sherlockvarm

Formal verification is the only security method with no miss rate. Zcash's Orchard circuit had a silent inflation bug for 4 years. Expert audits missed it. A formal verifier does not flag suspicious code. It attempts to prove output = [scalar]*base for all inputs. When the constraint is missing, the proof cannot close. That is a fundamentally different guarantee. The proof closes or it does not. We broke down the Zcash bug, the attack chain, and exactly how formal verification would have caught it. Read it here 👇

$340M+ lost across 14 bridge attacks in 2026 YTD. The pattern isn't new. Verification bypasses, key compromises, validator failures, and poisoned state mappings continue to drain user funds. Our May threat report shows bridge-related incidents were responsible for the majority of losses this month. The attack surface is expanding faster than most teams are securing it.

Crypto neobanks are complex financial products in Web3. They inherit attack surfaces from traditional banking AND crypto infrastructure simultaneously. Most founders audit the smart contract and call it done. That covers 1 of 11 attack surfaces. Infini learned this the hard way. $49.5M gone in two transactions. No zero-day. Just an admin key that was never revoked. The neobank stack is six layers deep. KYC pipeline. Core banking ledger. Card issuing stack. Crypto custody. Mobile layer. On-chain settlement. A standard audit covers the bottom one. We mapped all 11 attack surfaces across all six layers. If you are building a card-issuing neobank, read this before your next audit 👇

🚨 New Market Trading lost $3.78M in 15 minutes. 88 Safes drained across Ethereum, Base, and Arbitrum. No flash loan. No bridge exploit. The attacker read a public contract, copied a delegate address, and called an unguarded function. The fix was one line: require(msg.sender == delegate); Full breakdown below 👇:

yeah, got the real issue, gravity denom to erc20 registry gets poisoned via MsgERC20DeployedClaim (deployERC20 calls), validators attested the claim, registry wrote whatever ERC20 address was embedded in the denom string with zero check if it was a real custody token, working on the detailed report, will share soon.

🧠 Your contract is clean. Your agent isn't. Prompt injection, memory poisoning, malicious routers, none of this shows up in a bytecode audit. The executor is now a reasoning model. It reads token names, price labels, and on-chain data. Any of it can be an instruction. 26 LLM routers were found secretly draining wallets. $500K gone. Zero contract bugs. Memory poisoning plants false beliefs across sessions. Runtime guardrails don't catch it. The exploit already happened. The attack surface moved from code to interpretation. Most teams haven't noticed yet. Full breakdown on attack vectors, secure architecture, and what AI-native auditing actually looks like 👇

Most stablecoins don't fail at launch. They fail before the first line of code. $322B in supply. Tokenized stocks settling on-chain. BlackRock. Franklin Templeton. The blast radius of a stablecoin failure isn't a DeFi problem anymore. We broke down exactly what we'd build, day by day, if we were launching one. Architecture. Threat modeling. Audits. Key security. The full blueprint 👇