Dedge Security

Dedge is joining @areta_io's Ethereum Security Subsidy Program, alongside @cyfrin, @NethermindSec, and @OlympixSecurity. Some context on why this matters right now. We tracked 97 confirmed incidents and $802M+ in losses between January and May 2026. The recovery rate was 3.62%. Drift. Resolv. Rhea Lend. The pattern across every major incident was the same. A failure in what happened after deployment. Config drift, operational compromise, governance manipulation. None of it is visible to a one-time review. Through this program, Ethereum builders can now access Dedge's continuous security monitoring as part of their security package, from day one of deployment. An audit tells you where you stood. Dedge tells you where you stand. Apply here: ethereum.areta.market @ethereumfndn @chainlink

Every signal in this attack was on-chain before execution day. Durable nonce accounts tied to governance signer addresses. A zero-timelock migration that replaced four of five signers. A fabricated asset seeded three weeks in advance. Full forensic breakdown: dedgesecurity.com/blog/beyond-th…

@trmlabs, @elliptic, and @chainalysis all attribute this independently to UNC4736. DPRK-linked. The same cluster behind Radiant Capital in 2024. $285M. Largest DeFi loss of 2026.

Post: "Beyond the Audit Perimeter: How Drift Protocol Lost $285M Without a Single Code Bug" $285M. Solana. April 1, 2026. Root cause: governance misconfiguration across three surfaces. Neither audit was scoped to assess any of them.

Drift had a Security Council. It still lost $285 million. Resolv had clean audits. It still got drained through a rebalancing window nobody was watching. The basics matter. But the basics alone aren't the answer either because attackers spent six months inside Drift's operational perimeter before anyone noticed. Technically speaking, the Security Council didn't fail. Audits check the code. Nobody checks the posture. Not at deployment. Not six months later when the pre-signed transactions execute. The solution is continuous security posture management by watching the configuration, the permissions, the parameter changes, and the operational hygiene of the team, every single day. That's what's missing.

H1 2026: • 65 protocols. • 802M lost. • <1% recovered. Audits weren't enough. They weren't scoped to be. Today at 12 UTC, our CEO, Rubèn Jimènez Garcia, joins @rwaweek's Space on real-time token flow security with @rwa_io, @wsource4, hosted by @pauli_speaks. Join us at: linkedin.com/video/event/ur… Bring your hard questions. The format is open.

Good thread. This is why Security Posture Management isn't optional anymore. Audits tell you your contracts were safe when they were reviewed. A few additions from an SPM lens: 1) Dependencies aren’t static, neither is your risk. If your security assumptions depend on external systems (bridges, oracles, DVNs, governance layers), then every config change they make is your risk surface. You don’t just “review” dependencies, but also continuously monitor them. 2) You are someone else’s attack surface. If downstream protocols need to monitor your multisigs and EOAs to stay safe, that’s not paranoia, that’s correct behavior. Security in DeFi is transitive. 3) Detection order needs to invert. Right now it’s: attackers → external researchers → internal teams That’s a losing model. Instead, the industry need: internal monitoring → automated alerts → external validation If the first signal comes from Twitter, it’s already too late. Monitor your privileged keys, multisigs, upgrade rights, and deps 24/7.

On 22 March 2026, an attacker deposited $200,000 in USDC into Resolv's USR Counter contract and minted 80 million USR. The contract was executed as written. We reviewed the architecture. Three findings. Resolv had 18 audits. Point-in-time code review does not cover cloud infrastructure configuration. It does not evaluate incident response design. It does not check whether a pause function has a documented trigger threshold. These are not audit findings, but rather posture findings. If you are responsible for stablecoin, tokenisation, or privileged off-chain minting exposure: read it. Full technical breakdown of smart contract layer, infrastructure layer, and compliance layer linked below.

Audits answer a specific question: was this code safe on this date? That is a useful question but also a narrow one. Security is a stack, not a one-time audit; you need: • Audit, • Scans, • Monitoring, • Bug bounty, • Key rotation, • Scope role, etc. It's about adopting a certain posture to minimise risk as much as possible, on all attackable surfaces. You can have the best auditors in the world, but if everyone in your company has access to the private key of the owner account in your smart contract, it will be the weak point, looking to get attacked. To build the finance of tomorrow on-chain, you need to be secure everywhere. Case in point: Resolv had 18 answers to that question. The exploit had nothing to do with the contract. A compromised AWS KMS credential gave an attacker signing authority over the minting function. The code executed exactly as designed. The security posture failed at a layer that no audit firm was ever asked to review. It's about securing the entire stack evenly.

Proud to announce Dedge has joined @INATBA_org! "Regulatory frameworks are evolving. The focus is shifting towards translating governance into resilient technical infrastructure" — Rubén Jiménez García, CEO @DedgeSecurity Our security posture management (SPM) layer embeds security controls & governance risk into the core architecture Compliance state for digital assets is evolving. Infrastructure must follow.

Security isn't a feature. It's the foundation. Proud to be part of how @WhataLab is building enterprise Web3 infrastructure on @Hedera. Our "Security Posture Management (SPM)" platform running across the entire Hedera infrastructure stack > Continuous security analysis > Code-to-chain visibility > Risk prioritisation This is what it looks like to build it right.

Dedge has joined @CantonFdn ecosystem! As Canton Network becomes critical infrastructure for digital asset landscape, the attack surface scales with it. Visibility doesn't come automatically. Neither does control. As a member, we're bringing "Continuous security posture" to DAML-based projects. One step at a time.🫡

@stbl_official Anticipation builds...👀

Money-as-a-Service, unlocking soon.

@SentoraHQ Interesting insight! Security is fragmented in web3 and unfortunately a last-minute thought leaving gaps even after a proper manual audit but it's not enough.

@Securitize Powerful partnership!

We’re partnering with STBL, Hamilton Lane, and OKX Ventures to support the launch of an RWA-backed stablecoin on X Layer. We’re bringing together institutional private credit, regulated tokenization, and programmable settlement to support the next generation of onchain financial infrastructure.

Hi Spain’s DLT ecosystem! 🇪🇸 Excited to support @REDISBE's strategic initiative in advancing compliant, sovereign blockchain adoption (aligned with Europe and EBSI) We’re here to help ensure it scales securely :)