0400

You think you’ve found a critical bug in a Solidity smart contract that, if exploited, could drain a widely used cryptocurrency exchange’s funds. To confirm that it’s really a bug, you need to figure out the value at an obscure storage slot that has no getter method. Adrenaline courses […]

Managing risk in blockchain deployments

Fri, 24 Jun 2022 09:00:09 -0400

Do you need a blockchain? And if so, what kind? Trail of Bits has released an operational risk assessment report on blockchain technology. As more businesses consider the innovative advantages of blockchains and, more generally, distributed ledger technologies (DLT), executives must decide whether and how to adopt them. Organizations adopting these systems must understand and […]

Are blockchains decentralized?

Tue, 21 Jun 2022 05:00:39 -0400

A new Trail of Bits research report examines unintended centralities in distributed ledgers Blockchains can help push the boundaries of current technology in useful ways. However, to make good risk decisions involving exciting and innovative technologies, people need demonstrable facts that are arrived at through reproducible methods and open data. We believe the risks inherent […]

Optimizing a smart contract fuzzer

Wed, 02 Mar 2022 07:00:33 -0500

During my winternship, I applied code analysis tools, such as GHC’s Haskell profiler, to improve the efficiency of the Echidna smart contract fuzzer. As a result, Echidna is now over six times faster! Echidna overview To use Echidna, users provide smart contracts and a list of conditions that should be satisfied no […]

Solar: Context-free, interactive analysis for Solidity

Fri, 02 Apr 2021 00:52:39 -0400

We’re hiring for our Research + Engineering team! By Aaron Yoo, University of California, Los Angeles As an intern at Trail of Bits, I worked on Solar, a proof-of-concept static analysis framework. Solar is unique because it enables context-free interactive analysis of Solidity smart contracts. A user can direct Solar to explore program paths (e.g., […]

A Year in the Life of a Compiler Fuzzing Campaign

Tue, 23 Mar 2021 11:00:37 -0400

In the summer of 2020, we described our work fuzzing the Solidity compiler, solc. So now we’d like to revisit this project, since fuzzing campaigns tend to “saturate,” finding fewer new results over time. Did Solidity fuzzing run out of gas? Is fuzzing a high-stakes project worthwhile, especially if […]

Confessions of a smart contract paper reviewer

Fri, 05 Feb 2021 06:59:10 -0500

If you’re thinking of writing a paper describing an exciting novel approach to smart contract analysis and want to know what reviewers will be looking for, you’ve come to the right place. Deadlines for many big conferences (ISSTA tool papers, ASE, FSE, etc.) are approaching, as is our own Workshop on Smart Contract Analysis, so […]

Breaking Aave Upgradeability

Wed, 16 Dec 2020 11:01:55 -0500

On December 3rd, Aave deployed version 2 of their codebase. While we were not hired to look at the code, we briefly reviewed it the following day. We quickly discovered a vulnerability that affected versions 1 and 2 of the live contracts and reported the issue. Within an hour of sending our analysis to Aave, […]

Good idea, bad design: How the Diamond standard falls short

Fri, 30 Oct 2020 13:19:18 -0400

TL;DR: We audited an implementation of the Diamond standard proposal for contract upgradeability and can’t recommend it in its current form—but see our recommendations and upgrade strategy guidance. We recently audited an implementation of the Diamond standard code, a new upgradeability pattern. It’s a laudable undertaking, but the Diamond proposal and implementation raise many concerns. […]

Using Echidna to test a smart contract library

Mon, 17 Aug 2020 07:00:17 -0400

In this post, we’ll show you how to test your smart contracts with the Echidna fuzzer. In particular, you’ll see how to: Find a bug we discovered during the Set Protocol audit using a variation of differential fuzzing, and Specify and check useful properties for your own smart contract libraries. And we’ll demonstrate how to […]

