Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Sec3 (formerly Soteria) Profile picture
Sec3 (formerly Soteria)
@Sec3dev
Blockchain security software and audits. Builder of the Automatic Auditor for Solana programs. Make securing Solana projects as easy as possible.
Feb 9, 2023 7 tweets 3 min read
1/ Let's look at what was discussed during the Solana Changelog - January 31, 2023 video!

2/ A new proposal have been put up to have a fee market for storage on the cluster, where the cost of storage would change based on demand. This would change the cost of things like NFTs, token accounts, and programs
Feb 8, 2023 6 tweets 2 min read
1/ How does @sec3dev's WatchTower `SmartThreatMonitor` learn which transactions are normal and which one's aren't to provide on demand real time alerts of abnormalities? 2/ First, it loads all historical transactions of a particular smart contract and analyzes them using a machine learning algorithm to construct an initial set of invariants (pattern of behaviour)
Feb 7, 2023 4 tweets 1 min read
1/ This is a great Validator Security workshop by @TimGarcia0 !

2/ Key takeaways for best practices for hardening Ubuntu servers:
• Use SSH keys for login, avoid password login
• Disable password and challenge response authentication
• Consider setting up two-factor authentication
Feb 1, 2023 4 tweets 1 min read
1/ What are some more common vulnerabilities that an attacker can exploit in Solana? 🧵 2/
 - Arithmetic overflow/underflows: If an arithmetic operation results in a higher or lower value, the value will wrap around with two’s complement
- Numerical precision errors: floating point can cause precision errors and those errors can accumulate
Jan 31, 2023 6 tweets 1 min read
1/ What are 5 common vulnerabilities attackers can exploit in Solana?🧵Let’s dive in: 2/ Missing signer checks: if an instruction should only be available to a restricted set of entities, but the program does not verify that the call has been signed by the appropriate entity (e.g., by checking AccountInfo::is_signer ).
Jan 31, 2023 12 tweets 4 min read
1/ We’re extremely excited to announce that @sec3dev has raised a $10M seed round led by @multicoincap, joined by @SanctorCapital and @EssenceVenture - this is in addition to our angel investor @aeyakovenko and @santiagoroel! 2/ Our vision from the beginning has always been to provide a suite of end-to-end solutions to help secure DApps and user experience for as many people as possible.
Jan 30, 2023 4 tweets 2 min read
1/ In #DEFI, borrow/lending is one of the most exciting innovations. Our WatchTower system offers LiquidationMonitor that tracks real time Loan-to-Value-Ratio(LTV) for positions in platforms such as @solendprotocol @HedgeLabs and @HubbleProtocol 2/ It does this by looking directly at on-chain states of each borrowed position and comparing it with their corresponding obligation account, at the oracle refresh level
May 24, 2022 6 tweets 2 min read
1/ We are excited to make Sec3 (formerly Soteria) Pro Auto Auditor software publicly available to #Solana builders:

pro.sec3.dev 2/ @Sec3dev team has been iterating and developing the engine behind this software in the last few months. It is the most powerful engine we have built to date, and its capability keeps expanding.