top of page
Trust
security
A Realistic Breakdown of Optimism - Part 2
In Part 1 , we've covered a flaw in the Superchain upgrade mechanism that could lead to double withdrawals on L1. Today, we'll take a...
Mar 275 min read
No More Bets - How Ctrl+F led to breaking Polymarket's polling markets
The crafts of security auditing and bounty hunting are deeply interwoven. Very often a novel exploit idea discovered during auditing is...
Feb 255 min read
A Realistic Breakdown of Optimism - Part 1
Over the past year, TrustSec has contributed to the security of OP chain through several initiatives. We began with a private audit of...
Dec 27, 20246 min read
Learning by Breaking - A LayerZero Case Study - Part 3
In part 3, we'll persevere with our DoS efforts and finally pick up a bounty in a LayerZero asset.
Mar 3, 20246 min read
Learning by Breaking - A LayerZero Case Study - Part 2
oday we'll discuss Stargate, the liquidity layer built atop of LayerZero, plus dig into two high-severity DoS we've identified in it.
Mar 1, 20247 min read
Learning by Breaking - A LayerZero Case Study - Part One
We'll look into the anatomy of the LZ architecture, study how it safeguards key security properties, and finally find ways to break it.
Feb 29, 20245 min read
Permission denied - The story of an EIP that sinned
On 24/08 Trust Security disclosed a variety of DOS issues to 30+ projects through Immunefi and private bug bounty programs. In total $50k...
Jan 14, 20244 min read
Breaking Fluidity for glory and $50K
Today we'll review a bug discovered at the end of last year. I'll try to cover it from an educational perspective so that the reader can...
Feb 11, 20237 min read
Taking home a $20K bounty with Oasis platform shutdown vulnerability
Two weeks ago I've found a critical severity vulnerability in the Oasis platform (the team behind MakerDAO). It was confidentially...
Nov 16, 20228 min read
Diving deep into a critical protocol insolvency bug in Fringe.fi lending platform
Today we'll discuss a critical bug I reported to Fringe.Fi bug bounty program on 31/07. In the worst-case scenario, it could make the...
Nov 1, 20225 min read
Critical finding - Stealing tokens from O3 bridge users
Intro O3 is a multi-service DeFi project with bridging solutions that supports 10+ chains. In each chain there are several contracts...
Oct 10, 20225 min read
Tokemak liquidity operator can steal funds
Intro Tokemak operates a liquidity farming strategy. The funds are held by Tokemak manager contract (here). For maintenance operations,...
Oct 10, 20223 min read
MED - Brahma.Fi - Wrong oracle used to calculate min slippage may cause loss of over 80% of rewards
Description Bug Description The harvester's harvest() function exchanges reward tokens to USDC. There is a bug in the following lines: if...
Sep 22, 20221 min read
MED - Brahma-Fi - Curve miscalculations may cause user withdraws to fail
Bug Description To pull funds from trade executors, in order to satisfy user withdrawls, initiateWithdraw() function is used. For Convex...
Sep 22, 20222 min read
CRIT - Brahma.Fi - L2 Position handler miscalculates position value leading to severe risks
Target https://optimistic.etherscan.io/address/0x1b6BF7Ab4163f9a7C1D4eCB36299525048083B5e Description Bug Description In...
Sep 22, 20222 min read
CRIT - Brahma.Fi - Fee collection does not take previous losses into account 🚩
Target https://etherscan.io/address/0x3c4Fe0db16c9b521480c43856ba3196A9fa50E08 Bug Description According to the docs (linked below) and...
Sep 22, 20222 min read
LOW - ANKR - User gets more gas than supposed to when distributing rewards
Target https://bscscan.com/address/0x66BEA595AEFD5a65799a920974b377Ed20071118 Bug Description The distributeRewards() which pays out...
Sep 22, 20221 min read
HIGH - Iron Bank - Collateral cap is not enforced at account initialization
Target https://etherscan.io/address/0x00e5c0774A5F065c285068170b20393925C84BF3 Bug Description One of the core invariants of the...
Sep 22, 20222 min read
HIGH - Iron Bank - Liquidator is not credited with correct collateral amount
Target https://etherscan.io/address/0x7e8844ea4c211a69ad9308ba0b6cdb3ea0bb2b05 Bug Description In seizeInternal(),...
Sep 22, 20221 min read
HIGH - ANKR/Stader - Reward distribution is vulnerable to MEV leading to theft of reward 🚩
ANKR and Stader for BNB are both liquid staking solutions for BSC. They are both vulnerable to the expoit detailed below. They have...
Sep 22, 20222 min read
bottom of page