Introduction Last month, we at Unvariant audited Diamond PAU, Sky’s new architecture for allocator actions. The upgrade stood out to us not just as a Sky-specific improvement, but as a set of design patterns more DeFi teams should study closely. The reason is simple: in liquidity management protocols, failures…
Since the first alert on the Balancer hack that occurred on Nov 3rd, our team was waiting for a post mortem or a deep-dive article explaining the issues in the BalancerV2 code base and the actual, low-level root cause of the exploit. While lots of researchers had already published their…
We trained a CodeBERT model on a small dataset of manually selected reentrancy vulnerability examples, outperformed every static analysis tool at the time and found a couple real-world cases where DeFi projects and DAO admins could withdraw all tokens from the contract. Reentrancy vulnerabilities: a short recap For a broad…