We’re thrilled to announce our close collaboration with the @modelguardnet team! Modelguard is a project launching on @virtuals_io to bring insurance to the agentic economy. Over the past months, we’ve brought our technical risk expertise to help build the core agent‑assessment logic behind ModelGuard’s AI underwriting & insurance infrastructure, grounded in transparent, verifiable data. This collaboration represents our shared mission: raising standards in autonomous DeFi and ensuring that protocol‑native agent risk is monitored, auditable, and secure.

We’re thrilled to announce our close collaboration with the @modelguardnet team! Modelguard is a project launching on @virtuals_io to bring insurance to the agentic economy. Over the past months, we’ve brought our technical risk expertise to help build the core agent‑assessment logic behind ModelGuard’s AI underwriting & insurance infrastructure, grounded in transparent, verifiable data. This collaboration represents our shared mission: raising standards in autonomous DeFi and ensuring that protocol‑native agent risk is monitored, auditable, and secure.

If you do big $$ Transaction on chain USE A SEPARATE SIGNING COMPUTER. This is relevant to ByBIT and Radiant Capital and others.

HyperLiquid has no transparency and doesn't care. They are proudly closed source and expect users to trust their anon founders. And with 1.7 billion TVL, it seems users don't care about transparency either. Their DeFiSafety score is 7%. https://t.co/9XwwNsSKfK Transparency is the best reason why DeFi is better than TradFi. But transparency is steadily disappearing. DeFi protocols have no financial incentive for transparency because no one (except for DeFiSafety which is tiny and underfunded) seems to care. LPs don't seem to care. Most users don't seem to care and there are no regulators. We are steadily killing DeFi with our own disdain.

Usual Finance has distinct weak points. No tests and almost no Access Control docs drives the score down to 49%. Code documentation and security is good, though. Key Findings: 50% No tests visible. Limited admin controls and docs 🛠👥 Code Documentation: 92% No complaints here, solid.📄🔍 Testing: 0%. No tests visible. No GitHub. 🚨🧪 Security: 83%. Good audits, but no bug bounty. They have active protocol monitoring though. 🔒✅ Admin Controls 13%. They clearly said they were upgradeable, but nothing else. Dive Deeper: For an in-depth analysis, explore the full Usual report on DeFiSafety. https://t.co/RcdGVILfaL

Solana’s Raydium Finance’s transparency has stayed substandard! Score 50%. Code documentation is limited and no tests are visible. Good audit and bug bounty though. This is the second review of Radium. The one from 2022 was about the same score. Key Findings: 50% No tests visible. Limited admin controls and docs 🛠👥 Code Documentation: 38% Whitepaper and some architecture docs, but no real software documentation.📄🔍 Testing: 0%. No tests visible. 🚨🧪 Security: 82%. They have a four audits (though the findings are concenring). Solid bug bounty. 🔒✅ Admin Controls 0%. They clearly say that devs have total control with no multisig. Dive Deeper: For an in-depth analysis, explore the full Raydium report on DeFiSafety. https://t.co/4w39CoX0D6

I just published another part of our DeFi Guide Pt 2 — Chains https://t.co/DGCh6fLRcF Next I dive into the wallet and transactions.

We just published our next article on the DeFi guide - Exchanges. The next one will be on chains. https://t.co/Y4QaThW688

The second chapter to our Guide to DeFi answers the Why: https://t.co/aALGjo4PN6

We published the Intro to our Guide to DeFi; https://t.co/ktp0p3Ls9Q

Sticking with staking apps, let’s look at Jito, Solana’s staking choice Jito’s Score: 50%. a fail, though not a bad one. 📊 No documentation, weak testing, no admin controls but good audits Key Findings: 83% Code and team is strong. The devs did not respond at all. 🛠👥 Code Documentation: 0% We could not find documentation. The GitHub itself was confusing.📄🔍 Testing: 49%. They did do tests, but only 80% test to code and no test report.. 🚨🧪 Security: 86%. Solid audits, good bug bounty but no documented monitoring. 🔒✅ Admin Controls 0%. No discussion on admin controls despite a government section. Dive Deeper: For an in-depth analysis, explore the full Jito report on DeFiSafety. https://t.co/wLe4J9VVMn

We are going back to weekly reports and will start off with this powerhouse of restaking. Eigan’ Score: 78%. Pretty good, a pass 📊 Key Findings: 90% Code and team is strong. The devs did not respond promptly. This is the only weak spot. 🛠👥 Code Documentation: 87% They could improve on traceability and architecture but overall thorough documentation.📄🔍 Testing: 73%. Good tests, yes with formal validation, but no documented code coverage or test report. 🚨🧪 Security: 86%. Solid audits, big bug bounty but I am not sure which audits are applicable to this code or if they have active monitoring. 🔒✅ Admin Controls 61%. The only individual score that did not pass. Rather dated, weak process. Room for improvement. Dive Deeper: For an in-depth analysis, explore the full Eigan Layer report on DeFiSafety. https://t.co/E5WXCEprbR

Our team is also looking at more effort on "how to" discussions because the public info seems unspecific and old (no L2 info). Are there users who would appreciate that? We would be very specific and current. How to use an exchange, how to transfer funds, how to swap with very specific discussion to avoid phishing, address poisoning etc. Wallet strategies. Useful for simple business users and retail.

DeFi's Biggest Security Problem https://t.co/67O4zGYR2Y

One element that has been missed from the Radiant Capital post mortem (https://t.co/HVAYiVCQZT) are Transaction signing policies. This is simply writing the SOP for the signers down, checking the signers actually use the transaction signing policy. It's advantage is once a security incident like this takes place, you have a document you can improve upon. At the moment nobody is writing these processes down or auditing. This is not a path to improvement. Lost keys have become a much higher risk that an actual software hack. The community needs to take more efforts DeFiSafety can help.

