- Auditing Crypto Wallets The recent NFT buzz has inspired more crypto-currency companies to venture into self-custody wallets. Although many early crypto proponents remain wary of “owning JPEGs”, NFTs have converted many crypto skeptics and present a new use case for smart contract platforms. This is the perfect time for engineers who have developed and audited self-custody wallets for […]
- Improving Tamper Evidence for Hardware Wallets Physical attacks on computing hardware are rare, but can have devastating impact. Physical tampering with a device can include adding or removing electronics to immediately exfiltrate data or to surreptitiously change the device’s behavior while the owner is using it post-tamper. Short of modification, an attacker can simply swap out one device for an identical […]
- Brooklyn Graffiti Artist “Gadse” and the Spread of Bitcoin If you’ve spent any time in Brooklyn, you’re probably familiar with the works of Gadse. A typical intersection in the Bushwick neighborhood looks like this: Graffiti in these neighborhoods is prevalent. Sometimes it is beautiful street art commissioned by building owners. Sometimes it’s a pointless scrawl of a word or name that serves as not […]
- Account Enumeration and Random User Identifiers Security and user-friendliness are not always at ends, but making a product that is simultaneously user-friendly and secure is harder than a making product that accomplishes only one of those goals. In the battle to balance security and usability, usernames are a topic that is hotly debated amongst software developers and security evaluators. Because usernames […]