Blog

SC04:2025 - Lack of Input Validation

Description: Input validation ensures that a smart contract processes only valid and expected data. When contracts fail to validate incoming inputs, they inadvertently expose themselves to security risks such as...

SC03:2025 - Logic Errors

Description: Logic errors, also known as business logic vulnerabilities, are subtle flaws in smart contracts. They occur when the contract’s code does not match its intended behaviour. These errors can...

SC02:2025 - Price Oracle Manipulation

Description: Price Oracle Manipulation is a critical vulnerability in smart contracts that rely on external data feeds (oracles) to fetch prices or other information. In decentralized finance (DeFi), oracles are...

SC01:2025 - Access Control Vulnerabilities

Description: An access control vulnerability is a security flaw that allows unauthorised users to access or modify the contract’s data or functions. These vulnerabilities arise when the contract’s code fails...

The OWASP Smart Contract Top 10 (2025)

About the Smart Contract Top 10 The OWASP Smart Contract Top 10 (2025) is a standard awareness document providing Web3 developers and security teams with insights into the top 10...

The 12 Days of Cyber Security - The Uncomfortab...

The Uncomfortable Truth. Organisations and people are very prominent targets for cyber attackers. Almost every piece of technology you use has vulnerabilities that leave it open to compromise. Very capable...