Excellent initiative and I would recommend users of DeFi take note!

We have been off for a bit, developing other products. We are back with an account abstraction software suite, their operating system for smart account! These guys do things right and put in the work. Nexus’ Score: 92%. They were strong all over 📊 Key Findings: 100% Code and team was perfect 🛠👥 Code Documentation: 88% They could improve on traceability but overall thorough documentation.📄🔍 Testing: 85%. Basically everything except formal validation 🚨🧪 Security: 88%. Solid audits. The bug bounty could be bigger but as they are not a protocol, they do not have the liquidity. 🔒✅ Dive Deeper: For an in-depth analysis, explore the full Biconomy Nexus report on DeFiSafety. https://t.co/D0TM1g8aZz

Great that Blast failed. Maybe people will see that rabid toiekenism goes no where and they should build products that actually meet needs. Oh, I am being stupidly naive again.

This is excellent. If you answer No to any of these questions, DeFiSafety can help bring them to Yes. https://t.co/BSVcdrg6V6

Linea Chain Review https://t.co/2Oe6xQiPpy Linea's Score: 45%. This score was low mostly as they are a young centralized L2 with closed source code. 📊 Key Findings: Nodes Linea scores low As most L2's (especially young ones) it is very centralized. 🛠👥 Node and Supporting Software: They are still closed source on development and software. Code Documentation: Comprehensive Architecture documentation and a great white paper. However given they are closed source, no source documentation was to be found.. 📄🔍 Testing: As they are closed source, no testing was visible. I'm sure they are doing it it is just not transparent. 🚨🧪 Security: Multiple audits and a good bug bounty program Gives a solid score here. 🔒✅ Dive Deeper: For an in-depth analysis, explore the full Linea report on DeFiSafety.

📢 Thread Alert: Unpacking Pendle's Process Quality Review! 🛡️https://t.co/T9pnHalexA Pendle's Score: Pendle has been scored at 68%. This score indicates solid practices with significant room for enhancement. 📊Key Findings: Code and Team: Pendle scores high in code accessibility and public team transparency but did not do any changes based on initial reports. 🛠️👥Code Documentation: Comprehensive documentation is available, covering architecture and source code, aiding clarity and understanding. 📄🔍Testing: No evidence of code testing or coverage, posing potential risks. 🚨🧪Security: Multiple audits and a substantial bug bounty program enhance security, though monitoring needs improvement. 🔒✅Admin Controls: High transparency in admin controls and immutability, ensuring trust in governance. 🔧📑 Dive Deeper: For an in-depth analysis, explore the full Pendle report on DeFiSafety:https://t.co/T9pnHalexA@pendle_fi

SynFutures has secured a low score of 15%. This rating clearly signals major areas for improvement and concerns that need immediate attention. 📉 3️⃣ Key Findings: Protocol and Team Transparency: SynFutures offers only basic information about their protocol and team. Such limited disclosure impacts the trust and confidence users can place in the platform. 🕵️‍♂️👥 Audit Issues: Although an audit has been performed, the lack of verifiable connection between the audit scope and the actual contracts in use casts doubts about the effectiveness and relevance of the audit itself. The team sees to have deliberately kept the code private rendering their audit score effectively 0%. 📜❌ Testing and Security: The absence of proven testing methodologies or deployment records on testnets suggests potential vulnerabilities in the protocol. This lack of robust testing protocols is a red flag for users concerned with security. 🚨🧪 Admin Controls: The review points out a complete absence of information regarding administrative controls. This omission makes it difficult to assess who has control over the protocol and under what conditions, increasing the risk of misuse or poor governance. 🔧🔒 https://t.co/wsqjrRLYP0

DefiSafety is offering a new CISO-as-a-service for protocols looking to strengthen their risk planning and mitigation. We have competitive pricing. If you're interested in strengthening your protocol, reach out to us!

https://t.co/jhhcOEOjNF AAVE V2 has been updated for 0.9! Stay tuned, later this week AAVE V3 will be released in 0.9. AAVE V2's Score: Achieving an impressive score of 90%, AAVE V2 demonstrates a strong commitment to security, documentation, and testing practices. 📈 Key Insights: Code and Team: AAVE V2 boasts easily accessible smart contract addresses, a public repository, a transparent team, and prompt developer responses. 💻👥 Documentation: With comprehensive code documentation and a detailed whitepaper, AAVE V2 ensures clarity and accessibility of information, though some areas could use further details. 📚🔍 Testing: Extensive testing and formal verification underscore AAVE V2's commitment to security, despite the lack of a publicly available code coverage report. 🧪✅ Security: High-quality audits and an active bug bounty program highlight AAVE V2's proactive approach to security, despite gaps in protocol monitoring documentation. 🔐🛠 Admin Controls: Clear governance processes for code updates and admin roles reinforce the protocol's transparency and security governance. 🔧⚖️ Oracles: Comprehensive documentation on oracles and flashloan attack mitigation showcases AAVE V2's thorough approach to external data reliability and security. 🌍🔒 https://t.co/jhhcOEOjNF 🙏 We value your feedback on our efforts to enhance DeFi safety standards. Share your thoughts! #DeFiSafety 🌟🚀

