EVM (Ethereum Virtual Machine) compatible blockchains are designed to be compatible with the Ethereum blockchain’s smart contract functionality, programming language (Solidity), and tooling ecosystem. During this process, the implementation of an EVM-compliant virtual machine is one of the key steps. However, during our research, we find that maintaining the compatibility…

On 2023–03–17 05:48:59 (UTC), BlockSec successfully blocked an attack attempt on ParaSpace (a top NFT lending protocol) and protected crypto assets worth $5M.

By BlockSec Recently, there has been a lot of attention on the “counter exploit” to move funds from MakerDao Vault using Oasis multisig. Meanwhile, we have received a couple of queries about whether BlockSec is the “whitehat” behind this operation since we were involved in the counter exploit to help…

By BlockSec DeFi hacks are still happening. For the stolen funds of the DeFi projects, it’s usually hard to recover them. Some projects negotiate with the hacker to offer a bounty and promise the drop of legal actions. It works sometimes but set up a bad example. …

By MetaSleuth Team @ BlockSec This blog will show how to use MetaSleuth (@MetaSleuth) to analyze a phishing attack. Involved addresses For better illustration, we show the involved addresses and their abbreviations in the following. 0x46fbe491614e1ab6623e505e5e031ebf321cb522: 0x46fb…b522 — possible flash exchange 0xc40a8a6763969e88c8bf58a6e7a5adc61b8ebe11: 0xc40a…be11 — attacker-controlled address

By BlockSec Introduction In the past three years, we have observed several security incidents in the DeFi ecosystem. To defend the threats, code-centric methods, e.g., static code auditing, smart contract scanning tool, or dynamic fuzzing, are adopted by the community. Though they have shown effectiveness, we argue that the code-centric approach…

Phalcon has been updated to 2.0. Fly with Phalcon and dive into transactions! Phalcon is a powerful transaction explorer designed for DeFi community. It provides comprehensive data on invocation flow, balance changes, and fund flows for transactions. It also supports transaction simulation. Phalcon aims to help developers, security researchers, and…

By BlockSec On Nov 08, 2022, we detected that some attacks successfully drained assets from pools that are built on top of Sushi’s official KashiPairMediumRiskV1 contract (or some contracts that fork from it). …

By BlockSec We are thrilled to announce that BlockSec and Tokenlon reached a strategic partnership to explore crypto assets security and risk management. BlockSec will provide a comprehensive risk management solution to help Tokenlon securely interact with crypto assets. We will have more in-depth cooperation in the Web3 world. About…