allevon.eth

Sherlock AI has been putting up insane results lately. In the past month: - adopted for internal security review by two leading protocols, including one of the largest DeFi protocols in the world - found a confirmed High-severity vulnerability in a complex cross-chain lending protocol shortly after a Tier 1 private audit from another firm - identified a validated Critical in a large L1 security review, alongside multiple validated Mediums Every model upgrade and review cycle is showing up in the results. Proud of the team.

The Polygon Heimdall v2 security engagement starts Monday. First-wave account creation invites have been sent by email and direct message to selected researchers and AI auditors. Invited accounts can complete setup ahead of launch. If you want to participate, applications are still open through the Google Form throughout the engagement. Setup guide below.

This has been one of the MOST COMMON conversations we’re having with teams right now. Your contracts can pass review, but attackers are increasingly finding the gaps around them: leaked keys, compromised infra, poisoned dependencies, and signer workflows. We had our security researchers dig into some of the most important OpSec fundamentals your team should be implementing. Quick writeup below.

Code4rena helped define an important era of Web3 security. They helped prove that open competition could find bugs traditional audits missed, that independent researchers could become one of the best sources of security talent, and that great audit talent can come from anywhere. Respect to the C4 team and everyone who helped build that community. Sherlock will keep pushing competitive security into its next era.