📢 Thread Alert: Exploring Orbit's Process Quality Review! 🌌 https://t.co/RIS4UK8q8U 1️⃣ Introduction: DeFiSafety scrutinizes DeFi protocols for security and transparency. Orbit's evaluation dives deep into its commitment towards creating a safer DeFi ecosystem. 🛠🔐 2️⃣ Orbit's Score: Orbit scored 17%. This low score reflects significant areas for improvement across the board. 📉 3️⃣ Key Findings: Code and Team: Easy to find contract addresses, but the team remains anonymous, and developer responsiveness is lacking. 🧑‍💻❓ Code Documentation: Lacks a comprehensive whitepaper and clear software architecture documentation. 📚 Testing: No evidence of deployed code testing or formal verification, raising concerns about the protocol's resilience. 🚨 Security: Minimal auditing and absence of a bug bounty program, indicating potential security vulnerabilities. 🔒⚠️ Admin Controls: Upgradeability and admin roles are undocumented, making protocol governance unclear. 🔧❌ Oracles: While oracles are used, documentation on their operation and security is insufficient. 🌐✖️ 4️⃣🔗 Dive Deeper: For detailed insights, visit the full Orbit report on DeFiSafety. https://t.co/RIS4UK8q8U 🙏 We value your feedback in our mission to enhance DeFi safety standards. Let's improve transparency and security together! #DeFiSafety 🌟🔍

🎉 Thrilled to announce that @Ensuroproject has been awarded a quality certificate by DeFiSafety! 🛡🏆 Their commitment to transparency and robust documentation has truly set a benchmark in the DeFi space. We were impressed by their efforts in improving their security and transparency. https://t.co/5VjfBBwgNVEnsuro's remarkable score of 93% reflects their excellence in various critical areas:🔍 Code and Team: Ensuro shines with easy-to-find smart contract addresses, a public software repository, and a non-anonymous, responsive team.📄 Code Documentation: Their comprehensive documentation, including a detailed whitepaper, covers the architecture and deployed contracts' source code, although tracing to the protocol's source code could see improvement.🧪 Testing: Ensuro boasts an impressive test coverage of 98%, showcasing their commitment to security and reliability, despite the absence of formal verification.🔐 Security: Highlighted by thorough audits and practical bug bounty programs, Ensuro demonstrates a proactive stance on security, even though the bug bounty's value could be higher relative to their total value locked.⚙️ Admin Controls: The protocol's thoughtful approach to upgradeability and admin controls emphasizes transparency and security, with detailed documentation on governance and operational policies.🔗 Dive into the full report to uncover the detailed analysis behind Ensuro's success: https://t.co/5VjfBBwgNVYour feedback drives us forward. Let's continue enhancing the DeFi landscape together! #DeFiSafety #Ensuro 🌟🚀 #Safety #Crypto #Eth

📢 Thread Alert: Dive into Teahouse Finance's Process Quality Review! 🛡️https://t.co/G3ZfmGdsSs2️⃣ Teahouse Finance's Score: The platform scored 36%. This result indicates a balance between commendable efforts and significant opportunities for growth. 📉3️⃣ Highlights:Code and Team: The smart contract addresses are notably accessible, and the team's identity is public, setting a strong transparency precedent. However, the lack of a public software repository poses questions. 🛠️👥Code Documentation and Testing: Documentation and testing are crucial for understanding and trust in a protocol. Unfortunately, Teahouse Finance has not provided substantial information in these areas, which is a critical point of concern. 📄🚨Security: Their efforts in auditing are appreciable, with a substantial audit conducted. Yet, the absence of a bug bounty program and inadequate documentation on protocol monitoring underscore the need for heightened security measures. 🔒⚠️Admin Controls: A lack of clarity and documentation regarding admin controls and upgradeability features points to potential governance risks and emphasizes the need for more transparency. 🔧📑4️⃣🔗 For a thorough analysis, visit the full Teahouse Finance report on DeFiSafety.https://t.co/G3ZfmGdsSs🙏 We value your feedback in our ongoing quest to enhance DeFi safety standards. #DeFiSafety 🌟📈

We had a very successful time at ETHDenver last week! Stay tuned for more reviews upcoming 👀

Rex from DefiSafety is at ETHdenver! Dm us if you want to meet 👀

Rex from DeFiSafety will be at @EthereumDenver Wednesday to Saturday. Reach out!

📢 Thread Alert: Diving into Marginly's Process Quality Review! 🛡️ https://t.co/IuLa8JZ9lf 1️⃣ Introduction: DeFiSafety conducts thorough reviews on DeFi protocols, assessing their transparency and security practices. Marginly's latest evaluation showcases their efforts in fostering a safer DeFi ecosystem. 🌐🔍 2️⃣ Marginly's Score: Marginly achieves a score of 64%. This outcome highlights their strengths and points out areas for improvement, indicating a balanced approach towards protocol safety. 📈 3️⃣ Key Findings: Code and Team: Marginly displays strong transparency with easily accessible smart contract addresses and a public software repository. However, the team's partial anonymity poses questions about full transparency. 🛠️👥 Code Documentation: The protocol lacks a whitepaper, and while some documentation is provided, it falls short in comprehensively covering the deployed contracts and their architecture. 📄🔍 Testing: Marginly has conducted extensive testing on their code, yet the absence of a detailed test report and formal verification underscores potential risks. 🚨🧪 Security: The protocol's single audit, coupled with the lack of a bug bounty program, raises concerns about its vulnerability management and security posture. 🚫🔒 Admin Controls: Despite the code's apparent immutability, the lack of detailed documentation on upgradeability, admin controls, and transaction policies suggests areas ripe for enhancement. 🔧📑 4️⃣🔗 Dive Deeper: For a comprehensive analysis, visit the full Marginly report at DeFiSafety. https://t.co/IuLa8JZ9lf 🙏 We value your feedback as we continue to push for higher standards in DeFi safety. #DeFiSafety 🌟📈

