AllyPry

Glad that our Spoq2 work on system verification received an Honorable Mention for Best Paper at ASPLOS'26! @CertiK @ColumbiaCompSci

My PhD student Ganxiang Yang present our Spoq2 work at ASPLOS. We will soon release how Spoq2 can be used for smart contract verification. @CertiK

Where do the biggest security risks emerge for crypto exchanges and custody platforms? They sit at the intersection of Web2 infrastructure and Web3 asset flows, securing accounts, private keys, trading systems, and digital assets. 🧵👇

One more thing, static iteration or dynamic iteration? This weekend, I’ll open-source txanalyzer.xyz, so you’ll be able to see the effects of static iteration and the complexity of the skills involved. Static iteration requires a large amount of preparatory evolution work, but its runtime cost is lower and it runs faster. Dynamic iteration, on the other hand, requires a lot of runtime work with less preparation. It can avoid many issues associated with static iteration, such as prompt explosion and context explosion, but its runtime cost is higher and it’s slower.

Another excellent article on AI auditing smart contracts from @xy9301.

@Raph_Bloch Ofc we know the details…🤨

Resolv just suffered an exploit. We don’t yet know all the details - but we will need to (Good luck to the team). In the meantime, this new exploit highlights, once again, some core structural weaknesses in DeFi: 1/ No real safety net. When something breaks, users take the hit. 2/ Emergency response is still human-dependent. If the right people aren’t awake, the system doesn’t react. 3/ Risk is abstracted away from users. They see "yield" - not the underlying exposure. When it breaks, the disconnect is brutal. To be clear: DeFi brings massive advantages - transparency, composability, accessibility, yield. That’s why we’re all here. But the reality is: the space is still very far from the safety and operational standards of TradFi. The protocols that will win are the ones combining both: DeFi rails + bank-grade risk management, security, and operational rigor. That’s the real endgame.

#CertiKInsight 🚨 @ResolvLabs just got exploited. An attacker minted 80M USR using just 300K USDC by exploiting a smart contract vulnerability. skylens.certik.com/tx/eth/0xfe37f… skylens.certik.com/tx/eth/0x7f914… skylens.certik.com/tx/eth/0x41b6b…

#CertiKInsight 🚨 Google Threat Intelligence has exposed "DarkSword", a full-chain iOS exploit using 6 vulnerabilities to silently compromise iPhones. Your seed phrases and wallet credentials are a target. 🧵 Here's what you need to know 👇

#CertiKInsight 🚨 On 10 March, Movie Token (MT) was exploited, resulting in a loss of ~$242K. To learn more about what happened, read our full analysis here 👇 certik.com/blog/movie-tok…

As digital finance evolves, protecting users and strengthening trust remain essential. We’re honored to support conversations at the @UNODC Global Fraud Summit on fraud prevention, security, and the future of safer financial systems.

It is an honor for @CertiK to work with the United Nations and Interpol to fight against fraud.

@ProfJonesMusic @lopp @Crypto_guy1 You can check our framework here bro: github.com/jlopp/physical…

@lopp @Crypto_guy1 Any tips on how to mitigate this (blog posts, videos, etc)?

In 2025, 27% of bitcoin wrench attacks were in France. Thus far in 2026, 70% are in France. It's accelerating.

@SaniExp @lopp @ronin21btc You can have a look here cryptocrime-dashboard.vercel.app and here mate github.com/jlopp/physical…

@lopp @ronin21btc How many counts so far this year ?

@LeBunkerBtc @francispouliot_ I build that you should have a look cryptocrime-dashboard.vercel.app

In 2025, 27 % des kidnappings crypto dans le monde ont eu lieu en France. Pour l’instant, en 2026, c’est 70 %. L'hexagone représente 0,8 % de la population mondiale. La France est devenue un narco État tenu par des fonctionnaires véreux à la solde du crime organisé.

Looking forward to seeing you in our meet-up in Yonsei University, Seoul next week! RSVP: luma.com/q8l51ots

Digital finance is evolving fast, but one thing hasn't changed: without security, there is no trust, and without trust, the system cannot hold. Honored to see @CertiK join the @UNODC Global Fraud Summit to help dismantle the networks undermining our financial ecosystem. Securing Web3 is about more than code; it’s about protecting people. unodc.org/unodc/en/organ…

@pashov Learn personal OpSec. Protect your data. Avoid France and stay safe.

At least 7 "wrench attacks" since the start of the month, 5 of which in France. A "$5 wrench attack" shows that your crypto can often be stolen by bad people with malicious intent and just $5 "weapon" like a wrench. Learn personal OpSec. Protect your data and stay safe.

Great discussion at DC Blockchain Summit 2026 on the “Running Critical Crypto Infrastructure Under Pressure” panel. Our CBO Jason Jiang joined industry leaders to share insights on security, compliance, and building resilient infrastructure as institutional adoption accelerates.