Blog

It is one of the most common attack vectors in DeFi, so both auditors and protocols need to learn what it is and how to deal with it, so get your notepads out and dive into our thread.

DAO is Decentralised Autonomous Organisation. Essentially, it’s a set of smart contracts the determine how its participants/members make decisions. Let’s look at a small graph to easier understand it.

Merkle tree is a generalisation of a hash list or a hash chain. It has “leaf” nodes, each of them have a cryptographic hash of a data black they’re accossiated with. Every node that is not a “leaf” (they’re called branch or inner node) is labelled with the cryptographic hash of its child node’s hash. Merkle tree (or hash tree) allows more secure and efficient verification of large data structures. It was created in 1979 by Ralph Merkle (hence, Merkle tree).

MEV is the abbreviation of Miner or Maximum Extractable Value. Miners/validators can order, prioritize and censor transactions in blocks, moreover, they can insert their transactions. Therefore, they always seek opportunities to manipulate transactions and gain additional value besides the fees for creating blocks.

In simple terms, an inflation attack is a malicious attacker front-running the vault’s first depositor, manipulating solidity’s rounding down and taking all the shares. But let’s start from the basics.

Blockchain technology has revolutionized various industries by offering decentralized and transparent solutions. However, the security of blockchain systems heavily relies on the integrity of smart contracts. In this article, we delve into three of the most common smart contract vulnerabilities, shedding light on their impact and mitigation strategies to bolster blockchain security.

‍Understanding ZK-Rollups‍A ZK-rollup is an advanced layer 2 scaling solution designed to expedite transaction processing by shifting the workload off the main blockchain (off- chain), while still anchoring transaction data on the layer 1 blockchain (on-chain). It leverages ZK-proofs to authenticate transactions as legitimate without disclosing any sensitive information.

But what problem does ERC404 solve? The main goal is to make NFTs liquid to be traded and used as collateral or liquidity for DeFi protocols. Moreover, they present a concept of fractionalized ownership, when several users may have a part of one NFT, making previously inaccessible tokens to be attained by a larger number of users.

Understanding how storage works in the realm of Ethereum is crucial for two reasons - smart contract optimization and ensuring its security. This blog post dives into these essentials of Solidity storage management. To do so, weʼll cover everything from storage types to cost optimization and security considerations.

What is a Smart Contract? Are smart contracts secure? How Are Smart Contracts secured?

This article explores the various benefits EIP-4337 (Account Abstraction) introduces to Ethereum, together with security considerations to be taken care of while using it.

In 2023, Shieldify took its inaugural steps in pioneering Web3 Security. We established the first Bulgarian-based company specialising in Solidity based Smart Contract Auditing. This bold move signaled our commitment to redefine industry standards, bridging the gap between tradition and innovation. Within just six months we became multilinugal, adding Rust, Cairo (Starknet), and Go to our portfolio. These additions allow us stay ahead of the curve and helped us secure more than 45,000 lines of code spanning over 16 projects. Enabling collaborative efforts with our clients to whom we became tech partners. Read along for more information and shared achievements.