Olivia
Online
bock
@bockus
Co-Founder @Fidesiumapp
Smart contract security researcher.
Audits, exploit analysis, and the future of autonomous protocol security.
London, England
Joined August 2008
449 Following
406 Followers
1.2K Posts
ย Pinned Tweet
https://t.co/OdM44KgV61
So proud of all the contributors. With enough voices maybe we can make London the heart of crypto
The future of DeFi in the UK shouldn't be decided without the people building it.
Today, we submit our response to the FCA's perimeter consultation.
Backed by 20+ founders, all pushing for rules that can give DeFi a home here.
We fight for the progress we need. ๐ฆพ๐ฌ๐ง
@SuperteamUK @unruggable_io @tokenGBP @formacity @AgantFinance @ZyntaFinance @Fidesiumapp @SimplicityWeb3 @reflectmoney @RuleSpark_com @Dominion_Market All government policy should be reviewed by those of us in the trenches. Great work everyone.
Critical. 3 Highs. Caught.
On a 36k-line Rust protocol live on Solana.
Here's the four-pass framework that @Fidesiumapp used to find them.
The team audited 36,000 lines of Rust on @AdrenaProtocol .
The findings weren't where most auditors look.
Here's the framework that surfaced them.
Who to follow
Tobias van Amstel
@tobiasvanamstel
Co-founder & CEO Altitude Labs - @AltitudeFi_
alenadundas
@alenadundas
Founder Sispara Partners. Mum of 3, restorer of derelict spaces into beautiful homes, โค๏ธ of analogue family living + โ๏ธ โก ๐ฌ๐ง ๐จ๐ฆ wifey of @danielpriestley
Kieran O'Neill
@KieranO
Founder. Built and sold 3 companies. Most recently @thread (AI stylist, YC S12, 3m customers, acq by M&S). Building something new.
Web3 security isnโt a one-time audit. Itโs a brutal, ongoing grind where you must win every single time.
Just wrapped a deep audit on Adrena. A live on Solana perps DEX. 36k lines of Rust, 122 instructions, one Critical governance finding, and we shipped a full regression test suite with our custom fuzz harness so nothing slips later.
Whatโs your biggest security blind spot on Solana right now?
Defenders grind. Attackers get one lucky shot.
Full breakdown here:
https://t.co/Oh2PAVVLQY
https://t.co/Oh2PAVVLQY
Web3 security hot take: Your biggest threat isn't some genius hacker. It's you treating security like a feature instead of oxygen.
Web3 security isn't one thing, it's everything, all the time.
Smart contracts? Audited, recently?.
Supply chain? Still cooked by Trapdoor.
Bridge? Forged in 5 mins.
Admin keys? 3 of 5 is a minimum.
Opsec? Your dev just installed a new package.
Stop treating security like a checkbox. It's the whole damn game or you're just funding North Korea's next attack.
Chill day down at @SuperteamUK Buildstation. Here most Fridays if you or your team ever have any questions about security.
Central London #Londonmaxing
Soooooo.... about the AI bubble.
NEW: AI consultant reveals a client accidentally spent $500,000,000.00 in a single month after failing to set employee limits on Claude usage.
@dxsale
$7.3 million got drained from 1,400+ locked pools
Hereโs how they did it:
1. contract ownership got transferred 269 days ago
2. deployed a drainer contract this morning
3. set lock fee to 1 wei
4. create a new lock on already-locked lp
5. backdated unlock times to 1970
6. looped withdraw() on 1,400+ legacy pools
7. swap to bnb, bridged out, mix with a mixer and gone
$7.3 million gone and the door is still open.
@dxsale has yet to respond
@theguycrypto_ Thanks mate.
https://t.co/OdM44KgV61
Using the latest tools and agents to attack your own project is the the new necessary step in security.
You really want to do this before someone else does.
https://t.co/OdM44KgV61
In 2012 in a letter to investors @finkd formalized his famouse line - "Move fast and break things. Unless you are breaking stuff, you are not moving fast enough."
This is literally th eworst advice ever in Web3.
Teams ship fast, skip supply chain checks, then Trapdoor-style attacks wipe them out. One malicious dep and years of work and millions gone.
Interested to see what this is. Looking forward boys.
A completely new security format is emerging.
One of the biggest protocols in Web3 is working with Sherlock to put it to the test.
June 15 to July 6.
More revealed tomorrow.
-----> Massive supply chain attack live.
Trapdoor hit with 34 malicious packages and 384 versions across npm, PyPI, and Rust Crates. Fake dev tools for crypto, DeFi, AI, Solana.
Silent install - then - drain wallets, private keys, SSH, AWS creds, GitHub tokens.
Only two months to switch from focusing on OpSec to supply chain.
Always the next weakest target.
Check everything.
@whatsallthiss Jesus Christ that is hideous.
Attempted Hack Story Time:
Friend got hit by an injection into a valid Google Doc.
Attackers posing as friendlies sent a link to a Google Doc. All safe all fine.
Popup asked him to open his terminal..
Never enter anything a website asks you to enter into your terminal.
Last Seen Users on Sotwe
HotGayMDZ
Seen from Colombia
Hรผseyin kurnaz
Seen from Turkey
TheLollipopMan
เธญเธขเธฒเธเธเธนเธเธฃเธดเธเธเธฑเธเธงเนเธฒเธง
Seen from Thailand
Suka selingkuh
Seen from Indonesia
Hayden Jones
Seen from Spain
Martin_An
Seen from United States
.
Seen from Turkey
Dฦฐฦกng { bot } ๐ณโ๐๐ผ๐พ
Seen from Vietnam
penggemar ibu2 stw bali
Seen from Singapore
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers