How We Trained an #LLM to Find Vulnerabilities in #Solidity Smart Contracts
https://blog.positive.com/how-we-trained-an-llm-to-find-vulnerabilities-in-solidity-smart-contracts-9337bcae5e46
https://blog.positive.com/how-we-trained-an-llm-to-find-vulnerabilities-in-solidity-smart-contracts-9337bcae5e46
Medium
How We Trained an LLM to Find Vulnerabilities in Solidity Smart Contracts
At Positive Web3, we live and breathe smart contract security. Our work revolves around analyzing vulnerabilities, researching exploits…
👍8🔥4👏3
Formal verification of #Solidity smart contracts in the #ConCert framework.
https://blog.positive.com/formal-verification-of-smart-contracts-in-the-concert-framework-e04ce79ddc09
#coq #web3 #web3security
https://blog.positive.com/formal-verification-of-smart-contracts-in-the-concert-framework-e04ce79ddc09
#coq #web3 #web3security
Medium
Formal verification of smart contracts in the ConCert framework
In this article, I would like to discuss methods and tools for the formal verification of smart contracts…
👍3🔥3🙏3👏1
New #Web3Security Conf 😎
🚀 Call for Papers is Open!
🎉 We pay for flight and lodging for speakers!
Join us at Positive Hack Days 2025 in Luzhniki, Moscow – the biggest cybersecurity event!
📅 May 22-24, 2025
🔹 Hardcore Web3 security talks from top experts
🔹 A truly global, multicultural conference on Web3 security
🔹 CTF competition focused on #Web3 challenges
🔹 Part of the largest cybersecurity festival – #PHDays
🔗 Submit your paper: cfp.phdays.com
Let’s push Web3 security to the next level! 🚀
🚀 Call for Papers is Open!
🎉 We pay for flight and lodging for speakers!
Join us at Positive Hack Days 2025 in Luzhniki, Moscow – the biggest cybersecurity event!
📅 May 22-24, 2025
🔹 Hardcore Web3 security talks from top experts
🔹 A truly global, multicultural conference on Web3 security
🔹 CTF competition focused on #Web3 challenges
🔹 Part of the largest cybersecurity festival – #PHDays
🔗 Submit your paper: cfp.phdays.com
Let’s push Web3 security to the next level! 🚀
👍5🔥3❤1
🚀 Next-gen security for TON smart contracts!
Meet our #AI-powered RAG agent, built on #ChatGPT. It helps audit, looks for vulnerabilities, and is built to strengthen Web3 security. Welcome to the future of security @ton_blockchain
https://chatgpt.com/g/g-677ef5283be881918960cb5a76e1dd47-ton-agent-by-positiveweb3
Meet our #AI-powered RAG agent, built on #ChatGPT. It helps audit, looks for vulnerabilities, and is built to strengthen Web3 security. Welcome to the future of security @ton_blockchain
https://chatgpt.com/g/g-677ef5283be881918960cb5a76e1dd47-ton-agent-by-positiveweb3
ChatGPT
ChatGPT - TON agent by PositiveWeb3
TON Tact Func Tolk docs and code info 28 Jan 2024
👍4❤🔥2🔥2🙏1
#update
The "update v2" commit makes changes to the README.md file of the TON smart contract audit guide (https://github.com/PositiveSecurity/ton-audit-guide), with the main points summarized as follows:
Restructuring Security Recommendations:
- Updated guidelines on operation independence, using the carry-value pattern, protection against replay attacks, and proper flag handling.
Enhancing Message Formation and Gas Management:
- Revised key verification, gas cost calculations, and measures to prevent depletion of the contract's balance.
Updating Contract Upgrade Procedures:
- Clarified aspects related to the secure use of code update functions (set_code and set_data) and ensuring compatibility with existing storage.
Additional Guidelines for FunC and Tact:
- Expanded recommendations on the correct use of function modifiers, variable handling, and documentation practices.
