Trail of Bits Blog Posts

The following contains blockchain-related blog posts made by Trail of Bits.

Consensus Algorithms

Research in the distributed systems area

2021/11/11Motivating global stabilizationReview of Fischer, Lynch, and Paterson’s classic impossibility result and global stabilization time assumption
2019/10/25Formal Analysis of the CBC Casper Consensus Algorithm with TLA+Verification of finality of the Correct By Construction (CBC) PoS consensus protocol
2019/07/12On LibraBFT’s use of broadcastsLiveness of LibraBFT and HotStuff algorithms
2019/07/02State of the Art Proof-of-Work: RandomXSummary of our audit of ASIC and GPU-resistant PoW algorithm
2018/10/12Introduction to Verifiable Delay Functions (VDFs)Basics of VDFs - a class of hard to compute, not parallelizable, but easily verifiable functions

Fuzzing Compilers

Our work on the topic of fuzzing the solc compiler

2021/03/23A Year in the Life of a Compiler Fuzzing CampaignResults and features of fuzzing solc
2020/06/05Breaking the Solidity Compiler with a FuzzerOur approach to fuzzing solc


Security research, analyses, announcements, and write-ups

2022/10/12Porting the Solana eBPF JIT compiler to ARM64Low-level write-up of the work done to make the Solana compiler work on ARM64
2022/06/24Managing risk in blockchain deploymentsA summary of "Do You Really Need a Blockchain? An Operational Risk Assessment" report
2022/06/21Are blockchains decentralized?A summary of "Are Blockchains Decentralized? Unintended Centralities in Distributed Ledgers" report
2020/08/05Accidentally stepping on a DeFi legoWrite-up of a vulnerability in yVault project
2020/05/15Bug Hunting with CryticDescription of 9 bugs found by Trail of Bits tools in public projects
2019/11/13Announcing the Crytic $10k Research PrizeAcademic research prize promoting open source work
2019/10/24Watch Your Language: Our First Vyper AuditPros and cons of Vyper language and disclosure of vulnerability in the Vyper's compiler
2019/08/08246 Findings From our Smart Contract Audits: An Executive SummaryPublication of data aggregated from our audits. Discussion about possibility of automatic and manual detection of vulnerabilities, and usefulness of unit tests
2018/11/19Return of the Blockchain Security Empire Hacking
2018/02/09Parity Technologies engages Trail of Bits
2017/11/06Hands on the Ethernaut CTFFirst write-up on Ethernaut


General guidance

2021/02/05Confessions of a smart contract paper reviewerSix requirements for a good research paper
2018/11/2710 Rules for the Secure Use of Cryptocurrency Hardware WalletsRecommendations for the secure use of hardware wallets.
2018/10/04Ethereum security guidance for allAnnouncement of office hours, Blockchain Security Contacts, and Awesome Ethereum Security
2018/04/06How to prepare for a security reviewChecklist for before having a security audit


Talks, videos, and slides

2019/01/18Empire Hacking: Ethereum Edition 2Talks include: Anatomy of an unsafe smart contract programming language, Evaluating digital asset security fundamentals, Contract upgrade risks and recommendations, How to buidl an enterprise-grade mainnet Ethereum client, Failures in on-chain privacy, Secure micropayment protocols, Designing the Gemini dollar: a regulated, upgradeable, transparent stablecoin, Property testing with Echidna and Manticore for secure smart contracts, Simple is hard: Making your awesome security thing usable
2018/11/16Trail of Bits @ Devcon IV RecapTalks include: Using Manticore and Symbolic Execution to Find Smart Contract Bugs, Blockchain Autopsies, Current State of Security
2017/12/22Videos from Ethereum-focused Empire HackingTalks include: A brief history of smart contract security, A CTF Field Guide for smart contracts, Automatic bug finding for the blockchain, Addressing infosec needs with blockchain technology