Accidentally stepping on a DeFi lego

Wed, 05 Aug 2020 07:00:03 -0400

The initial release of yVault contained logic for computing the price of yUSDC that could be manipulated by an attacker to drain most (if not all) of the pool’s assets. Fortunately, Andre, the developer, reacted incredibly quickly and disabled the faulty code, securing the approximately 400,000 USD held at the time. However, this bug still […]

Contract verification made easier

Sun, 12 Jul 2020 15:00:46 -0400

Smart contract authors can now express security properties in the same language they use to write their code (Solidity) and our new tool, manticore-verifier, will automatically verify those invariants. Even better, Echidna and Manticore share the same format for specifying property tests. In other words, smart contract authors can now write one property test and […]

Upgradeable contracts made safer with Crytic

Fri, 12 Jun 2020 07:50:52 -0400

Upgradeable contracts are not as safe as you think. Architectures for upgradeability can be flawed, locking contracts, losing data, or sabotaging your ability to recover from an incident. Every contract upgrade must be carefully reviewed to avoid catastrophic mistakes. The most common delegatecall proxy comes with drawbacks that we’ve catalogued before. Crytic now includes a […]

Breaking the Solidity Compiler with a Fuzzer

Fri, 05 Jun 2020 07:50:24 -0400

Over the last few months, we’ve been fuzzing solc, the standard Solidity smart contract compiler, and we’ve racked up almost 20 (now mostly fixed) new bugs. A few of these are duplicates of existing bugs with slightly different symptoms or triggers, but the vast majority are previously unreported bugs in the compiler. This has been […]

Bug Hunting with Crytic

Fri, 15 May 2020 07:50:31 -0400

Crytic, our Github app for discovering smart contract flaws, is kind of a big deal: It detects security issues without human intervention, providing continuous assurance while you work and securing your codebase before deployment. Crytic finds many bugs no other tools can detect, including some that are not widely known. Right now, Crytic has 90+ […]

Announcing the 1st International Workshop on Smart Contract Analysis

Thu, 23 Apr 2020 07:50:29 -0400

At Trail of Bits we do more than just security audits: We also push the boundaries of research in vulnerability detection tools, regularly present our work in academic conferences, and review interesting papers from other researchers (see our recent Real World Crypto and Financial Crypto recaps). In this spirit, we and Northern Arizona University are […]

An Echidna for all Seasons

Mon, 30 Mar 2020 07:00:46 -0400

TL;DR: We have improved Echidna with tons of new features and enhancements since it was released—and there’s more to come. Two years ago, we open-sourced Echidna, our property-based smart contract fuzzer. Echidna is one of the tools we use most in smart contract assessments. According to our records, Echidna was used in about 35% of […]

Financial Cryptography 2020 Recap

Wed, 18 Mar 2020 07:50:32 -0400

A few weeks ago, we went to the 24th Financial Cryptography (FC) conference and the Workshop on Trusted Smart Contracts (WTSC), where we presented our work on smart contract bug categorization (see our executive summary) and a poster on Echidna. Although FC is not a blockchain conference, it featured several blockchain-oriented presentations this year and […]

Our Full Report on the Voatz Mobile Voting Platform

Fri, 13 Mar 2020 07:52:37 -0400

Voatz allows voters to cast their ballots from any geographic location on supported mobile devices. Its mobile voting platform is under increasing public scrutiny for security vulnerabilities that could potentially invalidate an election. The issues are serious enough to attract inquiries from the Department of Homeland Security and Congress. However, there has been no comprehensive […]

Manticore discovers the ENS bug

Tue, 03 Mar 2020 14:21:52 -0500

The Ethereum Name Service (ENS) contract recently suffered from a critical bug that prompted a security advisory and a migration to a new contract (CVE-2020-5232). ENS allows users to associate online resources with human-readable names. As you might expect, it allows you to transfer and sell domain names. Specific details about the bug were in […]

