Hackenproof

Securing ECDH in Secp256k1: Mitigating Small Subgroup Attacks with Proper Public Key Validation
  • Insights
  • cybersecurity
  • +1

Securing ECDH in Secp256k1: Mitigating Small Subgroup Attacks with Proper Public Key Validation

Understanding Elliptic Curve Cryptography (ECC) Elliptic Curve Cryptography, commonly known as ECC, is a method for encrypting data to secure digital communications. It’s a form of “asymmetric cryptography,” which means it uses two different keys: a public key that anyone can see and a private key that must be kept secret. What Makes ECC Special?

7 Nov 2024

Radiant’s Automated Incident Response Was Not Ready for Access Control Attack
  • Insights
  • cybersecurity
  • +1

Radiant’s Automated Incident Response Was Not Ready for Access Control Attack

Was it possible to prevent an $18M loss on BNB Chain? PART 1 – Root Cause and Arbitrum Attack On October 16, 2024, Radiant Capital suffered a security breach resulting in a more than $50 million USD loss ($48M in the attack itself and $5-6M via infinite approvals). The attackers infiltrated the devices of at

1 Nov 2024

Blackbox and Graybox Penetration Testing for EBSI (APIs and Web Apps)
  • Case Studies
  • cybersecurity

Blackbox and Graybox Penetration Testing for EBSI (APIs and Web Apps)

Hacken’s partnership with Europe’s first public-sector blockchain infrastructure, EBSI, is evolving. After successfully conducting a comprehensive smart contract audit last year, Hacken has now performed a proactive penetration test on EBSI’s APIs and web applications. Our latest security assessment employed both black box and gray box testing methodologies, ensuring the platform’s security and integrity across

31 Oct 2024

Test Your Solidity and EVM Skills: Solve CTF Challenge (Full Walkthrough)
  • Insights
  • cybersecurity

Test Your Solidity and EVM Skills: Solve CTF Challenge (Full Walkthrough)

The AnniversaryChallenge CTF was created with a dual purpose: to celebrate Hacken’s 7th anniversary and test the Solidity and EVM skills of potential newcomers. With this in mind, a multi-step exploit was implemented to solve the challenge. Thus, candidates were expected to: The CTF’s objective was to collect the TrophyNFT ERC721 token with Id 1

25 Oct 2024

Key Discovery in ECDSA: Understanding Implementation and Security Risk
  • Insights
  • cybersecurity

Key Discovery in ECDSA: Understanding Implementation and Security Risk

Uncover a critical risk in ECDSA: improper nonce management can lead to private key recovery attacks. Explore how this impacts blockchain systems and how to securely implement the Elliptic Curve Digital Signature Algorithm

10 Oct 2024

Protocol and Tokenomics Audit of PhronAI’s AI-Powered Layer 0 / Layer 1 Blockchain
  • Case Studies
  • cybersecurity

Protocol and Tokenomics Audit of PhronAI’s AI-Powered Layer 0 / Layer 1 Blockchain

Explore our in-depth case study on PhronAI, an AI-powered Layer-0 blockchain leading the way in decentralized AI integration.

Learn how Hacken’s audit helped ensure the security and efficiency of their protocol and tokenomics model.

3 Oct 2024

Ethical Hacking In Action: How To Steal $1.1M From A DeFi Smart Contract
  • Case Studies
  • cybersecurity

Ethical Hacking In Action: How To Steal $1.1M From A DeFi Smart Contract

A case study of ethical hacking detailing how Hacken’s L1 Researcher and Auditor, Bartosz Barwikowski, uncovered a deeply hidden bug in Weft Finance’s smart contract, exploited it to extract $1.1 million in assets (on a mainnet ledger copy) and ultimately helped secure the platform, leading him to confidently stake his own assets there.

6 Sep 2024

Securing Merkle Tree in OpenZeppelin’s MerkleProof.sol Library
  • Insights
  • cybersecurity

Securing Merkle Tree in OpenZeppelin’s MerkleProof.sol Library

**Role of a Merkle Tree**

A Merkle Tree is a data structure used in blockchain to ensure data integrity and efficient verification. Read how Hacken auditors joined the effort to secure OpenZeppelin’s MerkleProof.sol library.

3 Jul 2024

Best Practices For Secure MetaMask Snaps Development
  • Discover
  • cybersecurity

Best Practices For Secure MetaMask Snaps Development

In this guide, Hacken auditors will share best practices for secure MetaMask Snaps development to safeguard users’ assets and privacy.

5 Apr 2024

Subscribe to our research

Enter your email address to subscribe to Hacken Reseach and receive notifications of new posts by email

[contact-form-7 id="8165" title="Subscribe"]

Interested in getting to know whether your systems are vulnerable to cyberattacks?

Tell us about your project

  • This field is required
  • This field is required
    • telegram icon Telegram
    • whatsapp icon WhatsApp
    • wechat icon WeChat
    • signal icon Signal
  • This field is required
  • This field is required
This field is required
departure icon

Thank you for your request

Get security score on

  • certified logo
  • coingeco logo
  • coin market cap logo

1,200+ Audited Projects

companies logos

Apply for partnership

  • This field is required
  • This field is required
  • This field is required
  • This field is required
    • Foundation
    • VC
    • Angel investments
    • IDO or IEO platform
    • Protocol
    • Blockchain
    • Legal
    • Insurance
    • Development
    • Marketing
    • Influencer
    • Other
This field is required
This field is required
departure icon

Thank you for your request

Get security score on

  • certified logo
  • coingeco logo
  • coin market cap logo

1,200+ Audited Projects

companies logos

Get in touch

  • This field is required
  • This field is required
  • This field is required
  • This field is required
This field is required
By submitting this form you agree to the Privacy Policy and information beeing used to contact you
departure icon

Thank you for your request

Get security score on

  • certified logo
  • coingeco logo
  • coin market cap logo