Description of our tools and their use cases

2022/08/17slitherUsing mutants to improve SlitherInserting random bugs into smart contracts and detecting them with various static analysis tools - to improve Slither's detectors
2022/07/28slitherShedding smart contract storage with SlitherAnnouncement of the slither-read-storage tool
2022/04/20Amarna: Static analysis for Cairo programsOverview of Cairo footguns and announcement of the new static analysis tool
2022/03/02echidnaOptimizing a smart contract fuzzerMeasuring and improving performance of Echidna (Haskell code)
2021/12/16slitherDetecting MISO and Opyn’s msg.value reuse vulnerability with SlitherDescription of Slither's new detectors: delegatecall-loop and msg-value-loop
2021/04/02Solar: Context-free, interactive analysis for SolidityProof-of-concept static analysis framework
2020/10/23slitherEfficient audits with machine learning and Slither-similDetect similar Solidity functions with Slither and ML
2020/08/17echidnaUsing Echidna to test a smart contract libraryDesigning and testing properties with differential fuzzing
2020/07/12manticoreContract verification made easierRe-use Echidna properties with Manticore with manticore-verifier
2020/06/12slitherUpgradeable contracts made safer with Crytic17 new Slither detectors for upgradeable contracts
2020/03/30echidnaAn Echidna for all SeasonsAnnouncement of new features in Echidna
2020/03/03manticoreManticore discovers the ENS bugUsing symbolic analysis to find vulnerability in Ethereum Name Service contract
2020/01/31manticoreSymbolically Executing WebAssembly in ManticoreUsing symbolic analysis on an artificial WASM binary
2019/08/02Crytic: Continuous Assurance for Smart ContractsNew product that integrates static analysis with GitHub pipeline
2019/07/03slitherAvoiding Smart Contract "Gridlock" with SlitherDescription of a DoS vulnerability resulting from a strict equality check, and Slither's dangerous-strict-equality detector
2019/05/27slitherSlither: The Leading Static Analyzer for Smart ContractsSlither design and comparison with other static analysis tools
2018/10/19slitherSlither – a Solidity static analysis frameworkIntroduction to Slither's API and printers
2018/09/06rattleRattle – an Ethereum EVM binary analysis frameworkTurn EVM bytecode to infinite-register SSA form
2018/05/03echidnaState Machine Testing with EchidnaExample use case of Echidna's Haskell API
2018/03/23Use our suite of Ethereum security toolsOverview of our tools and documents: Not So Smart Contracts, Slither, Echidna, Manticore, EVM Opcode Database, Ethersplay, IDA-EVM, Rattle
2018/03/09echidnaEchidna, a smart fuzzer for EthereumFirst release and introduction to Echidna
2017/04/27manticoreManticore: Symbolic execution for humansFirst release and introduction to Manticore (not adopted for EVM yet)


Our work related to contracts upgradeability

2020/12/16Breaking Aave UpgradeabilityDescription of Delegatecall Proxy vulnerability in formally-verified Aave contracts
2020/10/30Good idea, bad design: How the Diamond standard falls shortAudit of Diamond standard's implementation
2018/10/29How contract migration worksAlternative to upgradability mechanism - moving data to a new contract
2018/09/05Contract upgrade anti-patternsDiscussion of risks and recommendations for Data Separation and Delegatecall Proxy patterns. Disclosure of vulnerability in Zeppelin Proxy contract.


Our work in Zero-Knowledge Proofs space

2022/04/18The Frozen Heart vulnerability in PlonK
2022/04/15The Frozen Heart vulnerability in Bulletproofs
2022/04/14The Frozen Heart vulnerability in Girault’s proof of knowledge
2022/04/13Coordinated disclosure of vulnerabilities affecting Girault, Bulletproofs, and PlonKIntroducing new "Frozen Heart" class of vulnerabilities
2021/12/21Disclosing Shamir’s Secret Sharing vulnerabilities and announcing ZKDocs
2021/02/19Serving up zero-knowledge proofsFiat-Shamir transformation explained
2020/12/14Reverie: An optimized zero-knowledge proof systemRust implementation of the MPC-in-the-head proof system
2020/05/21Reinventing Vulnerability Disclosure using Zero-knowledge ProofsAnnouncement of DARPA sponsored work on ZK proofs of exploitability
2019/10/04Multi-Party Computation on Machine LearningImplementation of 3-party computation protocol for perceptron and support vector machine (SVM) algorithms