Mainnet360: joint economic and security reviews with Prysm Group

Mon, 09 Dec 2019 07:00:52 -0500

On Monday, October 28th at the Crypto Economics Security Conference, Trail of Bits announced a new joint offering with Prysm Group: Mainnet360. Carefully designed to produce a comprehensive assessment of the security and economic elements of blockchain software, Mainnet360 gives teams a broader perspective that will allow them to build safer and more resilient systems. […]

Announcing the Crytic $10k Research Prize

Wed, 13 Nov 2019 07:00:35 -0500

At Trail of Bits, we make a significant effort to stay up to date with the academic world. We frequently evaluate our work through peer-reviewed conferences, and we love to attend academic events (see our recent ICSE and Crypto recaps).

Formal Analysis of the CBC Casper Consensus Algorithm with TLA+

Fri, 25 Oct 2019 07:00:56 -0400

As a summer intern at Trail of Bits, I used the PlusCal and TLA+ formal specification languages to explore Ethereum’s CBC Casper consensus protocol and its Byzantine fault tolerance. This work was motivated by the Medium.com article Peer Review: CBC Casper by Muneeb Ali, Jude […]

Watch Your Language: Our First Vyper Audit

Thu, 24 Oct 2019 07:00:04 -0400

A lot of companies are working on Ethereum smart contracts, yet writing secure contracts remains a difficult task. You still have to avoid common pitfalls, compiler issues, and constantly check your code for recently discovered risks. A recurrent source of vulnerabilities comes from the early state of the programming languages available. Most developers are using […]

246 Findings From our Smart Contract Audits: An Executive Summary

Thu, 08 Aug 2019 06:50:40 -0400

Until now, smart contract security researchers (and developers) have been frustrated by limited information about the actual flaws that survive serious development efforts. That limitation increases the risk of making critical smart contracts vulnerable, misallocating resources for risk reduction, and missing opportunities to employ automated analysis tools. We’re changing that. Today, Trail of Bits is […]

Crytic: Continuous Assurance for Smart Contracts

Fri, 02 Aug 2019 06:50:36 -0400

Note: This blog has been reposted from Truffle Suite’s blog. We are proud to announce our new smart contract security product: https://crytic.io/. Crytic provides continuous assurance for smart contracts. The platform reports build status on every commit and runs a suite of security analyses for immediate feedback. The beta will be open soon. Follow us […]

On LibraBFT’s use of broadcasts

Fri, 12 Jul 2019 06:50:24 -0400

LibraBFT is the Byzantine Fault Tolerant (BFT) consensus algorithm used by the recently released Libra cryptocurrency. LibraBFT is based on another BFT consensus algorithm called HotStuff. While some have noted the similarities between the two algorithms, they differ in some crucial respects. In this post we highlight one such difference: in LibraBFT, non-leaders perform broadcasts. […]

Avoiding Smart Contract “Gridlock” with Slither

Wed, 03 Jul 2019 14:42:53 -0400

A denial-of-service (DoS) vulnerability, dubbed ‘Gridlock,’ was publicly reported on July 1st in one of Edgeware’s smart contracts deployed on Ethereum. As much as $900 million worth of Ether may have been processed by this contract. Edgeware has since acknowledged and fixed the “fatal bug.” When we heard about Gridlock, we ran Slither on the […]

State of the Art Proof-of-Work: RandomX

Tue, 02 Jul 2019 06:50:11 -0400

RandomX is a new ASIC and GPU-resistant proof-of-work (PoW) algorithm originally developed for Monero, but potentially useful in any blockchain using PoW that wants to bias towards general purpose CPUs. Trail of Bits was contracted by Arweave to review this novel algorithm in a two person-week engagement and provide guidance on alternate parameter selection. But […]

Panicking the right way in Go

Wed, 26 Jun 2019 06:50:58 -0400

A common Go idiom is to (1) panic, (2) recover from the panic in a deferred function, and (3) continue on. In general, this is okay, so long there are no global state changes between the entry point to the function calling defer, and the point at which the panic occurs. Such global state changes […]

