January 17, 2023
★Featured★
The Secret sec3 Master Plan
The Secret sec3 Master Plan is a four-step plan to make sec3 a decentralized end-to-end security solution provider for DApps in the growing Web3 economy. The plan includes building strong point solutions such as Launch Audits and WatchTower, expanding and building a full suite of solutions to cover the full DApp lifecycle, adding token economics to benefit from decentralization and community creativity, and leveraging sec3's reliable solutions to offer risk-based insurance solutions.
January 9, 2023
★Featured★
How Do Cross-Chain Bridges Work? A Case on Wormhole (Part 1)
In this article series, we will elaborate on the internals of cross-chain bridges, how they are implemented and what their caveats are from the user’s perspective. We will use a state-of-the-art bridge Wormhole as an example.
December 23, 2022
★Featured★
sec3 Ranked First in the Aptos CTF MOVEment 2022
We're very excited to announce that our team scored first place in the Aptos Capture The Flag competition MOVEment with Aptos Dec 2022. We got two first-bloods and two second-bloods in the four challenges except for the sanity check, ranking first in the end.
October 13, 2022
★Featured★
How to Analyze an Attack? A Case Study on the Mango Markets Exploit
In this article series, we will conduct in-depth post-hack investigations on a few representative attacks on on-chain protocols and share the techniques and tools used by the sec3 core team to understand the attacks.
September 23, 2022
★Featured★
Security of Solana Smart Contracts: Two Caveats of the SPL Associated Token Account
The SPL Associated Token Program is used frequently in Solana smart contracts. We reviewed its technical details in a prior article. In this article, we focus on two important caveats of using associating token accounts as learned by the Sec3 core team.
September 6, 2022
★Featured★
A Review of Recent Hacks on Solana: What Is in Common and How to Prevent Them?
Solana ecosystem has seen super rapid growth while witnessing multiple hacks (involving Wormhole, CashioApp, CremaFinance, Nirvana, and Slope Wallet), which collectively caused close to $400 million losses. In this article, we review the essence of these hacks and aim to find effective solutions to prevent such attacks in the future.