This story describes a cool hack, for over $300K (even nearly $600K, if done at the right time). It is a white-hat hack. We performed it off-chain, demonstrated to Dinngo, the authors of the vulnerable service, and they reproduced it and applied it to rescue the funds of exposed accounts, securing them.
“Look ma’, no source!” Hacking a DeFi Service with No Source Code Available
A Six-Year-Old Solc Mystery
In mid-October, we received a request to work on a project unlike any we've had before.
Harvest Finance Vulnerability, $200K Bounty
We disclosed a critical vulnerability to Harvest Finance, through Immunefi. The vulnerability concerns a proxy pattern and was discovered via an interesting automated analysis.
Symbolic Value-Flow Static Analysis of Ethereum Smart Contracts
A technical paper describing our most recent analysis technology, responsible for 7 major vulnerabilities detected in-the-wild.