Trail of Bits @ ICSE 2019 – Recap

Wed, 19 Jun 2019 10:35:13 -0400

Three weeks ago, we presented our work on Slither at WETSEB, an ICSE workshop. ICSE is a top-tier academic conference, focused on software engineering. This edition of the event went very well. The organizers do their best to attract and engage industrials to the discussions. The conference had many talks in parallel. We wish we […]

Slither: The Leading Static Analyzer for Smart Contracts

Mon, 27 May 2019 06:30:58 -0400

We have published an academic paper on Slither, our static analysis framework for smart contracts, in the International Workshop on Emerging Trends in Software Engineering for Blockchain (WETSEB), colocated with ICSE. Our paper shows that Slither’s bug detection outperforms other static analysis tools for finding issues in smart contracts in terms of speed, robustness, and […]

Empire Hacking: Ethereum Edition 2

Fri, 18 Jan 2019 07:50:58 -0500

On December 12, over 150 attendees joined a special, half-day Empire Hacking to learn about pitfalls in smart contract security and how to avoid them. Thank you to everyone who came, to our superb speakers, and to BuzzFeed for hosting this meetup at their office. Watch the presentations again It’s hard to find such rich […]

10 Rules for the Secure Use of Cryptocurrency Hardware Wallets

Tue, 27 Nov 2018 06:50:43 -0500

Earlier this year, the Web3 Foundation (W3F) commissioned Trail of Bits for a security review and assessment of the risks in storing cryptocurrency. Everyone who owns cryptocurrency — from large institutions to individual enthusiasts — shares the W3F’s concerns. In service to the broader community, the W3F encouraged us to publish our recommendations for the […]

Return of the Blockchain Security Empire Hacking

Mon, 19 Nov 2018 11:20:10 -0500

Remember last December’s Empire Hacking? The one where we dedicated the event to sharing the best information about blockchain and smart contract security? Let’s do that again, and let’s make it a tradition; a half-day mini conference focused exclusively on a single topic every December. On December 12, please join us at Buzzfeed’s NYC offices […]

Trail of Bits @ Devcon IV Recap

Fri, 16 Nov 2018 06:50:22 -0500

We wanted to make up for missing the first three Devcons, so we participated in this year’s event through a number of talks, a panel, and two trainings. For those of you who couldn’t join us, we’ve summarized our contributions below. We hope to see you there next year. Using Manticore and Symbolic Execution to […]

How contract migration works

Mon, 29 Oct 2018 06:50:16 -0400

Smart contracts can be compromised: they can have bugs, the owner’s wallet can be stolen, or they can be trapped due to an incorrect setting. If you develop a smart contract for your business, you must be prepared to react to events such as these. In many cases, the only available solution is to deploy […]

Slither – a Solidity static analysis framework

Fri, 19 Oct 2018 06:50:09 -0400

Slither is the first open-source static analysis framework for Solidity. Slither is fast and precise; it can find real vulnerabilities in a few seconds without user intervention. It is highly customizable and provides a set of APIs to inspect and analyze Solidity code easily. We use it in all of our security reviews. Now you […]

Introduction to Verifiable Delay Functions (VDFs)

Fri, 12 Oct 2018 06:50:10 -0400

Finding randomness on the blockchain is hard. A classic mistake developers make when trying to acquire a random value on-chain is to use quantities like future block hashes, block difficulty, or timestamps. The problem with these schemes is that they are vulnerable to manipulation by miners. For example, suppose we are trying to run an […]

Ethereum security guidance for all

Thu, 04 Oct 2018 06:50:23 -0400

We came away from ETH Berlin with two overarching impressions: first, many developers were hungry for any guidance on security, and second; too few security firms were accessible. When we began taking on blockchain security engagements in 2016, there were no tools engineered for the work. Useful documentation was hard to find and hidden among […]

