Decurity (@DecurityHQ) / X

Decurity

345 posts

Decurity

@DecurityHQ

DeFi Security | Tier-1 Security Audit Firm | Top-2 in @Paradigm and @OpenZeppelin CTF | Public audits: github.com/Decurity/audits

Joined October 2011

Decurity
@DecurityHQ
Mar 30, 2025
Synthetics Implemented Right @leveragesir has been hacked for $355k This is a clever attack. In the vulnerable contract Vault (etherscan.io/address/0xb91a…) there is a uniswapV3SwapCallback function that uses transient storage to verify the caller. Specifically, it loads an address
39K
Decurity
@DecurityHQ
Mar 7, 2025
Here's our detailed postmortem of a recent incident involving @1inch and @trustedvolumes:
Yul Calldata Corruption — 1inch Postmortem
From blog.decurity.io
30K
Decurity
@DecurityHQ
Jul 18, 2023
This is a story about how we found a critical vulnerability in @dxsale, helped rescuing more than $5 million, and got offered a $500 bounty.
Dx Protocol Vulnerability Disclosure: Mitigation of a $5,200,000 Smart Contract Exploit
From blog.decurity.io
29K
Decurity
@DecurityHQ
Mar 21, 2025
Releasing our new IDA Pro plugin for analyzing Solana's eBPF programs developed by @dewardgnome. Check out the blog post:
Reversing Solana programs with IDA
From blog.decurity.io
9K
Decurity
@DecurityHQ
Apr 17, 2025
We analyzed the smart contract hacks from 2020 to 2025 to answer the question: how fast the vulnerable smart contracts get exploited after the deployment? Read the research: time-to-hack.decurity.io
9.7K
Decurity
@DecurityHQ
Jul 16, 2024
Li.Fi bridge was exploited for ~8M USD. The root cause is a possibility of an arbitrary call with user controlled data via `depositToGasZipERC20()` in GasZipFacet which was deployed 5 days ago! One of hack txs: defimon.xyz/attack/mainnet…
19K
Decurity
@DecurityHQ
Jul 30, 2023
pETH belonging to @JPEGd_69 has just been exploited for 11 million USD with a Curve read only reentrancy. An attacker was frontrunned by a MEV-bot: etherscan.io/tx/0xa84aa065c… A screenshot from our monitoring system:
46K
Decurity
@DecurityHQ
Apr 16, 2024
🔬New tool for onchain bug hunters: github.com/Decurity/tx-co… tx-coverage allows to reveal unused code of live smart contracts by collecting coverage from historical transactions. With it you can discover code that was never executed onchain and may contain potential bugs.
5.7K
Decurity
@DecurityHQ
Aug 2, 2023
c0ffeebabe.eth executed a front-run hack for 1.9k $ on pbtc-sbtc-f Curve pool compiled with vulnerable Vyper 0.2.15: etherscan.io/tx/0xe928d5de5… This time a reentrancy was possible due to a ERC-777 callback in sBTC instead of a fallback on eth transfer.
44K
Decurity
@DecurityHQ
Mar 28, 2024
. @PrismaFi hacked for 8 million USD defimon.xyz/attack/mainnet…
19K
Decurity
@DecurityHQ
Dec 3, 2024
Defimon.xyz alerts are now public! Join t.me/defimon_alerts to learn about DeFi incidents in real-time. For bug bounty hunters we indexed all smart contracts from @immunefi to notify about: ~ Proxy Upgrades ~ Access Control Changes ~ Governance Activity and more
Defimon - Real-Time DeFi Security Monitoring
From defimon.xyz
11K
Decurity
@DecurityHQ
May 20, 2023
Looks like Tornado Governance got eventually exploited:
Spreek
@spreekaway
May 18, 2023
Possible governance attack (?) underway at TORN. Someone creating hundreds of contracts atomically and then passing zero TORN transfers through before transferring on to gov vault, very weird activity.
Ethereum Transaction Hash: 0x65fa5b475f... | Etherscan
From etherscan.io
17K
Decurity
@DecurityHQ
Nov 1, 2023
Looks like @OnyxProtocol has been exploited for $2 million! defimon.xyz/attack/mainnet…
15K
Decurity
@DecurityHQ
Mar 20, 2023
Our audit reports for the @1inch Fusion contracts are out now! During development and testing, the 1inch contributors' team has resolved the following issues reported by us: ✅ 3 high severity bugs ✅ 1 medium severity bug ✅ 7 low ✅ 16 info Check it out: github.com/Decurity/audit…
32K