#PositiveWeb3
The "update v2" commit makes changes to the README.md file of the TON smart contract audit guide (https://github.com/PositiveSecurity/ton-audit-guide), with the main points summarized as follows:
Restructuring Security Recommendations:
- Updated guidelines on operation independence, using the carry-value pattern, protection against replay attacks, and proper flag handling.
Enhancing Message Formation and Gas Management:
- Revised key verification, gas cost calculations, and measures to prevent depletion of the contract's balance.
Updating Contract Upgrade Procedures:
- Clarified aspects related to the secure use of code update functions (set_code and set_data) and ensuring compatibility with existing storage.
Additional Guidelines for FunC and Tact:
- Expanded recommendations on the correct use of function modifiers, variable handling, and documentation practices.
#PositiveWeb3
GitHub
ton-audit-guide/README.md at main · PositiveSecurity/ton-audit-guide
Checklist for security audit of TON projects by @PositiveSecurity - PositiveSecurity/ton-audit-guide
👍4🔥3👏1
Unleash security mode on your TON smart contracts! 🚀
Our cutting-edge research exposes deadly pitfalls & hidden hacks that can torch your tokens.
Level up your blockchain game—read the ultimate guide now 👉 https://blog.positive.com/security-audit-of-smart-contracts-in-ton-key-mistakes-and-tips-33ff3502cfd7 #TON #SmartContracts #Blockchain
Our cutting-edge research exposes deadly pitfalls & hidden hacks that can torch your tokens.
Level up your blockchain game—read the ultimate guide now 👉 https://blog.positive.com/security-audit-of-smart-contracts-in-ton-key-mistakes-and-tips-33ff3502cfd7 #TON #SmartContracts #Blockchain
Please open Telegram to view this post
VIEW IN TELEGRAM
Medium
Security audit of smart contracts in TON: key mistakes and tips
Today, I will share the results of our team’s research and insights on auditing the security of smart contracts in FunC and Tact languages
👍6🔥3❤1
https://blog.positive.com/security-of-ai-agents-in-web3-dbcb371544f7
Please open Telegram to view this post
VIEW IN TELEGRAM
Medium
Security of AI Agents in Web3
The story of How to Hack AI Agents in Web3
👍6❤3🔥3
Discover TONGraph, a Visual Studio code extension that brings clarity to TON smart contract research by visualizing function call graphs in FunC, Tact, and Tolk.
Developed by @PositiveWeb3 security researchers, we invite you to try it out and share your feedback. #TONGraph #TON
https://marketplace.visualstudio.com/items?itemName=PositiveWeb3.ton-graph
https://github.com/PositiveSecurity/ton-graph
Developed by @PositiveWeb3 security researchers, we invite you to try it out and share your feedback. #TONGraph #TON
https://marketplace.visualstudio.com/items?itemName=PositiveWeb3.ton-graph
https://github.com/PositiveSecurity/ton-graph
Visualstudio
TON Graph - Visual Studio Marketplace
Extension for Visual Studio Code - Visualize function calls for TON smart contracts
👍7🔥4❤3
We’ve launched the ultimate hunt for bugs and hacker mastery — the epic CTF has begun at positive.com/ctf!
On the menu: blazing challenges in EVM and TON security — plus one juicy Bug Bounty worth 100 TON!
On the menu: blazing challenges in EVM and TON security — plus one juicy Bug Bounty worth 100 TON!
🔥11👍4👏1
Bugged Blockchain Challenge is LIVE! 🔥
A deliberately vulnerable blockchain awaits your hacking skills! Break into the node or wallet, and submit your top exploit report for a chance to win a massive 100 TON bounty!
Full details at positive.com/bounties.
A deliberately vulnerable blockchain awaits your hacking skills! Break into the node or wallet, and submit your top exploit report for a chance to win a massive 100 TON bounty!
Full details at positive.com/bounties.
🔥8👎1👏1