Despite the current limitations of GPT’s analysis and mining capabilities for contract vulnerabilities, its ability to analyze and generate reports on simple code blocks for common vulnerabilities still sparks excitement among users.

On March 13th, 2023, the lending project, Euler Finance, on the Ethereum blockchain was attacked, and the attacker profited approximately 200 million US dollars. The SlowMist Security Team intervened and analyzed the situation promptly, and shared the results as follows.

Groth16 is vulnerable to extensibility attacks, as new proofs can be forged through simple calculations. In practice, it is important to take measures to prevent double-spending attacks.

Input pseudonym vulnerability is a frequently encountered vulnerability in zero-knowledge proof and cryptography implementation. Its fundamental cause lies in the value being equivalent to the remainder within the finite field.

Zero-knowledge proofs offer an effective solution to privacy, scalability, and data compression issues in blockchain. There are various implementation schemes with different performance and security benchmarks.

Currently, numerous anti-phishing browser plug-ins are available on the market. In the following section, we will scrutinize and contrast these plug-ins, with the hope of offering some security guidance to NFT users.

This report takes a close look at the major events in the blockchain industry that took place in 2022. It provides an overview of the security status of each area within the industry and delves into common attack techniques.

On February 8th, 2023, the SlowMist security team received a report from our partner ScamSniffer regarding multiple security breaches due to phishing attacks.