Since 2014 protecting critical decentralized systems: L1 nodes, smart contracts audits, wallets, web3 dApps, exchanges, bridges.
Last 6 months · Weekly commits
🚀 Try the Learn EVM Explorer we just launched!!!
Coinspect Publications: audit reports and research.
Coinspect created a standard security checklist to provide transparent, objective insights into the most sec…
Data repository for the Wallet Security Ranking project.
Verifiable Frontends for dApps
$2M from a single affected address moved hours after this post. Hopefully it was not theft, and our efforts helped. We will need the crypto community's help to alert users still at risk. Contacting through wallet vendors is not possible: some companies no longer exist.
We generated hundreds of billions of wallet seeds from insecure code in use since 2018. From that search space, thousands of seeds were actually used. Last month alone, we found $3.14M stolen from…
We generated hundreds of billions of wallet seeds from insecure code in use since 2018. From that search space, thousands of seeds were actually used. Last month alone, we found $3.14M stolen from these wallets. Most was not reported. We shared findings with security…
Millions have been stolen from weak crypto wallet recovery phrases without public attribution. Big sweeps into single addresses and laundering patterns get detected and reported. Slow, stealthy…
Millions have been stolen from weak crypto wallet recovery phrases without public attribution. Big sweeps into single addresses and laundering patterns get detected and reported. Slow, stealthy drains usually do not. Proving the cause requires victims reports, experts,…
Wallet app patches don't fix weak recovery phrases created years ago. Past attacks covered major chains, English 12-word phrases, and limited derivation paths. AI now makes the long tail searchable by more attackers. Ecosystems need to find and warn at-risk users and help…