Olivia
Online
hexens
@hexens
Security for those who cannot afford a mistake.
Joined September 2021
3 Following
8.8K Followers
1.9K Posts
Pinned Tweet
It's never been harder to build or raise in crypto. And the teams that need audits the most are the ones just starting out.
Hexens Builder Support: real security engagement built around where early-stage protocols actually are.
Who qualifies:
— Under $1M raised
— First security audit (no prior professional audit)
— Live or near-launch product (not just an idea)
Too many good protocols die before their first audit or ship without one and get exploited. That's why we built Builder Support. To catch the ones worth catching, before anyone else does.
Apply: https://t.co/eJ9SbznUd0
Time to show what we bring to this partnership.
For qualified residents of @hexens Builder Support Program - a set of exclusive perks from GetBlock:
> Starter Shared subscription, free
> Dedicated or Limitless Node on a 2+1 offer (pay for two, get three, terms apply)
Share promo code HEXENS26 with us through the Contact form once you're in.
Builder Support details and application: https://t.co/YgEWnqx9yk
The Glider Query Contest has officially wrapped | our $50K prize pool has been fully depleted!
What started as an experiment turned into something way bigger than we expected.
A huge thank you to everyone who contributed and to @ethereumfndn for funding the entire $50K prize pool. Big thanks also to @autopools for contributing an additional $3K to the pool.
Contributions are always open and everyone is welcome to keep submitting queries as we will still review existing and new queries. New contributions won't be paid for now.
Every query makes Glider smarter and more useful for the whole ecosystem.
We will post the database after all the triaging is finished.
Also, we know you loved the contribution visuals, so we're not stopping there. We'll keep posting the remaining contribution announcements here.
And yes, stay tuned. This might not be the last pool
https://t.co/116xdLTCZT
Who to follow
Cyfrin Solodit 🟪
@SoloditOfficial
The world's largest blockchain vulnerabilities database.
Explore reports, findings, and bugs from top web3 security firms.
Powered by @cyfrin
Blockchain Threat Intelligence
@blockthreat
A weekly, independent newsletter to capture the latest security news, tools, events, vulnerabilities, and threats in the cryptocurrency landscape by @iphelix
dravee.eth
@BowTiedDravee
Leading at @Certora 👨💻 | Preaching about Mindsets 📝 | Over-Approximating 🔎 | Expectations != Reality
Automation you can trust 🛡
Cybro’s new Auto-Close and Auto-Rebalance features have been audited by @hexens
The full audit report is now available here ⬇️
https://t.co/PgIMvJdUTX
Built for safer, smarter LP management — so you can automate with confidence.
Live now on Arbitrum ⚡️
🔗 https://t.co/85Ovyk1hH6
As TradFi integrates with the DeFi ecosystem and adopts ERC-20 tokens, institutions must ensure tokens meet compliance standards including adherence to the official OFAC SDN list.
Many tokens support blacklisting, but it's difficult for analysts to verify whether a given token is actually up to date with the latest sanctions list.
With Glider, we can analyze any token and instantly surface whether it maintains the latest OFAC SDN list.
The query below identifies ERC 20 tokens that support blacklisting but don’t utilize the latest SDN list.
Glad to have @getblockio join the Builder Support Program as an infrastructure partner.
More partners being announced soon: https://t.co/oR8xEOVS3y
Strong news from our security partner @hexens
Applications are open for their Builder Support Program.
What's on the table for qualifying protocols:
ᐉ Full Hexens audit at 1/3 the standard rate
ᐉ Same senior auditors, same scope, same deliverable
ᐉ Eligibility: pre-seed or under $1M raised, first audit, live or near-launch product
ᐉ Perks include investor intros, co-marketing, Glider monitoring access, and more
Hexens already fuels GetBlock's Token Risks API: a real-time risk scoring for tokens, contracts, ownership patterns, and liquidity behavior, all through a single endpoint.
Apply for Builder Support: https://t.co/YgEWnqx9yk
Explore the Token Risks API: https://t.co/i0vjPNoHSX
6. KDF and entropy
Wallet security still regularly fails at key generation and password hardening.
Weak entropy sources, insufficient randomness, and fast hashing primitives continue to turn local wallet compromise into practical key recovery.
@_nd_koo recently broke down six security issues that recur across Hexens wallet audits. Not bugs. Architectural defaults that survive design review because nobody pushes back.
5. Token UI
Wallet UIs often abstract transactions into simplified asset actions.
Critical execution details may be hidden or poorly visualized, making malicious behavior appear indistinguishable from legitimate user flows.
Royco treated security as a continuous process, not a one-time gate. Three rounds, every fix re-validated. Always a pleasure working with teams that take security seriously
https://t.co/e7PqsYs6i6
11% of Safe contracts on Ethereum Mainnet are configured with a threshold of 1 signature.
A 1-of-N Safe is not a multisig. Operationally it behaves like a single EOA: one compromised owner means full control of the wallet, with none of the quorum guarantees the word "Safe" implies. The extra contract logic only adds gas costs and visual reassurance.
This matters because "managed through a Safe" is often used as a security signal in protocol documentation and decks. By itself, it tells you nothing. The threshold and the identity of the signers do.
Before trusting funds to any protocol that points to a Safe as its operational backbone, verify both.
(Based on our research across GnosisSafeProxy deployments on Mainnet done by Glider.)
Excited to kick this off!
The engagement is live. Full scope under review, findings to follow on completion.
Security audit in progress 👇
Flipper x @hexens
Hexens is auditing the core of Flipper Perps. The on-chain program that routes user funds across @DriftProtocol , @FlashTrade, @AdrenaProtocol, @JupiterExchange , and @gmtrade_xyz
What they're reviewing:
→ Deposit and withdrawal flows, vault accounting
→ Order intents: market, limit, trigger, stop-out
→ Compound trade opening and closing across multiple DEXs
→ Fee distribution: protocol treasury, insurance fund, referrals
→ Liquidation and settlement logic
→ Circuit breakers and emergency controls
→ Trust boundaries between Flipper and external DEX adapters
Reports drop when they're done
A small contribution from our side to the FHE community: a curated list of attacks, cryptanalysis papers, and tooling, all in one place.
@ISinfra Thanks for backing early-stage builders.
@Quicknode Thanks for backing early-stage builders
@ChainstackHQ Thanks for backing early-stage builders
Last Seen Users on Sotwe
Thamster
Seen from Malaysia
Gaysel Olaylarr
Seen from Turkey
ส้มโอหวานหวาน
Seen from Thailand
سكس ون
Seen from Saudi Arabia
อยากเย็ด สาวโรงงาน
Seen from Thailand
g69me
Seen from France
imran
Seen from Netherlands
ChuckMe92 Soccer
Seen from United States
Iqra
Seen from Pakistan
naughtyworshipers
Seen from South Africa
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.3M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers