ทวีตที่ปักหมุด
We audit code.
But we also audit culture.
Because high TVL without internal security practices
is just a slower kind of vulnerability.
English
Jan Philipp Fritsche
1.1K posts
Jan Philipp Fritsche
@JphFritsche
Managing Director of @SecurityOak | Macro-Finance (PhD) | Regulation | Crypto | before @ecb, @DIW_Berlin
Berlin, Deutschland เข้าร่วม Nisan 2017
603 กำลังติดตาม416 ผู้ติดตาม
If you want to learn more about privacy & security, also listen to:
x.com/SecurityOak/st…
Oak Security@SecurityOak
Assume exploits will happen. Design so they don’t matter. On Cyphertalk (Ep. 1: Security & Privacy in 2026), @pumpkinGMI and @beyer_st discuss zero trust architecture and why real security isn’t paranoia, it’s limiting impact when humans make mistakes.
English
Institutional privacy will be the big narrative in 2026
Listen in:
open.spotify.com/episode/4zZemx…
English
@bermudabayzk and @CantonNetwork are at opposite ends of a spectrum.
Canton is a new ecosystem. Bermuda provides invisible enterprise-grade privacy on the EVM.
@jon_helgi @monerium and I dug into what institutions actually need from privacy on our podcast.
We also discussed @aztecnetwork, the privacy OG chain, @fhenix, the FHE heroes, and @SecretNetwork, the private AI maximalists.
English
Jan Philipp Fritsche รีทวีตแล้ว
Excited for our joint event with @bermudabayzk at Devconnect! Crazy, timely lineup and the highest-caliber partners.
feat. @jbaylina, @safe, @web3privacy, @winprivacy, @ziskvm, @rakymnft & @PG_CDG!
Security and privacy are symbiotic; they're worthless without each other.
English
If you want “best in class” Web3 security, start early:
Write the spec.
Define the threat model.
Document roles and invariants.
Do a real internal review.
Test and fuzz until you’re tired of it.
Then bring in auditors.
That’s how you get maximum value from every audit hour.
English
At @SecurityOak we’ve always emphasized redundancy.
We often encourage teams to work with multiple auditors.
Different eyes. Different threat models. Different blind spots.
You can even involve auditors at the design phase
to review a core component and raise the security awareness of your team.
English
Balancer 100M Hack should be a wake-up call.
Here’s what the protocols with the best Web3 security do right.
English
@pstanislaus @BaanxGroup @Consensys @StellarOrg @syndicateio @Web3foundation @_gnoland @MANTRA_Chain <3 <3 <3 Lovely
English
opportunity to thank the hundreds of teams who trust us. Over the last months, this list includes:
- @BaanxGroup & @Consensys (for MetaMask Card’s Solana support)
- @StellarOrg
- @syndicateio
- @Web3foundation & Polkadot Assurance Legion (PAL)
- @_gnoland
- @MANTRA_Chain
English
We’ve had the privilege to work with some of the most incredible teams building the future of Web3 as one of the OG security auditing firms.
Today we offer end-to-end Web3 Security and have unveiled a new look to highlight our expanded services.
I want to take this...
English
Look at this list! If you want to celebrate with us, come to our event in Buenos Aires. luma.com/f89mul0v
Philip Stanislaus@pstanislaus
We’ve had the privilege to work with some of the most incredible teams building the future of Web3 as one of the OG security auditing firms. Today we offer end-to-end Web3 Security and have unveiled a new look to highlight our expanded services. I want to take this...
English
The reaction to the @Balancer hack is wrong.
Rather than asking "Were they audited, and who audited them?" we should be asking.
What was their security strategy? How can we prevent hacks like this?
English
