Blockchain

All our latest Blogpost and News about Blockchain security!

Blogpost | Blockchain | Reversing | Solana

Introducing Solazy – A Solana Static Analyser & Reverse Engineering tool
ByFuzzingLabs 07/29/202508/08/2025

Solana Static analyzer Introducing sol-azy: A CLI Toolkit for Solana Program Static Analysis & Reverse Engineering This post dives into sol-azy, our new all-in-one toolkit for security research. Helping in reversing, analyzing, and poking at Solana programs statically, surgically, and on your terms. You can clone it from our GitHub https://github.com/FuzzingLabs/sol-azy What Problem Does sol-azy…

Read More Introducing Solazy – A Solana Static Analyser & Reverse Engineering tool
Blogpost | Blockchain | Ethereum & EVM | Research | Talk

EVM Security – Insights from Zer0Con 2025
ByFuzzingLabs 05/09/202506/04/2025

EVM Security Insights from Zer0Con 2025 At Zer0Con 2025, the FuzzingLabs team, Mathieu Hoste and Bryton Bernard, delivered an engaging and insightful presentation on one of the most critical aspects of Ethereum’s security: the vulnerabilities within the Ethereum Virtual Machine (EVM). In our session, titled “Ethereum’s Achilles’ Heel: Attacking and Fuzzing EVMs for Fun (and…

Read More EVM Security – Insights from Zer0Con 2025
Blogpost | Blockchain | Bug bounty | Fuzzing | Networking | Offensive

Attacking & Fuzzing Polkadot Node – Triggering Denial-of-Service via Gossamer RPC Flaws
ByFuzzingLabs 03/13/202503/13/2025

Attacking & Fuzzing of Polkadot Node Triggering Denial-of-Service via Gossamer RPC Flaws Gossamer is a Go-based implementation of a Polkadot node, developed by ChainSafe Systems. It allows interaction with the Polkadot network, enabling users to participate as full nodes, validators, or other roles. In this post, we will show you what we did to find…

Read More Attacking & Fuzzing Polkadot Node – Triggering Denial-of-Service via Gossamer RPC Flaws
Blogpost | Blockchain | Fuzzing | Starknet | ZK

How Fuzzing Could Have Prevented the zkLend Hack
ByFuzzingLabs 02/17/202506/08/2025

rediscovery of the starknet zklend hack How Fuzzing Could Have Prevented the zkLend Hack The recent zkLend hack has stirred up significant discussion in the community, and today we’d like to share some insights from our deep dive into the vulnerability using fuzzing techniques at FuzzingLabs. Our investigation reveals that a simple fuzzing test could…

Read More How Fuzzing Could Have Prevented the zkLend Hack
Blogpost | Audit & Security Assessment | Blockchain | Ethereum & EVM | Fuzzing | Go

Story Security Assessment Completed
ByFuzzingLabs 01/28/202506/08/2025

Story / Security Assessment Completed Strengthening Blockchain-Based IP Management At FuzzingLabs we recently completed a comprehensive security assessment of Story, a decentralized network that aims to revolutionize intellectual property (IP) management. This audit was undertaken to ensure the security and resilience of its blockchain-based infrastructure, smart contracts, and consensus mechanisms. Below, we provide an overview…

Read More Story Security Assessment Completed
Blogpost | Blockchain | Rust | Solana

DOS in DeFi Liquidity Pools: The Initialization Vulnerability
ByFuzzingLabs 01/28/202506/08/2025

Denial Of Service in DeFi Liquidity Pools The Initialization Vulnerability Decentralized Exchanges (DEXs) have become a cornerstone of the DeFi ecosystem, processing billions in daily trading volume. However, during our recent security research at FuzzingLabs we uncovered a subtle yet significant vulnerability pattern that affects multiple DEX implementations. This vulnerability allows malicious actors to effectively…

Read More DOS in DeFi Liquidity Pools: The Initialization Vulnerability
Blogpost | Blockchain | Cryptography | Fuzzing | Rust | ZK

Sponge Trouble: When Poseidon Gets Absorbed in Its Own Bugs
ByFuzzingLabs 12/12/202406/08/2025

Poseidon Sponge Bugs in ArkWorks Avoiding Cryptographic Failures in Hashing We found two subtle yet impactful bugs in the ArkWorks library’s implementation of the Poseidon Sponge. This discovery highlights the complexity and precision required in cryptographic implementations. In this article, we’ll first explain what Poseidon Sponge is, how it works, and then delve into the…

Read More Sponge Trouble: When Poseidon Gets Absorbed in Its Own Bugs
Blogpost | Blockchain | Ethereum & EVM | Fuzzing | Rust

Uncovering a Subtle Bug in EVM Arithmetic: The Case of Negating Zero
ByFuzzingLabs 12/03/202406/08/2025

Uncovering a Subtle Bug in Ethereum Virtual Machine (EVM) The Case of Arithmetic Negating Zero Our team at FuzzingLabs has been auditing the Ethereum Virtual Machine (EVM) implementation by LambdaClass. Throughout the audit, we’ve identified several vulnerabilities, but in this post, we’ll focus on one particularly interesting issue involving the SDIV operation and its handling…

Read More Uncovering a Subtle Bug in EVM Arithmetic: The Case of Negating Zero
Blogpost | Blockchain | Starknet

Top Vulnerabilities in Cairo Smart Contracts: Detection and Remediation
ByFuzzingLabs 11/26/202406/08/2025

Top 4 Vulnerabilities in Cairo/Starknet Smart Contracts Detection and Remediation What is Cairo ? In 2021, StarkWare introduced Cairo, a programming language designed for creating provable programs using zero-knowledge proofs. It serves as the smart contract language for Starknet, a layer-2 blockchain built on top of Ethereum. This article explores some of the most common…

Read More Top Vulnerabilities in Cairo Smart Contracts: Detection and Remediation
Blogpost | Audit & Security Assessment | Blockchain | Bug bounty | Rust | Solana

Revival Attacks on Solana Programs Explained
ByFuzzingLabs 11/19/202406/08/2025

Solana Vulnerability Explained Revival attacks on Solana programs As the blockchain world expands, Solana has stepped into the spotlight as a compelling alternative to Ethereum. But behind its lightning-fast transactions and low fees lies a hidden world of unique security challenges. One such vulnerability that we frequently encounter during our security audits on the Solana…

Read More Revival Attacks on Solana Programs Explained

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Follow us

We value your privacy

Table of Content