Archive - Offside Labs’ Security Insights

Token-2022 Security Best Practices - Part 2: Extensions

Without a solid understanding of tokens, projects face serious risks. This post highlights the extensions of Token-2022 that need closer security…

Nov 4 •

September 2024

August 2024

Compensation for Composition

In this blog post, we reveal an issue in the Trader Joe v2 Liquidity Book. This flaw lets arbitragers perform swaps without paying fees, allowing them…

Aug 2 •

May 2024

One Key Bug in OneKey Mini

Delve into the security vulnerabilities of OneKey Mini hardware wallets. Through detailed analysis and hands-on experimentation, we discovered that…

May 30 •

December 2023

November 2023

December 2022

Could Wrapped Tokens Like WETH Be (forced) Insolvent?

Uncover the fascinating journey of a budding hacker delving into Interlay's Bitcoin-Polkadot bridge, interBTC, and revealing critical security flaws in…

Dec 21, 2022 •

July 2022

The Defrauded Fraud Proof of A Bitcoin Bridge

Hanging out in the Immunefi discord leads me to new wonderlands! Last month I was notified of a new bounty program from Interlay, who claimed the…

Jul 31, 2022 •

June 2022

How to Steal $100M from Flawless Smart Contracts

Embark on an exciting journey as I expose a critical design flaw in Moonbeam's network, safeguarding over $100M and earning a $1M bug bounty reward.

Jun 28, 2022 •

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts