Olivia
Online
Cyba Blockchain Security
@CybaSecurity
Rigorous smart contract and protocol security across EVM and Bitcoin L2 ecosystem @Stacks (Clarity)
Request an audit →
Joined September 2023
21 Following
99 Followers
25 Posts
@GraniteBTC 2/2
A detailed report of the audit can be found here:
https://t.co/KSxkOzJkJs
1/2
Back with another security review for @GraniteBTC.
This engagement focused on liquidation improvements and protocol hardening, covering changes to liquidation flows, bad debt handling, staking mechanics, and related core functionality.
Granite continues to build Bitcoin-backed liquidity infrastructure on Stacks through sBTC, while iterating on the protocol's security and robustness.
Always a pleasure working with teams that treat security as an ongoing process rather than a checkbox.
@GraniteBTC @Stacks @trustmachinesco 2/2
A detailed report of the audit can be found here:
https://t.co/TVChIxGi8m
1/2
We recently completed a security review for @GraniteBTC, a Bitcoin liquidity protocol built on @Stacks enabling users to borrow stablecoins against Bitcoin collateral through sBTC, developed by @trustmachinesco.
This engagement focused on reviewing fixes, hardening efforts, and protocol enhancements across the protocol’s lending system, covering changes across borrowing, liquidation flows, staking, governance, LP incentives, oracle integrations, withdrawal logic and related core functionality.
Granite combines Bitcoin-backed liquidity access with design choices such as isolated collateral, soft liquidations, and Bitcoin-native infrastructure.
Happy to support teams building BTCfi infrastructure. Always a pleasure working with security-oriented teams pushing the ecosystem forward.
Our founder @abarbatei spoke last week at @ETHCluj about securing BTCfi and how Bitcoin''s expanding ecosystem introduces new security assumptions.
Topics covered:
🟢 Bitcoin security assumptions
🔴 Historical Bitcoin network vulnerabilities (25 disclosed issues in the last 10 years)
⚪ Litecoin April incident analysis
🟡 BitVM technology
🟠 Bitcoin L2s: @Stacks, @citrea_xyz, @babylonlabs_io
Understanding how security assumptions stack is critical for building and securing BTCfi systems.
🔗 Watch the full presentation:
https://t.co/BGTqJhb6Aw
Happy to be among the Romanian teams featured.
Romania has a strong builder base across Ethereum and blockchain in general, with a lot of solid work happening quietly in the background. It's good to see more visibility on what's being built locally and how the ecosystem is taking shape.
Well worth a read for anyone looking to understand the space better.
https://t.co/8mgYPtbnWc
The rsETH markets on Aave V3 and Aave V4 have been frozen. Aave's contracts have not been exploited and this is an exploit related to rsETH.
The freeze follows an exploit of the Kelp DAO rsETH bridge. Freezing the rsETH markets prevents new deposits and borrowing against rsETH collateral while the situation is assessed.
We are reviewing information about rsETH borrows on Aave that occurred after the exploit and will share more details as soon as possible.
If the protocol accumulates bad debt from this incident, we'll explore paths to offset the deficit.
2/2
This article breaks down:
- how Stacks addresses are derived and encoded
- why different address formats exist across networks
- what these differences mean from a security perspective
Read:
https://t.co/fk09eETS2N
1/2
When we launched Cyba in February, we said to judge us by what we publish, how we review code, and the standards we hold ourselves to.
We're continuing on that path by publishing security content that benefits the ecosystem.
We're starting with a deep dive into Stacks principal (address) derivation and standard network checks.
For those who may not know, @Stacks is the leading Bitcoin L2, where we have extensive experience securing protocols.
@AccountableData While the report for this engagement remains private, you can find one of our previous public audits for Accountable, for reference, here:
https://t.co/x9mde0Padx
We've completed our security audit for @AccountableData, reviewing an extension to their DeFi credit vault infrastructure.
Accountable is a key player operating at the intersection of DeFi and TradFi.
Their vault-based credit layer programmatically allocates capital across lending strategies, with over $160M deployed to generate risk-adjusted yield.
They are also building the Data Verification Network (DVN), a privacy-preserving infrastructure that verifies financial data directly at the source. It already secures $1B+ in assets across partners like Galaxy, Amber Group, and K3 Capital, positioning Accountable at the intersection of onchain finance and institutional reporting.
