Threshold Network's L2WormholeGateway contract contained a critical vulnerability allowing attackers to mint unlimited canonical L2 tBTC by exploiting the depositWormholeTbtc function through reentrancy via a malicious ERC20 token's transfer callback. The vulnerability was discovered via Immunefi bug bounty, patched by removing the vulnerable function and adding reentrancy protection, with no funds lost.
Verichains discovered a critical proof forgery vulnerability in Polygon zkEVM's zkProver component stemming from field incompatibilities between STARK (F_p^3) and SNARK (F_q) operations, combined with improper constraints in Merkle root computation and arithmetic gates, allowing generation of counterfeit proofs that could manipulate network state. The vulnerability was patched in December 2023 through constraint additions and operational segregation in the pil-stark library.
A collection of blockchain security research and bug reports covering vulnerabilities in Oasys L2 blockchain, Eco's lockup contracts, and hybrid NFT attacks on Ocean Protocol. Multiple issues were identified and reported through Immunefi's bug bounty program.
A collection of security research articles covering vulnerabilities in blockchain projects including Oasys (a gaming-focused Ethereum L2), Eco's lockup contracts, and Ocean Protocol's hybrid NFT implementation where on-chain data modifications can be exploited. Multiple bugs are documented with disclosure timelines and remediation details.
A critical censorship vulnerability was discovered in Optimism's sequencer where the chain ID was not validated before rate limiting, allowing attackers to replay transactions from other chains to indefinitely censor 1.3 million accounts by triggering rate limits. The bug affected major protocols including LayerZero, Aave, Uniswap, and Optimism's own multisig owners, enabling selective account censorship with strategic timing control.
A security researcher disclosed critical vulnerabilities in Moonbeam and Aurora EVM-based networks, protecting over $100M in DeFi assets and earning $1M+ in bug bounties through the discovery of delegatecall misuse and design flaws in layer-2 solutions. The article also discusses potential insolvency risks in wrapped token protocols like WETH.
A security researcher (pwning.eth) disclosed critical smart contract vulnerabilities in blockchain protocols, earning substantial bug bounties including $1M from Moonbeam for discovering a delegatecall design flaw protecting $100M+ in DeFi assets, and $6M for an Aurora Engine vulnerability that could have resulted in 70,000 ETH being stolen.
A security researcher disclosed critical vulnerabilities in Moonbeam and Aurora Engine smart contracts, earning record bug bounties ($1M from Moonbeam, $6M from Aurora) by identifying delegatecall misuse and design flaws that put over $100M in DeFi assets at risk.