Automatic security vulnerability scanning
24 x 7 runtime security monitoring
Comprehensive security and risk assessment
Open-source package manager for smart contracts.
Fast, effective and affordable auditing
Consulting for secure Web3 development
2024-11-13
On Nov 1, 2023, our MetaScout [detected](https://x.com/MetaTrustAlert/status/1719660132240691257?s=20) that the lending protocol, @OnyxProtocol on Ethereum, was under a flash loan attack with a loss of $2.1M. The root causes are the proposal of adding a new market that was first executed by the hacker, and the precision loss issue of the compound-fork protocol. Here is a detailed exploit analysis by MetaTrust Labs to uncover how this all happened.
The owner of $TIP is an EOA address holding 65% of tokens, here are some centralization risks you should care.
Earning.Farm fell victim to smart contract logic vulnerability, suffering loss of approximately 288 ETH.
The reentrancy attack on Curve Finance serves as a regrettable security incident and a thought-provoking lesson.
The current owner of $WLD is a 1/1 multisig contract with only one owner
In this analysis, we will examine one of the core contracts of iZiFinance and identify a simple way to reduce gas consumption by eliminating a redundant expression.
Attacker exploited a vulnerability in the Biswap V3Migrator contract on BSC and stole about $144,000 worth of tokens
We've checked Onchain Trade's smart contract and found out there are potential vulnerabilities and centralization risks on token staking, rewarding and trading.
$UN on BSC was attacked by the flash loan with a loss of $26,000
We evaluate and compare seven free or open-source Static Application Security Testing (SAST) tools for Java. The post highlights the importance of SAST tools in detecting security vulnerabilities in software development and provides insights into improving the detection capabilities of these tools.
Blogs