Today we're launching Crucible, a coverage-guided fuzzing framework for Solana programs. Built for Anchor, with v2 support from day one.
Just one example of what Crucible can find: a years-old bug in Solana's stake program, surfaced in seconds ↓
Solana was built for security. As the ecosystem scales, so does our investment in the tools, standards, and support.
Today that commitment deepens with a new security program, active monitoring, formal verification for top protocols, and a new crisis response network.
Learn more 👇
Legitimately impressed with @NanoBanana’s ability to synthesize complex ideas.
I asked it to generate a diagram for all 25 tendencies from Charlie Munger’s "Psychology of Human Misjudgment".
A beautiful way to see your own blind spots!
@NanoBanana Tune into The Knowledge Project podcast or read the full transcript on Farnam Street:
Podcast: https://t.co/a2ayLKxBL8
Blog: https://t.co/YuQhReRREL
New blog post: An Intro to Differential Fuzzing in Rust, by @nl_gripto & @anarcheuz. It walks through building a pure-Rust JSON fuzzer from scratch, then extending it into a differential fuzzing harness capable of surfacing consensus bugs.
https://t.co/yrwtnxAozi
As 2025 kicks off, we’re grateful for such an incredible year.
From making our mark on the web3 security ecosystem to growing our team to 30 people, here's a look back ⇣
It’s Friday night and what better time than now to hunt the $250,000 prize pool for the @immunefi@Stacks contest.
There’s only 16 days left; earn big and help us secure the largest Bitcoin L2.
https://t.co/XVaFVCCxbF
New blog post: Ghost in the Block, an Ethereum Consensus Vulnerability, by Giuseppe Cocomazzi. Slight nuances in SSZ deserialization between the Prysm and Lighthouse clients could have allowed an attacker to degrade Ethereum consensus.
https://t.co/8kTIQTNr2x
We’re happy to finally announce @benhawkes, founder of Isosceles Security and former technical lead of Google’s Project Zero, as a Strategic Advisor to @asymmetric_re. Ben has been an excellent partner, and we highly value his ongoing support.
Excited to attend @token2049 next week in Singapore.
If you’re interested in chatting about unique security and infrastructure challenges in your ecosystem, let’s talk!
If you enjoyed @pleasew8t’s recent post on Evmos Precompile State Commit Infinite Mint (https://t.co/ktx9t2nRjZ), you should check out his write-up on another bug, an Evmos Distribution Precompile Denial-of-Service.
https://t.co/Cy5OtqEWX1
The Jito Foundation just launched our bug bounty program, managed by @asymmetric_re, on @immunefi! 🐞
Discover bugs and vulnerabilities in our system and earn rewards of up to $250,000. Your help will ensure a safer and more secure experience for everyone.
Learn more and get involved: https://t.co/QqeorW2FV8
New Project Zero blog post by Sergei Glazunov and Mark Brand: Project Naptime: Evaluating Offensive Security Capabilities of Large Language Models https://t.co/txvkXH5oCC
Hey folks, if you're looking for an amazing security engineer, check out @dustriorg whom I had the pleasure to work with on a lot of cool projects at Google :)
> I don't have anything lined-up job-wise, so feel free to reach out if you're hiring.
Looks like an opportunity!
Many startups just died today.
Because OpenAI added PDF chat. You can also chat with data files and other document types.
We had a wave of products better suited as features rather than stand-alone companies.
Wrappers are being squeezed by OpenAI on one side and incumbents on the other.
It's a rough world out there.