Move developers: do you know what Move binaries look like on the inside? With the recent popularity of Move-based chains, it’s useful for smart contract auditors to be familiar with the nitty-gritty of the Move binary format and assembly. In our latest blog, we cover the Move binary format, Move assembly, and our tool that makes writing Move assembly easier. Link to blog here: https://lnkd.in/g9EmSMwd
Zellic
Computer and Network Security
Zellic identifies complex vulnerabilities that threaten the future of your blockchain project.
About us
Zellic specializes in securing emerging technologies. Our expertise in both Web3 and Web2 allows us to tackle even the most challenging targets. We are leading experts in cryptography, web security, and reverse engineering. Among others, our clients include Mysten Labs, LayerZero, and StarkWare. We also have a dedicated zero-knowledge cryptography team, and work closely with projects like Scroll, Axiom, and Succinct Labs. Before Zellic, we founded the #1 CTF (competitive hacking) team in the world. We’re also a founding member of the Security Alliance (SEAL) led by samczsun, an industry effort to raise the bar for blockchain security.
- Website
-
https://www.zellic.io/
External link for Zellic
- Industry
- Computer and Network Security
- Company size
- 11-50 employees
- Headquarters
- Everywhere
- Type
- Privately Held
- Founded
- 2020
- Specialties
- Cybersecurity, Vulnerability Research, DeFi, Blockchain, Ethereum, Solana, Cosmos, Zero-Knowledge, Aptos, and Sui
Locations
-
Primary
Everywhere, US
Employees at Zellic
Updates
-
Zellic reposted this
🔒 How secure is Lorenzo? Read our audit from Zellic 👇 https://lnkd.in/gkxMb3qX
lorenzo/audit/Lorenzo Protocol - Zellic Audit Report.pdf at main · Lorenzo-Protocol/lorenzo
github.com
-
What happens when actions intended for fungible assets are done on non-fungible assets? Type confusion isn’t just for C . This month, we examine how a type confusion issue could have led to stolen Uniswap liquidity positions from a dark pool (The issue has since been fixed): https://lnkd.in/gqut33RM
Zellic Security Roundup: June '24
newsletter.zellic.io
-
What would you do if your medical records were leaked, or your confidential financial transactions were exposed? FHE is a branch of cryptography that allows computations to be performed on encrypted data. To the party performing the computation, FHE is like a black box. They only see the encrypted input and output. FHE enables applications like running ML models in the cloud for identifying tumors, without revealing sensitive input data like medical scans to third parties. Another application of FHE is private on-chain data and private smart contracts. However, two recently published papers demonstrate how new key-recovery attacks against FHE can be constructed to break confidentiality by decrypting data if the decryption results are given to the attacker. In our latest blog, we cover these attacks and how they also apply to established libraries like SEAL and OpenFHE: https://lnkd.in/gFkaZj3H
New Key-Recovery Attacks Against FHE | Zellic — Research
zellic.io
-
In this Zellic Security Roundup, we explain how a Cosmos SDK review and POC led to the discovery of a possible scenario of tokens being stuck in contracts and users being unable to withdraw funds (fixed). This is a look at that finding: https://lnkd.in/gyCa8Yy7
Zellic Security Roundup: May '24
newsletter.zellic.io
-
Zellic reposted this
We have been diligently working behind the scenes to maximize the security of our protocol. A big thank you to Zellic for their support in our mission and for completing a technical audit with us this past week. This marks the completion of our second audit, underscoring our commitment to prioritizing security. Audits here: https://lnkd.in/gQ8wekZM
-
-
Zellic is proud to announce the release of SOLP, our internal Solidity analysis library written in Python! The library is fast and easy to use, aimed at both developers and auditors. Read more to find out what SOLP can do and how to use it. https://lnkd.in/dsPCrTxk
SOLP: A Stand-alone Solidity Analysis Library | Zellic — Research
zellic.io
-
How is Groq so fast? In our latest blog, we did a deep dive into Groq’s whitepaper (surprisingly easy to read!) to find out. https://lnkd.in/g6z28Z-K
How is Groq so Fast? An Overview of Groq's TSP Architecture | Zellic — Research
zellic.io
-
Signal has rolled out usernames, meaning users can now use the app while keeping their phone numbers private. This enhanced level of privacy was achieved through the use of Ristretto hashes and zero-knowledge proofs. We wanted to take a deeper look into how these two cryptographic primitives can provide another privacy protection for Signal’s users; fortunately, the source code is open-source, so check out our latest blog to see how it all works. https://lnkd.in/gr4e-arc
Signal's Usernames and Ristretto Hashes | Zellic — Research
zellic.io
-
The April edition of the Zellic Security Roundup is now live! This month we focus on a bug found in our recent security assessment of Beefy Finance, our recent research including a look into two critical issues discovered in certain forks of Gains Network, and the latest news in Web3 security. Subscribe to the Zellic Security Roundup for monthly updates on Zellic's research and writing, top news in Web3 security, and which conferences and events we'll be heading to that month. https://lnkd.in/grhtvEBU
Zellic Security Roundup: April '24
newsletter.zellic.io