Olivia
Online
AuditHub
@AuditHubDev
AuditHub is the collaborative auditing platform transforming how security teams secure their protocols. Built by security experts from @VeridiseInc
Austin
Joined February 2025
53 Following
240 Followers
237 Posts
6/ The Orchard bug survived expert review because point-in-time audits miss what continuous verification catches.
Continuous security isn't a product pitch.
The Zcash timeline makes the case better than any ad could.
An underconstrained check in Zcash's Orchard circuit allowed unlimited counterfeit ZEC creation from May 2022 to June 2026. Four years. Cryptographically undetectable.
Here's what the bug was, why it survived so long, and what continuous verification changes. 🧵
5/ Picus verifies circuit determinism mathematically on every commit.
Not a scan. Not a heuristic. A formal proof that constraints are complete for all possible inputs, with concrete counterexamples when they aren't.
Vitalik finally said it out loud. "Formal verification is the future of crypto security."
Our tool Picus has been doing it since before the blog post.
96% of ZK circuit bugs trace back to underconstrained logic. The verifier accepts a proof it shouldn't.
Picus by @AuditHubDev formally verifies circuit determinism. Not "we checked", mathematical proof that the constraints are sound.
@VeridiseInc Worth adding: Everything upstream looks consistent. The failure is silent until someone exploits it.
Picus proves the constraint set is complete, which closes this specific class. It's one of the techniques in the AuditHub Approach, not the whole thing.
The ResupplyFi $9.6M bug shipped past an audit. AuditHub catches the class on every commit.
A custom static check flags the shape. A targeted fuzzer confirms the exploit. The combination is the part audits cannot run for you continuously.
“The nastiest bugs sit at the edges of two subsystems considered separately.” - Vitalik, this week.
https://t.co/jPOrmoAfCU
Vitalik finally said it out loud. "Formal verification is the future of crypto security."
Our tool Picus has been doing it since before the blog post.
That's exactly what Picus does.
Prove a class of bugs is absent, mathematically. No list to triage. No hallucinations to filter.
Just a proof.
Triage fatigue isn't a workflow problem. It's a verification problem.
AI finds more bugs, faster, and half of them are hallucinated.
Formal verification proves a class of bugs is absent. That's not a faster scanner.
That's a different answer.
https://t.co/qT6tcINnEC
Security tools should either discover bugs or prove their absence.
Formal guarantees mean when the tool says a vulnerability doesn't exist, you can trust that result.
No uncertainty, no wasted developer time investigating false flags.
Developers know their code better than anyone after months of work, yet they lack tools to identify vulnerabilities themselves.
Third-party audits alone can't leverage this knowledge. Proactive security means giving devs the right detection and verification tools.
Traditional audits only scan code right before launch.
Complex bugs between upgrades? Often missed.
We run formal verification continuously through your entire development cycle, catching issues as they're introduced.
Your deployment scripts already exist.
Your build system is already configured.
We work with what you have, providing immediate fuzzing insights and static analysis without additional code.
Zero ongoing effort after setup.
You check for reentrancy, then the next PR changes line order for optimization.
Now you're calling an untrusted system two layers deep. The search space explodes with minor changes.
Automated detection in CI/CD catches this before months of work builds on a flaw.
Last Seen Users on Sotwe
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.2M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
59.9M followers