Blog

Discover how real-world DeFi exploits unfolded across Ethereum, Polygon, BNB Chain, and more with our new Learn EVM Attacks web app. Explore detailed attack reproductions, on-chain analysis, runnable Solidity PoCs, and categorized insights on vulnerabilities like reentrancy, oracle manipulation, and governance exploits—all designed to help auditors, builders, and researchers strengthen smart contract security.

Attackers are registering expired dApp domains, linked from DeFi aggregators and old socials, to trick users into connecting wallets and draining their funds.

The second edition of Coinspect’s Crypto Wallet Security Ranking is live featuring 74 wallet apps across iOS, Android, and browser extensions.

Discover how critical vulnerabilities in browser-based crypto wallets allowed attackers to drain funds without user interaction.

Liquity engaged Coinspect to audit Liquity v2 Governance smart contracts, enhancing decentralized governance with modular initiatives and security measures.

Liquity V2 Smart Contract Audit

We're excited to release the first results of the Crypto Wallet Security Ranking, our uniquely comprehensive ranking framework for crypto wallet security.

Discover how Coinspect developed the Crypto Wallet Security Ranking to elevate web3 security with scalable, objective wallet evaluations.

Smart contracts are often seen as immutable but the hidden 'God Mode' used by developers can undermine the decentralization promises of blockchain.

Crypto wallet security improvements can block common scams that cost users millions. Discover how secure web3 wallets can protect you from phishing attacks.

Bitcoin Core developers fixed and revealed a high-risk DoS vulnerability allowing attackers to crash 17% of mainnet nodes at a cost of just 0.14 BTC.

Upgradeable smart contracts offer flexibility but introduce security risk. Learn common pitfalls in proxy patterns, storage management, and initialization.

The EUCLEAK attack allows attackers to steal private keys with just minutes of physical access and bypassing crucial secure hardware attestation protocols.

This article explores the mechanics of merged-mining, its security benefits, and the critical vulnerabilities identified by Coinspect in real-world implementations. With a focus on the Bitcoin L2 movement, we offer actionable insights for blockchain designers, developers, and researchers working to build secure, interconnected networks.

Discover how Coinspect collaboration with Babylon have fortified the platform, ensuring a safe and successful launch of their Bitcoin-native staking protocol. Read about our contributions and the future of secure innovation in the Bitcoin L2 ecosystem.

Coinspect conducted comprehensive security reviews of projects built on Soroban, Stellar's new smart contracts platform. Key findings from our audit of the Tricorn Bridge include the identification and resolution of critical vulnerabilities, contributing valuable insights to the Soroban security community.

Web3 wallet security research: Identifying vulnerabilities and proposing standardized crypto wallet security score.

Tari blockchain and wallet audit: Comprehensive review revealing multiple security issues

EIP-712 text injection vulnerability affecting multiple crypto wallets: Analysis and implications

Analysis of OpenZeppelin's Governor smart contract vulnerability discoverd by Coinspect Security

Analyzing Arbitrum's governance vulnerability and mitigation strategies

Phantom wallet vulnerability: Exploiting transaction simulation in Solana

Coinspect's wallet security research project uncovered an EIP-712 implementation issue affecting over 40 web3 wallets. This widespread vulnerability could allow malicious actors to trick users into signing unintended transactions. The blog post details the research methodology, provides a comprehensive list of affected vendors with their response metrics, and offers insights into the varying approaches to bug report handling.

Exactly Protocol smart contract audits: Findings from our year-long smart contract security review.

Analyzing Algorand's transaction validation and potential account control vulnerabilities

Horizen's Zendoo sidechain: Source code review and security analysis

Tempus DeFi protocol: Security review of smart contract implementation

Security review of Incognito-Ethereum bridge smart contracts: Key findings

Security review of Aragon systems: Key findings from our smart contract audit

Liquity DeFi system: Findings from our smart contract security audit

Vesper Pool's smart contracts under review: Our real-time security audit during development phase.

Grin's MimbleWimble implementation: Critical vulnerability found and fixed. Our security audit reveals all.

Zcash Overwinter upgrade: Security audit focusing on consensus and incentives

Lesfex Cryptocurrency Exchange: Results of our week-long penetration test

Zcash launch imminent: Our security audit of this groundbreaking Zerocash protocol implementation.

Explore best practices for building robust and reliable blockchain databases using the Bitcoin node API, an essential tool for those who Bitcoin L2. Learn how to avoid common pitfalls, handle blockchain reorganizations, and implement secure cloning methods.

Copay wallet vulnerability: Implications of our test transactions on Bitcoin security

Security analysis of Copay's multi-signature Bitcoin wallet implementation