Diving into Spool Finance's review by DeFiSafety, it's a mix of tech savvy and areas needing a polish. With a solid 73% score, they're making waves in transparency and security. They've got the basics down with accessible code and a public team, yet there's room to grow in documentation depth and testing transparency. Security's strong, thanks to rigorous audits and a hefty bug bounty program, but monitoring could use a boost. And while admin controls show promise, clarity could be better. For the full scoop, check out their review on DeFiSafety: https://t.co/TU5FSljSTB

1/ 🚨 The #DeFi world is no stranger to the allure of token presales, but not all that glitters is gold. Let’s talk about identifying red flags in presales, with Kelexo serving as a cautionary example. Here's what to watch out for. 👇 2/ 📰 Red Flag #1: Paid Articles Focused on Token Price - A flood of articles hyping up the token price, often without substantial analysis or critique, is a warning sign. Transparency in coverage is key; lack thereof can indicate a sketchy presale. 3/ 📚 Red Flag #2: Hard-to-Find Documentation - Genuine projects pride themselves on accessibility and transparency. If you're digging through Telegram for a whitepaper, like with Kelexo, it's a signal to proceed with caution. 4/ 🛠 Red Flag #3: Vague Tech Promises - Be wary of projects that promise revolutionary technology without clear explanations. Vague mentions of AI and crypto integration, without technical substantiation, should raise eyebrows. 5/ 👥 Red Flag #4: Anonymous Team - Knowing who’s behind a project is fundamental. A lack of public team information, akin to what we see with Kelexo, is a significant risk factor. Trust and transparency go hand in hand. 6/ 📃 Red Flag #5: Presale-Heavy FAQs - If a project’s FAQ is exclusively about presale details without addressing the product itself, question its long-term viability. Engagement beyond the presale is essential for sustainable success. 7/ Using Kelexo as a case study, it's clear that due diligence is paramount before jumping into any presale. Look beyond the hype; Don't trust, verify. #crypto 8/ 🕵️‍♂️ Investigate thoroughly: check for unbiased reviews, seek out comprehensive documentation, and demand transparency about the team and technology. Your investment deserves rigorous scrutiny.

📢 Thread Alert: Venus V4's Stellar Dive into DeFi Safety! 🌌✨https://t.co/eZCfiVvPAL1️⃣ Introduction: At DeFiSafety, we're on a mission to peel back the layers of DeFi protocols to highlight their commitment to safety and transparency. Venus V4 stands out in our latest exploration. 🚀🔍2️⃣ Venus V4's Score: A whopping 90%! This impressive score reflects Venus V4's dedication to security, code quality, and transparency, setting a high bar in the DeFi space. 📈🎉3️⃣ Key Insights: Code and Team: Full marks here! Venus V4 shines with easy-to-find smart contract addresses, a public software repository, and a non-anonymous, responsive team. A beacon of transparency! 💼👩‍💻 Documentation & Testing: With a detailed whitepaper and thorough documentation, Venus V4 doesn't just talk the talk; it walks the walk. Their rigorous testing regime further underscores their commitment to security. 📚🧪 Security & Audits: Sporting a near-perfect score, Venus V4 has undergone extensive auditing by leading firms, showcasing their unwavering focus on user safety. However, a noted area for improvement is their bug bounty program, suggesting even the stars have room to shine brighter. 🛡🔍 Admin Controls & Oracles: Clear admin controls and a solid understanding of oracle use demonstrate Venus V4's robust approach to governance and data integrity. 🎛🌍4️⃣ Into the Cosmos: Venus V4's approach, blending rigorous security measures with transparent practices, sets a precedent in the DeFi universe. For those looking to navigate the vastness of DeFi safely, Venus V4's orbit is a promising trajectory. 🌠📖$XVS #BNBchain #Ethereum #Lending #borrowing #defi @VenusProtocol

📢 Thread Alert: Unpacking IPOR's Process Quality Review! 🛡1️⃣ Overview: IPOR achieves a 74% score in its Process Quality Review, reflecting strengths and areas for improvement. 🌐🔍2️⃣ Key Findings:Code and Team: Strong team visibility, but lacking detailed code documentation and testing. 🛠👥Code Documentation: Limited software documentation and traceability. 📄🔍Testing: Adequate testing but lacks detailed test reports and formal verification. 🚨🧪Security: Multiple audits conducted, bug bounty in place, but lacks monitoring documentation. 🚫🔒Admin Controls: Clear admin roles, but no robust transaction signing policy. 🔧📑Oracles: Well-documented Oracle, but no mitigation for flashloan attacks. 🌐⚠️3️⃣ Conclusion:IPOR demonstrates a commendable commitment to security with multiple audits and a bug bounty program in place. However, there are areas like code documentation, testing, and admin controls that could benefit from enhancement to ensure robustness and transparency. 🛡💡4️⃣🔗 Dive Deeper:For a comprehensive analysis, explore the complete IPOR report on DeFiSafety's platform.IPOR Protocol Report Link: https://t.co/70hCx4CKZj🙏 Your insights are invaluable as we strive for continuous improvement in DeFi safety standards. #DeFiSafety 🌟📈

Beautiful example of how bug bounty, monitoring work to keep a protocol safe. https://t.co/qmuNCBphGN

DeFiSafety rates protocols on their transparency and best practices. Protocols must prove to the community (not just DeFiSafety) that they are a safe place for investments. https://t.co/NVxCWHwFo0

📢 Thread Alert: We're excited to introduce our updated 0.9 protocol review process! Here's a breakdown of what's new and why it matters for #DeFi safety. 🛡 https://t.co/4Hz4pTMyN3

Locked, loaded, and safety-approved: ✅ @immunefi ✅ @cantinaxyz / @spearbit ✅ @DefiSafety ✅ @ABDKconsulting Your assets' safety is our ultimate priority.

