The log.
Security notes, post-mortems, and observations from the audit floor.
Denial of Service in Smart Contracts: Every Pattern
A contract that can be forced to run out of gas, blocked by a reverting receiver, or made dependent on a griefable third party is a contract with a denial of service vulnerability. The patterns are numerous. The fixes are specific.
Economic Invariants: The Properties That Must Never Break
Every DeFi protocol has invariants — mathematical properties that must hold for the protocol to remain solvent and correct. Identifying them, expressing them in code, and testing them under adversarial conditions is the core of security analysis.
How to Read an Audit Report
An audit report is not a certificate of security. It is a record of what was reviewed, when, and what was found. Understanding the difference changes how you evaluate, present, and act on the document.
Fuzzing with Echidna: Writing Properties That Find Real Bugs
Unit tests check what you expect. Fuzzing checks what you did not think to expect. Echidna explores the state space of your contract with adversarially chosen inputs. Writing good properties is the skill that determines what it finds.
Foundry Invariant Testing: The Handler Pattern in Depth
Foundry's invariant testing is more powerful than its fuzz testing — and significantly harder to use correctly. The handler pattern, ghost variables, and state management are the techniques that separate a useful invariant suite from one that finds nothing.
Slither Beyond the Defaults: Custom Detectors and Deep Analysis
Running Slither on default settings is the beginning of static analysis, not the end. Custom detectors, the printer framework, and the Python API turn it into a tool that finds protocol-specific issues no default detector was written to catch.
Formal Verification with Halmos: Proving Properties, Not Just Testing Them
Fuzzing explores the state space randomly. Symbolic execution explores it exhaustively — within bounds. Halmos brings formal verification into the Foundry workflow, making it accessible without requiring a new toolchain.
ERC-4626 Vault Security: Inflation Attacks, Rounding, and Integration Risk
The ERC-4626 standard solves interoperability. It does not solve security. Inflation attacks, rounding direction, totalAssets manipulation, and the risk surface introduced by yield strategies are yours to address.
AMM Security: Invariant Violations, Price Manipulation, and Hook Risk
An AMM's security model is its invariant. Break the invariant — by manipulating reserves, abusing hooks, or exploiting fee accounting — and the pool's pricing becomes an attacker's instrument.
Staking Protocol Security: Reward Manipulation, Slashing, and Queue Attacks
Staking protocols accumulate significant value and operate continuously. The attack surfaces — reward snapshots, withdrawal queues, slashing event handling, and LST exchange rates — are active and well-understood by searchers.