https://miscreants.github.io/blog.trailofbits.com/categories/slither/Recent content in slither on The Trail of Bits BlogHugoen-usSat, 15 Nov 2025 00:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2025/11/15/level-up-your-solidity-llm-tooling-with-slither-mcp/Sat, 15 Nov 2025 07:00:00 -0500https://miscreants.github.io/blog.trailofbits.com/2025/11/15/level-up-your-solidity-llm-tooling-with-slither-mcp/We’re releasing Slither-MCP, a new tool that augments LLMs with Slither’s unmatched static analysis engine.https://miscreants.github.io/blog.trailofbits.com/2024/03/01/when-try-try-try-again-leads-to-out-of-order-execution-bugs/Fri, 01 Mar 2024 07:00:42 -0500https://miscreants.github.io/blog.trailofbits.com/2024/03/01/when-try-try-try-again-leads-to-out-of-order-execution-bugs/Have you ever wondered how a rollup and its base chain—the chain that the rollup commits state checkpoints to—communicate and interact? How can a user with funds only on the base chain interact with contracts on the rollup? In Arbitrum Nitro, one way to call a method on a contract deployed on […]https://miscreants.github.io/blog.trailofbits.com/2022/11/14/livestream-workshop-fuzzing-echidna-slither/Mon, 14 Nov 2022 08:30:23 -0500https://miscreants.github.io/blog.trailofbits.com/2022/11/14/livestream-workshop-fuzzing-echidna-slither/Over the years, we’ve built many high-impact tools that we use for security reviews. You might know some of them, like Slither, Echidna, Amarna, Tealer, and test-fuzz. All of our tools are open source, and we love seeing the community benefit from them. But mastering our tools takes time and practice, and it’s easier if […]https://miscreants.github.io/blog.trailofbits.com/2022/07/28/shedding-smart-contract-storage-with-slither/Thu, 28 Jul 2022 09:00:07 -0400https://miscreants.github.io/blog.trailofbits.com/2022/07/28/shedding-smart-contract-storage-with-slither/You think you’ve found a critical bug in a Solidity smart contract that, if exploited, could drain a widely used cryptocurrency exchange’s funds. To confirm that it’s really a bug, you need to figure out the value at an obscure storage slot that has no getter method. Adrenaline courses […]https://miscreants.github.io/blog.trailofbits.com/2021/12/16/detecting-miso-and-opyns-msg-value-reuse-vulnerability-with-slither/Thu, 16 Dec 2021 13:00:49 -0500https://miscreants.github.io/blog.trailofbits.com/2021/12/16/detecting-miso-and-opyns-msg-value-reuse-vulnerability-with-slither/On August 18, 2021, samczsun reported a critical vulnerability in SushiSwap’s MISO smart contracts, which put ~350 million USD (109 thousand ETH) at risk. This issue is similar to an attack that was conducted on the Opyn codebase in August of 2020. At the time of the report, I was finishing my […]