With memecoins like TROLL (+37.6%) and https://t.co/Gava2wPvJq (+11.6%) trending on @coingecko today, remember: Higher volatility = higher scam risk. Always verify contracts, check liquidity, and never invest more than you can afford to lose. #CryptoSecurity #DeFiSafety

Crypto Hacks Are Rising – How to Stay Safe? 🚨🔒 In 2024 alone, billions of dollars were lost due to cross-chain bridge exploits and DeFi protocol vulnerabilities. As the crypto landscape grows, so do the threats. But with Ozone Chain’s advanced Quantum Tunnel Technology, you're safeguarded from the most common and catastrophic attack vectors. 🛡️✨ Unlike traditional bridges that expose users to weak points between chains, Quantum Tunnels enable encrypted, direct communication between nodes, fortified by Post-Quantum Cryptography. This ensures end-to-end integrity and resilience—even against future threats posed by quantum computing. When security is non-negotiable, choose a blockchain built with tomorrow’s threats in mind. Ozone Chain delivers a new era of trust and transparency. #OzoneChain #CryptoSecurity #QuantumTunnel #BlockchainHacks #DeFiSafety #CrossChainSecurity #SecureYourAssets

Liquidation risks? Not on our watch. 👀 https://t.co/ymnbg4YrzR keeps you posted with instant alerts ⚠️ so you can act before things get risky. Because in DeFi, staying proactive means staying safe. 🚀 #DeFiSafety #SmartCredit https://t.co/7lryepI0w3

🚀 Navigating DeFi waters? 🧭 Remember, proactive risk management is key! Protect your investments from the unknown with strategies that mitigate protocol vulnerabilities. Stay ahead and secure your DeFi journey. 🌐 #DeFiSafety 1/4

Using DSF Invest is safe for several compelling reasons:🔹 Immutable Smart Contract Operate independently as coded, immune to interference.🔹 Blockchain Storage  Your funds are never under our control, securely locked on Curve.🔹 User Security  No funds stored on our smart contract, reducing the risk of hacking.👉 This reflects the “true DeFi” philosophy, where users maintain full control over their assets. Trust in DSF Invest for a secure passive income tool! #DSFInvest #DeFiSafety #PassiveIncome

🚨 #HashDitCommunityAlert 🚨 🔍 HashDit has detected a hack incident on snowboard token from https://t.co/2NVzA7hKpe. Stay alert! 🕵️ ⚠️ Related tokens: 0x4abfd9a204344bd81a276c075ef89412c9fd2f64 😈 Attack transactions: https://t.co/2ryicnuXAS 🚨 Affect transactions: https://t.co/JSpRgfXTYx 💡 Protect your funds NOW: 1️⃣ Secure your funds if you owns snowboard token. 2️⃣ Make sure you are using our latest state-of-art protection tools like HashDit Snap (https://t.co/OkWUvrJg1d) or HashDit API🫡 3️⃣ DYOR – Always do your own research before interacting with any contract! Stay vigilant, stay safe! 🔒 #CryptoSecurity #DeFiSafety #HashDit

🚨 #HashDitCommunityAlert 🚨 🔍 HashDit has detected a scam token on BASE network. The contract: 0xD2e52695004789140914a1550b22952cd69C765e has a backdoor to drain all your funds! Please review and avoid any transactions with these addresses! 🕵️ The contract contains a malicious "airdrop" function that allows the hidden owner of the contract to transfer all the tokens from ANY user addresses to the hard coded destination. Also, the contract contains an un-renounced hidden owner 0x8fD34092b3c402E5EB897Cf325D91095dC5B11f3. Stay away from this token! 💡 Protect your funds NOW: 1️⃣ Revoke token approvals from these addresses: 0xD2e52695004789140914a1550b22952cd69C765e 0x8fD34092b3c402E5EB897Cf325D91095dC5B11f3 0x1103635B45d49550F5F02Dc2bF3A4D18153cc0e1 0x16554d0980159c51fd070B83339Fc833f7fecdb7 2️⃣ DYOR – Always do your own research before interacting with any contract! Stay vigilant, stay safe! 🔒 #CryptoSecurity #DeFiSafety

🚨 A well-kept secret... that will shake DeFi! 🚨 The year 2025 kicks off with incredible opportunities, but also major challenges for DeFi users. At Athena Ins, we believe it's time to reinvent the way we approach security and performance in the cryptographic space. 🔒 Imagine an ecosystem where : ✅ Your investments are protected. ✅ Decisions are transparent and fair. ✅ Security becomes a driver of your returns. 💡 DeFi is evolving. Are you ready to go beyond the ordinary? 🔍 Athena Ins is more than a protection - it's a vision. #DeFiSafety #CryptoProtection #SecureYourAssets #DeFiInnovation #CryptoInvesting2025

🚨 [ALERT] Start 2025 Safeguarded! 🚨The crypto space remains turbulent, with $XXX million lost to hacks in Q4 2024.At Athena Ins, we're committed to empowering DeFi users with:✅ Decentralized Coverage✅ Instant Smart Contract Claims✅ Fair Resolutions with @Kleros_io 🔒 Don't let your investments remain unprotected. Follow us for reliable, affordable protection in 2025.💡 Big news coming at the end of this week! Stay tuned for an exciting announcement that will redefine DeFi insurance.#DeFiSafety #CryptoSecurity #StayProtected #cryptocurrency

🚀 Secure your blockchain future with Armors!Since 2017, Armors Company Limited has been a pioneer in blockchain security. 🌐 Partnering with top chains like BSC, Ethereum, Polygon, and Solana, Armors has provided comprehensive audits and security services to over 2,000 platforms including Huobi Global, Tron, MyToken, imToken, OKEx, BSC, Coin98, WebKey, and wkeyDAO. 💎With an impressive track record of recovering 32,000+ BTC in client assets, Armors is the ultimate guardian of your digital ventures. 🔒📋 WebKey Audit Verification: https://t.co/xDwDfU6QDI#WebKey #Blockchain #Security #Armors #CryptoAudits #DeFiSafety #BSC #Ethereum