Security at this scale is never a one-off.
Just kicked off a new audit for an extension to a complex DeFi strategy system.
Good protocols don't treat audits as a one-time checkbox. Every production change deserves a security review.
From first contact to audit kickoff: < 24h.
Security doesn't end after the first audit.
🚨URGENT: Blockaid's system has identified a front-end attack on compound[.]finance, and is redirecting to a malicious website.
If you’re connected, please refrain from signing transactions and avoid interactions with the dApp until the issue is resolved.
![blockaid_'s tweet photo. 🚨URGENT: Blockaid's system has identified a front-end attack on compound[.]finance, and is redirecting to a malicious website.
If you’re connected, please refrain from signing transactions and avoid interactions with the dApp until the issue is resolved. https://t.co/c7VmYFEqvf](https://pbs.twimg.com/media/HC5EGOmWQAAlSWK.jpg)
The ecosystem is maturing, and we're here to help ensure it grows safely
https://t.co/7OJ7FeIOWr
This weekend I participated in @CryptoExpoEu, the largest crypto and blockchain conference in Eastern Europe.
I want to share a few takeaways from the event.
At this point in the blockchain ecosystem, the people who are still here are those who are genuinely interested in the underlying technology, or are in a position where their employer has reached product-market fit in the industry.
Like many others have pointed out, the tourists have left and only long-term players remain.
There was also a surprising level of enthusiasm among people to mingle and learn about each other. Nobody was there to "just be there". they had come with a purpose, and that was networking.
One realization I had is that what was known as "Crypto" just a few years ago has changed in the public's eyes. More specifically, there was a split.
What I mean by that: I participated in @cometsweb3's Blockchain Builders Meetup (https://t.co/WD2TIYTuep), and the most common question (besides whether food is included in the event lol, gotta love the humor 😂) was: "what web3 internships are available?"
There were a lot of students there. When I asked why they were interested in internships in crypto, they replied: "in Blockchain, not Crypto".
Somewhere along the line, what we all knew as "Crypto" split into "Blockchain", the technology, and "Crypto", the degen side, roughly speaking.
To me this is a clear sign of maturity. A surprising one for Romania, considering I started years ago when "everything was a scam". While I expected people working in the field to understand what we are building, I didn't expect outsiders to also understand.
Really happy to see that.
I'm also glad that I could catch up with old friends and meet new and very interesting people at the event.
The ecosystem is quieter now, but the people who remain are the ones actually building.
We're proud to see our founder, @abarbatei, joining the speaker lineup at @ETHCluj.
Looking forward to sharing insights on blockchain security and exploring how @Stacks and other Bitcoin L2s support the safe growth of BTCfi.
https://t.co/m0kE1eLSSN
We're delighted to welcome @abarbatei as a speaker at ETHCluj.
He is the founder and principal security researcher at Cyba Blockchain Security and brings on stage over a decade of cybersecurity expertise across Web2 and Web3, securing over $1B in TVL across EVM and Bitcoin L2s.
Catch him live in Cluj-Napoca this year!
🎟️Get tickets in bio.
@bitflow Congratulations on your launch! 🔥
3/3
Blockchain reorgs are subtle, yet critical when building production infrastructure.
We break down reorg risk from both a founder's and auditor's perspective.
https://t.co/kQcImRckoq
1/3
We're consolidating and migrating some of our older technical articles to the Cyba blog.
https://t.co/yjpZMO26kc
Two recent additions worth revisiting:
2/3
Did you know you can trigger a "Stack too deep" compiler failure in Solidity simply by adding the keyword "indexed" to an event parameter?
No logic changes. Just one keyword.
https://t.co/WR3KV5U4hV
@web3sec_news @Stacks 2/2
Builders can find more details about our services here:
https://t.co/0n4GRanFWa
1/2
Thanks @web3sec_news for the shout-out🙏
We currently provide EVM and @Stacks (Clarity) security reviews, with scope and capabilities expanding over time.
https://t.co/E0pbCJkROK
For specialized security reviews of EVM or stack-based Bitcoin L2 based projects, check out @CybaSecurity. Hit them up if you are building.
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers