Signature Replay in Account Abstraction Wallets
Nonce architecture, domain separation, and policy-gate controls for replay resilience in AA environments.
Security Research
Security Research
A curated set of practical security deep dives for Web3 teams. Read in order or jump directly to the risk area you are working on.
Series
Wallet Security
Recommended First Read
A practical overview of wallet risk taxonomy and the Prevent → Detect → Respond model used across the rest of these articles.
Read article →Core Security Series
Token Approval Exploit Prevention in Web3 Wallets
Allowance risk model, detection rules, and revoke workflows for approval-driven drain scenarios.
Session Keys & Delegation Security in Web3 Wallets
Scoped capabilities, TTL boundaries, revocation architecture, and delegated execution telemetry.
Wallet Drain Playbook
Practical incident-response sequence for containment, investigation, and recovery under pressure.
Allowance Revoke Workflow for Web3 Wallet Security
A practical revoke playbook to prioritize risky approvals and execute safe revocation lanes.
Permit2 Phishing Defense: Signature Safety for Web3 Wallet Teams
Practical controls to reduce Permit2 phishing risk with policy gating, telemetry, and rapid response workflows.
WalletConnect Session Hijacking Defense: Controls for Web3 Teams
How to harden pairing, session scope, and revocation controls to reduce WalletConnect session abuse.
Upgrade Admin Key Compromise Prevention for Smart Contracts
How to reduce catastrophic governance risk with independent signer models, timelocks, and response playbooks.
Multisig Signer OpSec for Web3 Teams
A practical operations model for signer hardening, deterministic transaction review, and rapid containment.
Oracle Manipulation Defense for DeFi Protocols
A practical operations playbook for confidence scoring, bounded execution, and oracle incident recovery.
DeFi Frontend Supply Chain Security
A practical defense playbook to secure source-to-CDN delivery paths before malicious wallet prompts reach users.
MEV Sandwich Attack Defense
Operational controls for reducing sandwich attack harm with slippage governance, route policy, and rapid incident containment.
Cross-Chain Message Validation Security
An operations-focused defense model for bridge message verification, delay-queue controls, replay resilience, and incident containment.
Smart Contract Emergency Pause Design
A practical model for pause authority, trigger policy, scoped containment, and governance-safe recovery in live incidents.
Governance Timelock Bypass Defense
A practical model to prevent hidden upgrade paths with segmented change lanes, queue integrity gates, and bounded emergency controls.
Protocol Upgrade Safety with Invariant Monitoring
A practical deployment safety model using invariant telemetry, canary risk budgets, and deterministic containment triggers.
Bridge Validator Set Compromise Defense
A practical control model for validator-set compromise with segmented trust domains, policy-gated attestations, and staged halt governance.
RPC Endpoint Poisoning Defense: Practical Controls for Wallet Infrastructure
A practical operations model for RPC trust-tier routing, deterministic response validation, and staged poisoning containment.
Contract Allowlist Drift Detection: How Web3 Teams Stop Silent Trust Expansion
A practical model for baseline policy, change gates, runtime drift telemetry, and staged containment of trust expansion risk.
Adjacent Topics & Field Notes
Useful reads outside the core wallet sequence. We can expand this block with new bridge/infrastructure/governance investigations as they publish.
Cross-Chain Bridge Incident Response Playbook
A practical runbook for containment, queue control, validator coordination, and safe bridge recovery.
Analysis of the Reentrancy Attack on Protocol X
Technical analysis of exploit mechanics and monitoring response patterns.
Rise of Social Engineering in Web3
Operational threat patterns for social-engineering-driven wallet compromise.