🚨 #HashDitCommunityAlert 🚨 🔍 HashDit has detected a potential vulnerability affecting the WINK project contract: 0x9c8aacd7c5971e17ae327b8f105845654bf17585. The contract was attacked and lost over 20+ BNB, with 203 BNB (approx. $150k) still at risk! Immediate action is necessary to prevent further losses. ⚠️ Attacker's Address: 0x99ec17582dd9e4161b3a13d7fecb595e2ccb265d 📌 One of the Attack Transactions: 0xaf18111fd9a707b3dbebc7eb6cec41de1079b4cc03c3fdaa03269668a769b64c 📥 Attacker was funded via Transak Wallet! 💡 Protect your funds NOW: 1️⃣ Revoke token approvals or transfer your funds out of the affected addresses immediately: 0x9c8aacd7c5971e17ae327b8f105845654bf17585 0x99ec17582dd9e4161b3a13d7fecb595e2ccb265d 2️⃣ Stay secure with HashDit's advanced tools, such as HashDit Snap or the HashDit API. 🛡️ 3️⃣ DYOR – Do Your Own Research before interacting with any contracts. Stay vigilant, stay safe! Protect your assets from malicious activities. 🔒 #CryptoSecurity #DeFiSafety #HashDit

🚨 #HashDitCommunityAlert 🚨 🔍 HashDit has detected a hack on ZHH token (0x15812922a3b0e71bc27e1960dcb323b0f22c0ef3) 😈 The hacker minted 10,000,000,000,000,000,000,000 ZHH tokens to themselves with this txn: https://t.co/BXK7JdiVGA And they later on swapped all the ZHH tokens to USDT, gaining ~$259k: https://t.co/lm6PcXNp8Q Please review and avoid any transactions with these addresses! 🕵️ 💡 Protect your funds NOW: 1️⃣ Revoke token approvals from these addresses: 0xB2cD922a3d61A07b72FFBcf070C175626Cc1f10e 0x15812922a3b0e71bc27e1960dcb323b0f22c0ef3 0xc94433de054429c5c52862d760de6cf5452db751 2️⃣ Try to swap your ZHH token to minimize the lost. 3️⃣ Make sure you are using our latest state-of-art protection tools like HashDit Snap (https://t.co/OkWUvrJg1d) or HashDit API🫡 4️⃣ DYOR – Always do your own research before interacting with any contract! Stay vigilant, stay safe! 10,000,000,000,000,000,000,000 #CryptoSecurity #DeFiSafety #HashDit

🚨 #HashDitCommunityAlert 🚨 🔍 HashDit has detected a flashloan attack on the contract 0x405960aeaad7ec8b419dedb511dfe9d112dfc22d. @planet_finance be aware of your BTCB tokens! 💡 The attack transaction: https://t.co/dl8MHbmTOD The attacker could initiate a flash loan and first swap out the GAMMA token, prompting the Planet Farm contract to execute the same swap update. Afterward, they could swap back the borrowed BTCB token. #CryptoSecurity #DeFiSafety #HashDit

🚨 #HashDitCommunityAlert 🚨 🔍 HashDit has detected a hack on the SCOP (https://t.co/5GTHtxD4pC) project. Please review and avoid any transactions with these addresses! 🕵️ SCOP token: 0xF2c96E402c9199682d5dED26D3771c6B192c01af Affected contract: 0x1a57ca7f1fc999be12c3927ee78f8a0f434689d8 Hackers: 0xf2c96e402c9199682d5ded26d3771c6b192c01af 0x2330d8dcd2ce4a7b5feb0740b3a746fe2385705d $175k worth of SCOP token has been drained from the contract (0x1a57...89d8) 💡 Protect your funds NOW: 1️⃣ Revoke token approvals from these addresses: 0x1a57ca7f1fc999be12c3927ee78f8a0f434689d8 and take action on your SCOP tokens. 2️⃣ Make sure you are using our latest state-of-art protection tools like HashDit Snap (https://t.co/OkWUvrIIbF) or HashDit API🫡 3️⃣ DYOR – Always do your own research before interacting with any contract! Stay vigilant, stay safe! 🔒 #CryptoSecurity #DeFiSafety #HashDit

🚨 #HashDitCommunityAlert 🚨 🔍 HashDit has detected an potential attack on the token "OpenStake" (https://t.co/vweqW09DMZ). The attacker manipulated the price of OPC token and it got more staking amount. Please review and avoid any transactions with these addresses! 🕵️ 💡 Protect your funds NOW: 1️⃣ Revoke token approvals from these addresses: 0xac5766ec2d0c2cf27654f72c1ebfadd810ddf893 0x1d31768772c1998de1280047f4b73fd2bfcb71b4 2️⃣ If you have any funds inside the addresses above, try to "unstake", "withdraw" or "transfer" out of them! 3️⃣ Make sure you are using our latest state-of-art protection tools like HashDit Snap (https://t.co/OkWUvrJg1d) or HashDit API🫡 4️⃣ DYOR – Always do your own research before interacting with any contract! Stay vigilant, stay safe! 🔒 #CryptoSecurity #DeFiSafety #HashDit