Rattle – an Ethereum EVM binary analysis framework

Thu, 06 Sep 2018 02:30:38 -0400

Most smart contracts have no verified source code, but people still trust them to protect their cryptocurrency. What’s more, several large custodial smart contracts have had security incidents. The security of contracts that exist on the blockchain should be independently ascertainable. Ethereum VM (EVM) Bytecode Ethereum contracts are compiled to EVM – the Ethereum Virtual […]

Contract upgrade anti-patterns

Wed, 05 Sep 2018 06:00:21 -0400

A popular trend in smart contract design is to promote the development of upgradable contracts. At Trail of Bits, we have reviewed many upgradable contracts and believe that this trend is going in the wrong direction. Existing techniques to upgrade contracts have flaws, increase the complexity of the contract significantly, and ultimately introduce bugs. To […]

State Machine Testing with Echidna

Thu, 03 May 2018 06:50:48 -0400

Property-based testing is a powerful technique for verifying arbitrary properties of a program via execution on a large set of inputs, typically generated stochastically. Echidna is a library and executable I’ve been working on for applying property-based testing to EVM code (particularly code written in Solidity). Echidna is a library for generating random sequences of […]

Use our suite of Ethereum security tools

Fri, 23 Mar 2018 00:28:08 -0400

Two years ago, when we began taking on blockchain security engagements, there were no tools engineered for the work. No static analyzers, fuzzers, or reverse engineering tools for Ethereum. So, we invested significant time and expertise to create what we needed, adapt what we already had, and refine the work continuously over dozens of audits. […]

Echidna, a smart fuzzer for Ethereum

Fri, 09 Mar 2018 13:19:34 -0500

Today we released Echidna, our next-generation EVM smart fuzzer at EthCC. It’s the first-ever fuzzer to target smart contracts, and has powerful features like abstract state-machine modeling and automatic minimal test case generation. We’ve been working on it for quite some time, and are thrilled to finally share it with the world. Different interfaces for […]

Parity Technologies engages Trail of Bits

Fri, 09 Feb 2018 07:50:46 -0500

We’re helping Parity Technologies secure their Ethereum client. We’ll begin by auditing their codebase, and look forward to publishing results and the knowledge we gained in the future. Parity Technologies combines cryptography, cellular systems, peer-to-peer technology and decentralized consensus to solve the problems that have gone unaddressed by conventional server-client architecture. Their Ethereum client is designed for […]

Videos from Ethereum-focused Empire Hacking

Fri, 22 Dec 2017 07:50:57 -0500

On December 12, over 150 attendees learned how to write and hack secure smart contracts at the final Empire Hacking meetup of 2017. Thank you to everyone who came, to our superb speakers, and to Datadog for hosting this meetup at their office. Watch the presentations again We believe strongly that the community should share […]

Securing Ethereum at Empire Hacking

Wed, 22 Nov 2017 07:50:31 -0500

If you’re building real applications with blockchain technology and are worried about security, consider this meetup essential. Join us on December 12th for a special edition of Empire Hacking focused entirely on the security of Ethereum. Why attend? Four blockchain security experts will be sharing how to write secure smart contracts, and hack them. Two […]

Hands on the Ethernaut CTF

Mon, 06 Nov 2017 14:32:19 -0500

Last week Zeppelin released their Ethereum CTF, Ethernaut. This CTF is a good introduction to discover how to interact with a blockchain and learn the basics of the smart contract vulnerabilities. The CTF is hosted on the ropsten blockchain, and you can receive free ethers for it. The browser developer console is used to interact […]

Trail of Bits joins the Enterprise Ethereum Alliance

Thu, 19 Oct 2017 07:50:38 -0400

We’re proud to announce that Trail of Bits has joined the Enterprise Ethereum Alliance (EEA), the world’s largest open source blockchain initiative. As the first information security company to join, and currently one of the industry’s top smart contract auditors, we’re excited to contribute our unparalleled expertise to the EEA. As companies begin to re-architect […]