theredguild

Our own @tinchoabbate and @mattaereal have been selected for the first batch of top Ethereum Security Researchers. After working for more than three years together, fully dedicated to public goods - even when there is no runway (like now) - this type of recognition is motivating

Thinking about stealing this disclaimer from @theredguild's blog

Hard to disagree with @mattaereal; public/open goods are undervalued, leading to builder burnout as written in latest @theredguild article Imagine incident response without @_SEAL_Org, static analysis without slither from @trailofbits, or learning security basics without @PatrickAlphaC videos. When @drdr_zz and I were creating SCSVS, many people were eager to use it, treating it as a checklist or reference. Many things were created on top of it. However, few people actively contributed. This is partly due to the lack of desire to build someone's brand (which is understandable), but it is not the only reason, as we see in many joint and non-branded initiatives that also have similar struggles. Without the support of sponsors or super high motivation, it's difficult to actively develop such projects. With the New Year slowly approaching, why not make a change? One project that deserves way more attention is Security Frameworks. It offers quick, actionable insights across a massive range of security topics. The sad part? When I send it to clients, most are hearing about it for the first time. Reply below with an underrated initiative, project, or tool that you think needs more eyes on it. 👇

@saxenism @luksgrin speak with @mattaereal and port its contents into @SEAL's Security Frameworks!

@luksgrin @theredguild Thanks a lot for the recommendation.

Building the TEE Security Handbook has been one of the most rewarding things I've done. However, as I move this project along, I'm realising just how difficult it is to bankroll an open-source public good. To keep the handbook high-quality, accurate, and expanding, I need to bring in more research engineers. That means paying people fairly, giving them time, and making sure the project doesn't bottleneck on me. This handbook will always be a non-profit, public good. But even non-profits need sustainability. Open-source funding has always been a tricky problem… so I’m opening this up to my frens: If you have experience with grants, ecosystem sponsorships, or sustainable models for public goods, I’d love to hear your thoughts. I really want this handbook to become a long-term asset for the entire TEE ecosystem and not something that dies because the contributors couldn't be funded properly. Any advice is appreciated. The TEE Security Handbook is in the quoted tweet. Thank you :)

EIP-7702 is an auditor's minefield💀 "Sticky Storage" means dirty slots persist on your EOA between delegates, potentially bricking wallets. Plus massive init front-running risks. Mandatory watch from @theredguild: youtube.com/watch?v=ZFN2bY…

For years, the public has known @WEDF_foundation mainly through our research, policy work, and the World Ethical Data Forum — our paywall free, open, privacy-advancing meeting ground for those who build, study, govern, and live inside digital systems. What’s been less visible is the work we’ve done quietly at the intersection of digital rights, networked infrastructure, and security. Much of that has involved pro bono defence for NGOs, human-rights organisations, and civil-society groups facing surveillance, censorship, infrastructure compromise, and targeted attack. We spoke little about this because the work demanded discretion. That background is why, during @EFDevcon in Buenos Aires, @_jdmarshall was invited by @ethereumfndn to join security engineers from across Ethereum — @TheRedGuild, @mattaereal, @samczsun, @fredrik0x, @_SEAL_Org, @0xRajeev and others — at @TheTrustX by @TheSecureum to examine Ethereum's security posture and the responsibilities that come with its maturation into critical open digital infrastructure. Matta’s excellent recap of the 1TS technical working groups captures the day's substance — and explores not only the outcomes but also the many paradoxes and challenges involved in the defence of public goods. And in defence *as* a public good. For anyone interested in @ethereum's future, its security assumptions, public-goods coordination, or the broader landscape of freedoms-tech, this is essential reading from one of Ethereum’s hardest-working whitehats: blog.theredguild.org/off-chain-laye… As 2026 approaches, we’ll be sharing more about the public-goods work we’ve been doing off-radar. This feels like the right place to begin.

New article just dropped, part of our passing by many, many events, primarily focused on our awareness campaign around @EFDevcon. Featuring EthCon, DSS, Aleph, 1TS, Convergence, and more! Come by, and see what we were up to! blog.theredguild.org/against-all-od…

@PatrickAlphaC 🪷

If you have a @theredguild pin, shirt, or other apparel, that is a signal that you’re legit af

Nothing to see here, just @mattaereal from @theredguild doing the Lord's work, helping out a friend with opsec in the middle of a party at @crecimientoar.

Straight up THE best merch I recieved in @EFDevcon. gg @theredguild and @_SEAL_Org 🫶🏻

I've mentioned so many times about the speed at which we operate, but seeing a team that I deeply respect acknowledge it makes me insanely proud

Amidst chaos, we almost forgot to announce that we have launched Phishing Dojo's public beta! Find more information directly on the platform. More stable, new challenges, new trainings! blog.theredguild.org/the-phishing-d…

@mattaereal @tinchoabbate 🥵

Commitment means not having funding for the past 40 days, yet still working at 3 am, doing my best to change people's lives through our awareness and education initiatives. I am confident people will notice all the effort and love that @tinchoabbate and I have dedicated to this.

@outlierventures @omw_to_the_moon @aztecnetwork @federico_ades @PicanteStartups @HannaSchiuma @lucero_ventures @123gonzalo @awscloud Proud to announce the Jury. They are: @nicozylberberg from @lucero_ventures @0xnico_ from @UniswapFND Juan Giner from @AlayaCapital @mattaereal from @theredguild

Later, @tinchoabbate & @mattaereal will present "101 Ways to Get Rekt, and How to Avoid Them".

the @ekoparty went by, and we did an appearance there! here's an article about all our shenanigans, and how we collaborated with @webtresclub, to create a new blockchain security village blog.theredguild.org/our-presence-a… and yeah, we introduce our links in the first post like maniacs

@summit_defi @tinchoabbate @mattaereal 🫡

Before DSS kicks off in Buenos Aires, we’re spending a full day digging into the basics. DeFi Security 101: a one-day technical course for builders who want to really understand web3 security. With speakers from @0xPolygon, @certora, @theredguild, @ethereumfndn, @opsek_io, @getreconxyz and more. Get to know the details 🧵👇 luma.com/8kje8uh3

@BuzhalaXen18472 @alcuadrado 🫡

@theredguild @alcuadrado Great collab! Keep it secure.

Most articles on the npm worm did not provide tangible practices or a clear course of action for preventing future attacks. We know because we studied more than 20 articles on the subject 😮‍💨 Here's our take on what to do, a collab with @alcuadrado 🫡 blog.theredguild.org/how-to-npm-and…

Que lindo cuando hay ganas de ensuciarse las manos y aprender cosas nuevas! ¡Ethereum Essentials Vol.1 fue un éxito! @EFDevcon @theredguild