🚨 #HashDitCommunityAlert 🚨 ⚠️ HashDit has detected an drain of funds on the project @BullcoinBSC. The contract (0xef111316430ec5f97a1a7ff04b6cdde47c888709), an upgradable proxy, was updated to an unverified smart contract (0xc5f96f469c62aa689d24ff073fc7440849b6f909) containing a backdoor that drains funds. 💡 Protect your funds NOW: 1️⃣ Revoke token approvals from these addresses: 0xef111316430ec5f97a1a7ff04b6cdde47c888709 0xCB9c02F7082A429c8eb245041F4D8A5cF8A096C2 2️⃣ Make sure you are using our latest state-of-art protection tools like HashDit Snap (https://t.co/OkWUvrJg1d) or HashDit API🫡 3️⃣ DYOR – Always do your own research before interacting with any contract! Stay vigilant, stay safe! 🔒 #CryptoSecurity #DeFiSafety #HashDit

📢Industry Update from Hacken: Together with the Enterprise Ethereum Alliance (EEA), Hacken has released the DeFi Risk Assessment Guidelines, a significant advancement for the DeFi space. These guidelines, developed in collaboration with industry leaders such as @Consensys, @EYnews, @OpenZeppelin, @CertiK, @Quantstamp, @qualitaxdotio, @Noves_fi, @LearnMoreWithC4, @cryptio_co, @DeFiSafety, @EntersoftTeam, @SAP, @BitwavePlatform, @The_DTCC, @coinchangeio, @RelmInsurance, and @EntEthAlliance, provide essential clarity and compliance for DeFi protocols. In light of the latest MiCa and DORA regulations, which lack specific security reporting requirements, these guidelines fill a critical gap, offering a best practice roadmap. DeFi projects adhering to these standards can access new markets, achieve capitalization growth, and enhance user benefits, driving mass adoption. We are proud to have @hackenclub as our auditors, as they continually raise the bar on security standards and education in the industry. Learn more about these vital guidelines and how they can impact the DeFi ecosystem: 👇

🔒 Why Pachira's On-Chain Approach Matters 🌐•⁠ ⁠Smart contract automation reduces human error 🤖✨•⁠ ⁠No centralized control points = fewer attack vectors 🛡️•⁠ ⁠All operations are transparent and verifiable 🕵️‍♂️🔍•⁠ ⁠Transactions are immutable once confirmed 📜✔️With Pachira, your assets are safer than ever. 🔐💪#BlockchainSecurity #DeFiSafety #Pachira #CryptoSecure

Did you know?🤔UX’s IBC rate limit is designed to enhance security. It sets a cap on daily outflows from the UX chain, preventing excessive transactions. 🔓If this limit is exceeded, IBC outflow transactions are temporarily halted, safeguarding our ecosystem from potential vulnerabilities. 🔒#DeFi #DeFiSafety #UX

We are excited to announce that Term's @DefiSafety score has increased to 93 following the completion of formal verification with support from @CertoraInc.Learn more at: https://t.co/j6jn9IPJuD https://t.co/OvFDpyDiHP

𝐍𝐎𝐓𝐀𝐁𝐋𝐄 𝐁𝐋𝐎𝐂𝐊𝐂𝐇𝐀𝐈𝐍 𝐀𝐔𝐃𝐈𝐓𝐈𝐍𝐆 𝐂𝐎𝐌𝐏𝐀𝐍𝐈𝐄𝐒@OpenZeppelin@trailofbits@sigp_io@CyfrinAudits@MixBytes@WatchPug_@SpearbitDAO@zellic_io@HalbornSecurity@hackenclub @secure3io@BlockSecTeam@0xorio@Arbitrary_Exec@Verichains@sharkteamorg@Hashlock_@Cyberscope_io@CertiK@Quantstamp@SlowMist_Team@DefiSafety@SolidityFinance@ConsensysAudits@chain_security@RugDocIO@ImmuneBytes@AckeeBlockchain@web3_antivirus@hexagate_@Beosin_com@Armors_Security@cybirbtech@ShellBoxes@BlaizeSecurity@kalos_security@code4rena@hexensio@redteampl@peckshield

We’re thrilled to announce our close collaboration with the @modelguardnet team! Modelguard is a project launching on @virtuals_io to bring insurance to the agentic economy. Over the past months, we’ve brought our technical risk expertise to help build the core agent‑assessment logic behind ModelGuard’s AI underwriting & insurance infrastructure, grounded in transparent, verifiable data. This collaboration represents our shared mission: raising standards in autonomous DeFi and ensuring that protocol‑native agent risk is monitored, auditable, and secure.

We’re thrilled to announce our close collaboration with the @modelguardnet team! Modelguard is a project launching on @virtuals_io to bring insurance to the agentic economy. Over the past months, we’ve brought our technical risk expertise to help build the core agent‑assessment logic behind ModelGuard’s AI underwriting & insurance infrastructure, grounded in transparent, verifiable data. This collaboration represents our shared mission: raising standards in autonomous DeFi and ensuring that protocol‑native agent risk is monitored, auditable, and secure.

If you do big $$ Transaction on chain USE A SEPARATE SIGNING COMPUTER. This is relevant to ByBIT and Radiant Capital and others.

HyperLiquid has no transparency and doesn't care. They are proudly closed source and expect users to trust their anon founders. And with 1.7 billion TVL, it seems users don't care about transparency either. Their DeFiSafety score is 7%. https://t.co/9XwwNsSKfK Transparency is the best reason why DeFi is better than TradFi. But transparency is steadily disappearing. DeFi protocols have no financial incentive for transparency because no one (except for DeFiSafety which is tiny and underfunded) seems to care. LPs don't seem to care. Most users don't seem to care and there are no regulators. We are steadily killing DeFi with our own disdain.

