The Bitfinex attack, and similar heists from Bitcoin exchanges, are preventable with a small extension to Bitcoin.
Our thoughts on using differential dataflow to implement database functionality such as lookups and transactions.
The Ethereum hard fork is in a few days. Having looked at the proposed hard fork code, I discuss what I believe is the weakest part of the HF code.
Following a hard fork, there will be two chains. In cross-chain replay attacks, one can attack a smart contract by moving transactions from one chain to the other. Post describes a potential attack.
Reentrancy bugs are difficult to catch. This distilled, illustrative example shows how even a diligently-written contract with invariant checks can go wrong.
We describe a general Decentralized Escape Hatch mechanism, suitable for DAOs and other smart contracts.
Our discovery of a DoS vulnerability in Ethereum turns out to be a point of strength and censorship resistence for the currency.
We identify a DoS vulnerability with Ethereum's proposed soft-fork for The DAO, and urge the community to be prepared for attacks, and to speed up the timetable for resolving the hard fork decision.
IC3's resident lawyer-techie discusses why smart contracts need escape hatches and how to implement them.
This post describes how the hacker who took $50+M from The DAO did it.