Null Return
@nullreturn_io
Smart-contract audits & formal verification • Infra consulting • Client‑focused service by experienced team • Flexible & open • DMs -open
🛡️ Web3 Security Monthly Digest (Oct 2025): 6 hacks → ~$25M lost • Garden $10.8M key breach • Typus Perp $3.4M logic flaw • Astera.fi $573K oracle exploit • Sharwa, Abracadabra, 402Bridge Root causes: keys, oracles, invariants. Read 👉…
All the children of God are beautiful, but they're especially beautiful when they need 500 audits 🥰
Like most of you guys, I didn’t get into crypto to get rich I got into crypto because I believed in the vision of 500 different stablecoins issued by 500 different centralized institutions on 500 different blockchains
Takeaway week: Security isn’t a checklist — it’s a continuous process. Threat modeling, monitoring, formal verification, and human-factor defense are the real alpha. Stay safe, stay verified. #NullReturn #DeFiSecurity
🧠 2025 Web3 security trends: – AI used in attacks and defense – “Audited” ≠ “Secure” – Continuous monitoring replaces one-time audits – Formal verification & ZK proofs go mainstream #Web3Trends #NullReturn
💥 $24M drained from a multi-chain custodian. Funds moved across 5 blockchains and through mixers within minutes. 👉 Lesson: key management, transfer limits, and live monitoring matter more than any single-chain patch. #KeySecurity #Crypto
💥 Exploit: outdated function cook() let attacker mint extra stablecoins. Root cause — deprecated code and poor specification. 👉 Lesson: composite functions = composite risks. Formal specs catch what audits sometimes miss. #FormalVerification #Security
💥 Flash-loan attack on a cross-chain DEX. The logic between chains was manipulated using temporary liquidity. 👉 Lesson: multi-chain ≠ secure-by-default. Formally verify cross-chain flows and test every edge-case. #CrossChain #DeFi
💥 Case: $1.5B stolen via compromised multi-sig UI. Attackers injected malicious JS so the multisig signers approved fake txs. 👉 Lesson: security doesn’t end at the contract. Your front-end and signing flow are part of the attack surface. #OpSec #SmartContracts
Web3 Security Week begins. Each day — one real exploit and one takeaway for builders. Because every hack is a free lesson (if you’re not the one hacked). #Web3Security #NullReturn
Regulation like the GENIUS Act isn’t slowing innovation — it’s pushing projects to get stronger. Formal verification helps teams launch stablecoins that are secure, compliant, and audit-ready. #NullReturn #DeFiSecurity #Formalverification
🚨 September 2025 Hack Report: Over $100M Lost, Private Key Compromises Surge The numbers are in, and September was a stark reminder of the critical challenges facing Web3. QuillMonitor is here to break down the data, providing you with the crucial insights needed to navigate…
Stablecoin issuers now face higher standards under the GENIUS Act. Formal verification helps prove security, reliability, and compliance — with math, not marketing. Trust isn’t declared. It’s verified.
Check out our new article! We explain how formal verification can help minimize the risk of flash loan attacks in DeFi. linkedin.com/pulse/how-form… #FormalVerification #FlashLoan #DeFi #Web3Security #SmartContractSecurity #CryptoSecurity #Blockchain #Auditing #ProtocolSafety…
Another $2M gone. Same story: flash loan exploit, weak transfer logic, liquidity pools drained. DeFi doesn’t need more audits. It needs formal verification.
🛡️ Web3 Security Weekly (Sep 15–21): • Shibarium bridge $2.4M → memecoins slide • Microsoft seizes 340 phishing sites • Whale loses $6M via permit phishing • NewGoldProtocol $2M flash-loan exploit Full digest 👉t.ly/KtevM #Web3Security #Crypto #DeFi
The SMTChecker is an underappreciated feature of Solidity. It's a built-in compiler module that you can use to produce a formal verification report for your contracts. And yes - it can be configured with Foundry! Here's a sample config:
In Null Return audits we don’t just drop a PDF and disappear. We work with your team until fixes are implemented and verified. Because real security is a process, not a report.
formal verification 🤌🤌🤌
Another hack this week. First question: “Who audited?” Truth: responsibility lies with the team, not auditors. Tier-1 projects hand over code so polished even medium bugs hide. 💡 Tip: 2+ audits + formal verification. High TVL = high responsibility.
United States Trends
- 1. Veterans Day 236K posts
- 2. Veterans Day 236K posts
- 3. Luka 73.8K posts
- 4. Nico 119K posts
- 5. Mavs 27.3K posts
- 6. Gambit 23.8K posts
- 7. Kyrie 6,354 posts
- 8. #csm220 4,963 posts
- 9. Dumont 22.2K posts
- 10. Wike 58.2K posts
- 11. Vets 21.2K posts
- 12. #MFFL 2,149 posts
- 13. Mantis 3,633 posts
- 14. Arlington National Cemetery 11K posts
- 15. Anthony Davis 5,901 posts
- 16. Shams 4,822 posts
- 17. Venom 17.1K posts
- 18. Wanda 21.2K posts
- 19. Mavericks 31.3K posts
- 20. Armistice Day 18.8K posts
Something went wrong.
Something went wrong.