Trail of Bits

Private key compromise accounted for 43.8% of crypto hacks in 2024, yet traditional smart contract audits rarely address architectural access control weaknesses. This post introduces a four-level maturity framework for designing protocols that can tolerate key compromise, progressing from single EOA control to radical immutability, with practical examples demonstrating multisigs, timelocks, and the principle of least privilege.

File parsers in Go contain unexpected behaviors that can lead to serious security vulnerabilities. This post examines how JSON, XML, and YAML parsers in Go handle edge cases in ways that have repeatedly resulted in high-impact security issues in production systems. We explore three real-world attack scenarios: marshaling/unmarshaling unexpected data, exploiting parser differentials, and leveraging data format confusion. Through examples, we demonstrate how attackers can bypass authentication, circumvent authorization controls, and exfiltrate sensitive data by exploiting these parser behaviors.

In October 2023, we audited Silence Laboratories’ DKLs23 threshold signature scheme (TSS) library—one of the first production implementations of this then-novel protocol that uses oblivious transfer (OT) instead of traditional Paillier cryptography. Our review uncovered serious flaws that could enable key destruction attacks, which Silence Laboratories promptly fixed.

Over two audits in 2023, we reviewed a blockchain system developed by Axiom that allows computing over the entire history of Ethereum, all verified by zero-knowledge proofs (ZKPs) on-chain using ZK-verified elliptic curve and SNARK recursion operations. This system is built using the Halo2 framework—a complex, emerging technology that presents many challenges when building a secure application, including potential under-constrained issues resulting from its low-level API.

Introducing the Custodial Stablecoin Rekt Test; a new spin on the classic Rekt Test for evaluating the security maturity of stablecoin issuers.

This post will examine the cryptography behind passkeys, the guarantees they do or do not give, and interesting cryptographic things you can do with them, such as generating cryptographic keys and storing certificates.

Datasig generates compact, unique fingerprints for AI/ML datasets that let you compare training data with high accuracy—without needing access to the raw data itself. This critical capability helps AIBOM (AI bill of materials) tools detect data-borne vulnerabilities that traditional security tools completely miss.

See how we slashed PyPI’s test suite runtime from 163 to 30 seconds. The techniques we share can help you dramatically improve your own project’s testing performance without sacrificing coverage.

This post describes how many examples of MCP software store long-term API keys for third-party services in plaintext on the local filesystem, often with insecure, world-readable permissions.

This post describes attacks using ANSI terminal code escape sequences to hide malicious instructions to the LLM, leveraging the line jumping vulnerability we discovered in MCP.