Offside Labs’ Security Insights
Subscribe
Sign in
Home
Archive
About
Latest
Top
Token-2022 Security Best Practices - Part 2: Extensions
Without a solid understanding of tokens, projects face serious risks. This post highlights the extensions of Token-2022 that need closer security…
Nov 4, 2024
•
Offside Labs
September 2024
Token-2022 Security Best Practices - Part 1: Mint & Token Account
This is the first article in the Token-2022 Security Best Practices series. It discusses potential security vulnerabilities in Mint and Token Accounts…
Sep 19, 2024
•
Offside Labs
1
Stop Spoofing My Wallet!
Demystifying Simulation Spoofing Attacks
Sep 4, 2024
•
Offside Labs
August 2024
Compensation for Composition
In this blog post, we reveal an issue in the Trader Joe v2 Liquidity Book. This flaw lets arbitragers perform swaps without paying fees, allowing them…
Aug 2, 2024
•
Offside Labs
May 2024
One Key Bug in OneKey Mini
Delve into the security vulnerabilities of OneKey Mini hardware wallets. Through detailed analysis and hands-on experimentation, we discovered that…
May 30, 2024
•
Offside Labs
December 2023
Saga of Saga – Part 2: Digging Into Solana's Smartphone Security
Explore the intricate security designs of Solana's Web3 Smartphone, 'Saga', with a deep dive into its unique features like Seed Vault and the challenges…
Dec 16, 2023
•
Offside Labs
From Near Loss to Victory: The $2M Blockchain Rescue
The Affine DeFi crisis averted: Our whitehat team stepped in, preventing a $2M theft and ensuring user funds' safety.
Dec 12, 2023
•
Offside Labs
November 2023
Saga of Saga - Part 1: Unlocking the Debate on True Vulnerabilities
If a victim has to give his password, erase his phone, and hand it over, is it still a vulnerability? Dive into our analysis of the Saga mobile's…
Nov 26, 2023
•
Offside Labs
Unrolling the Scroll: Probing the Security of a Zero-Knowledge Roll-Up
Dive into our quest to uncover vulnerabilities in Scroll's zero-knowledge roll-up, exposing subtle bugs and exploring the security measures within this…
Nov 12, 2023
•
Offside Labs
1
December 2022
Could Wrapped Tokens Like WETH Be (forced) Insolvent?
Uncover the fascinating journey of a budding hacker delving into Interlay's Bitcoin-Polkadot bridge, interBTC, and revealing critical security flaws in…
Dec 21, 2022
•
Offside Labs
July 2022
The Defrauded Fraud Proof of A Bitcoin Bridge
Hanging out in the Immunefi discord leads me to new wonderlands! Last month I was notified of a new bounty program from Interlay, who claimed the…
Jul 31, 2022
•
Offside Labs
June 2022
How to Steal $100M from Flawless Smart Contracts
Embark on an exciting journey as I expose a critical design flaw in Moonbeam's network, safeguarding over $100M and earning a $1M bug bounty reward.
Jun 28, 2022
•
Offside Labs
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts