SlowMist is a Blockchain security firm established in 2018, providing services such as security audits, security consultants, red teaming, and more.

Stories By SlowMist

How Effective Is GPT for Auditing Smart Contracts?

Despite the current limitations of GPT’s analysis and mining capabilities for contract vulnerabilities, its ability to analyze and generate reports on simple code blocks for common vulnerabilities still sparks excitement among users.

SlowMist: An Analysis of the Attack on Euler Finance

On March 13th, 2023, the lending project, Euler Finance, on the Ethereum blockchain was attacked, and the attacker profited approximately 200 million US dollars. The SlowMist Security Team intervened and analyzed the situation promptly, and shared the results as follows.

ZKP Series: Principles and Implementation of Extensibility Attacks on Groth16 Proofs

Groth16 is vulnerable to extensibility attacks, as new proofs can be forged through simple calculations. In practice, it is important to take measures to prevent double-spending attacks.

ZKP Series: Pseudonym Input Vulnerability in Circom’s Verification Contract Has Been Replicated

Input pseudonym vulnerability is a frequently encountered vulnerability in zero-knowledge proof and cryptography implementation. Its fundamental cause lies in the value being equivalent to the remainder within the finite field.

ZKP Series: A Catalog of Technical Features in Popular ZKP Implementation Schemes

Zero-knowledge proofs offer an effective solution to privacy, scalability, and data compression issues in blockchain. There are various implementation schemes with different performance and security benchmarks.

SlowMist: How to Choose an Anti-Phishing Plugin

Currently, numerous anti-phishing browser plug-ins are available on the market. In the following section, we will scrutinize and contrast these plug-ins, with the hope of offering some security guidance to NFT users.

SlowMist: 2022 Blockchain Security and AML Analysis Annual Report

This report takes a close look at the major events in the blockchain industry that took place in 2022. It provides an overview of the security status of each area within the industry and delves into common attack techniques.

SlowMist: Analysis of Monkey Drainer NFT Phishing Group

On February 8th, 2023, the SlowMist security team received a report from our partner ScamSniffer regarding multiple security breaches due to phishing attacks.