Usual Finance has distinct weak points. No tests and almost no Access Control docs drives the score down to 49%. Code documentation and security is good, though. Key Findings: 50% No tests visible. Limited admin controls and docs 🛠👥 Code Documentation: 92% No complaints here, solid.📄🔍 Testing: 0%. No tests visible. No GitHub. 🚨🧪 Security: 83%. Good audits, but no bug bounty. They have active protocol monitoring though. 🔒✅ Admin Controls 13%. They clearly said they were upgradeable, but nothing else. Dive Deeper: For an in-depth analysis, explore the full Usual report on DeFiSafety. https://t.co/RcdGVILfaL

Solana’s Raydium Finance’s transparency has stayed substandard! Score 50%. Code documentation is limited and no tests are visible. Good audit and bug bounty though. This is the second review of Radium. The one from 2022 was about the same score. Key Findings: 50% No tests visible. Limited admin controls and docs 🛠👥 Code Documentation: 38% Whitepaper and some architecture docs, but no real software documentation.📄🔍 Testing: 0%. No tests visible. 🚨🧪 Security: 82%. They have a four audits (though the findings are concenring). Solid bug bounty. 🔒✅ Admin Controls 0%. They clearly say that devs have total control with no multisig. Dive Deeper: For an in-depth analysis, explore the full Raydium report on DeFiSafety. https://t.co/4w39CoX0D6

I just published another part of our DeFi Guide Pt 2 — Chains https://t.co/DGCh6fLRcF Next I dive into the wallet and transactions.

We just published our next article on the DeFi guide - Exchanges. The next one will be on chains. https://t.co/Y4QaThW688

The second chapter to our Guide to DeFi answers the Why: https://t.co/aALGjo4PN6

We published the Intro to our Guide to DeFi; https://t.co/ktp0p3Ls9Q

Sticking with staking apps, let’s look at Jito, Solana’s staking choice Jito’s Score: 50%. a fail, though not a bad one. 📊 No documentation, weak testing, no admin controls but good audits Key Findings: 83% Code and team is strong. The devs did not respond at all. 🛠👥 Code Documentation: 0% We could not find documentation. The GitHub itself was confusing.📄🔍 Testing: 49%. They did do tests, but only 80% test to code and no test report.. 🚨🧪 Security: 86%. Solid audits, good bug bounty but no documented monitoring. 🔒✅ Admin Controls 0%. No discussion on admin controls despite a government section. Dive Deeper: For an in-depth analysis, explore the full Jito report on DeFiSafety. https://t.co/wLe4J9VVMn

We are going back to weekly reports and will start off with this powerhouse of restaking. Eigan’ Score: 78%. Pretty good, a pass 📊 Key Findings: 90% Code and team is strong. The devs did not respond promptly. This is the only weak spot. 🛠👥 Code Documentation: 87% They could improve on traceability and architecture but overall thorough documentation.📄🔍 Testing: 73%. Good tests, yes with formal validation, but no documented code coverage or test report. 🚨🧪 Security: 86%. Solid audits, big bug bounty but I am not sure which audits are applicable to this code or if they have active monitoring. 🔒✅ Admin Controls 61%. The only individual score that did not pass. Rather dated, weak process. Room for improvement. Dive Deeper: For an in-depth analysis, explore the full Eigan Layer report on DeFiSafety. https://t.co/E5WXCEprbR

Our team is also looking at more effort on "how to" discussions because the public info seems unspecific and old (no L2 info). Are there users who would appreciate that? We would be very specific and current. How to use an exchange, how to transfer funds, how to swap with very specific discussion to avoid phishing, address poisoning etc. Wallet strategies. Useful for simple business users and retail.

DeFi's Biggest Security Problem https://t.co/67O4zGYR2Y

One element that has been missed from the Radiant Capital post mortem (https://t.co/HVAYiVCQZT) are Transaction signing policies. This is simply writing the SOP for the signers down, checking the signers actually use the transaction signing policy. It's advantage is once a security incident like this takes place, you have a document you can improve upon. At the moment nobody is writing these processes down or auditing. This is not a path to improvement. Lost keys have become a much higher risk that an actual software hack. The community needs to take more efforts DeFiSafety can help.

Excellent initiative and I would recommend users of DeFi take note!

We have been off for a bit, developing other products. We are back with an account abstraction software suite, their operating system for smart account! These guys do things right and put in the work. Nexus’ Score: 92%. They were strong all over 📊 Key Findings: 100% Code and team was perfect 🛠👥 Code Documentation: 88% They could improve on traceability but overall thorough documentation.📄🔍 Testing: 85%. Basically everything except formal validation 🚨🧪 Security: 88%. Solid audits. The bug bounty could be bigger but as they are not a protocol, they do not have the liquidity. 🔒✅ Dive Deeper: For an in-depth analysis, explore the full Biconomy Nexus report on DeFiSafety. https://t.co/D0TM1g8aZz

Great that Blast failed. Maybe people will see that rabid toiekenism goes no where and they should build products that actually meet needs. Oh, I am being stupidly naive again.

This is excellent. If you answer No to any of these questions, DeFiSafety can help bring them to Yes. https://t.co/BSVcdrg6V6

Linea Chain Review https://t.co/2Oe6xQiPpy Linea's Score: 45%. This score was low mostly as they are a young centralized L2 with closed source code. 📊 Key Findings: Nodes Linea scores low As most L2's (especially young ones) it is very centralized. 🛠👥 Node and Supporting Software: They are still closed source on development and software. Code Documentation: Comprehensive Architecture documentation and a great white paper. However given they are closed source, no source documentation was to be found.. 📄🔍 Testing: As they are closed source, no testing was visible. I'm sure they are doing it it is just not transparent. 🚨🧪 Security: Multiple audits and a good bug bounty program Gives a solid score here. 🔒✅ Dive Deeper: For an in-depth analysis, explore the full Linea report on DeFiSafety.