Offside Labs
@Offside_Labs
Followers
2K
Following
70
Media
15
Statuses
79
🚀 Web3 Security pioneers | Expert security auditors & consultants | Guarded $300M+ in digital assets | @Paradigm_CTF 2023 Champion 🥇
Joined August 2023
We've landed the first place at Paradigm CTF 🥇 Major props to our rockstar team at Offside Labs and big thanks to the @paradigm_ctf organizers for a fantastic event🔥 Let's continue to make the Web3 universe a safer place, together! 🚀🏆
Official results are out! Congratulations to @Offside_Labs, @kalos_security, and @ChainLight_io for securing their position in the Top 3, as well as everyone else who participated! Additionally, special thanks (in alphabetical order) to @ChainLight_io, @cmichelio, @osec_io,
5
9
102
Dive into our detailed security assessment of SolvBTC Vault: https://t.co/8KnEGrmeRR
github.com
Contribute to OffsideLabs/reports development by creating an account on GitHub.
0
0
0
4️⃣ Every withdrawal requires a signature from an authorized off-chain service. The on-chain contract verifies this signature before releasing any assets. If the signature doesn't match or is invalid, the transaction is rejected – no exceptions.
1
0
0
3️⃣ Even if the off-chain signing key is leaked, an attacker cannot arbitrarily forge withdrawal requests, nor can they redirect other users' withdrawals to their own accounts.
1
0
0
2️⃣ If a malicious user initiates a withdrawal request, the off-chain service can refuse to provide a signature, preventing the withdrawal from being executed.
1
0
0
1️⃣ During our review of Solv's withdrawal flow, we tested a hypothetical scenario: What if an attacker tried to forge a withdrawal request to steal user funds? It utilize a "Request-and-Approve" mechanism, ensuring both efficiency and security:
1
0
0
Our review focused on: 1. Verify the deposit logic to ensure users receive the exact amount of yield tokens 2. Test signature flows to guarantee funds are redeemed by rightful owners. 3. Validate the permission system to ensure only authorized roles manage vault settings.
1
0
0
Our team focused on the complex logic connecting pricing with user asset safety. The Verdict: ✅ 0 Critical Vulnerabilities ✅ 0 High-Severity Issues
1
0
0
We’ve officially completed a security review for @SolvProtocol. Proud to support their work building Bitcoin liquidity infrastructure on Solana.🤝
1
1
9
Jupiter Lend has undergone rigorous, independent security audits from top-tier firms to ensure the protocol’s safety, correctness, and resilience. Audits Completed: • @zenith256 • @Offside_Labs • @MixBytes • @osec_io In progress: • @certora We've also open-sourced
8
10
61
1st audit report by the best @Offside_Labs
https://t.co/qMX6LkhYjF
github.com
Contribute to RateX-Protocol/Audit-Report development by creating an account on GitHub.
16
15
89
Laced Up and One Step Closer to Game Time btcSOL has been fully audited by @Offside_Labs, one of the leading Web3 security firms providing audits for many top protocols in Solana ecosystem, e.g., Jupiter, Meteora, etc. This process ensures the staking infrastructure and user
22
29
130
🚨GMX V1🚨 Yet another Ethereum reentrancy exploit! Keeper decreases long → sends ETH → triggers re-entry to evil contract. During re-entry: • Vault's `isLeverageEnabled=true` • Evil contract bypasses PositionManager • Opens short WITHOUT updating global price Attack: 1.
The GLP pool of GMX V1 on Arbitrum has experienced an exploit. Approximately $40M in tokens has been transferred from the GLP pool to an unknown wallet. Security has always been a core priority for GMX, with the GMX smart contracts undergoing numerous audits from top security
1
0
9
We would like to once again thank our gold sponsors @Offside_Labs && @osec_io for their tremendous support, as well as Google Cloud for their infrastructure sponsorship. Their assistance made our event possible
1
2
6
We are thrilled to be the gold sponsor of R3CTF! The game is just 10 hours away! Show off your hacking skills and compete with the world’s best hackers!👇 https://t.co/fxO30VhF6V
Offside Labs ( https://t.co/HDXGEWYO1m) is a top-tier security team founded by legendary CTF players who have won Pwn2Own, DEFCON CTF, and other major competitions. They now leverage their expertise in Web3, securing billions in digital assets through professional auditing service
0
3
13
We have successfully completed our third audit with @Offside_Labs Flash Trade is not just the fastest and cheapest but also the safest exchange on Solana ⚡️ Audit report in the link below⬇️
3
6
51
We're thrilled to see the relentless hard work and improvement from @JupiterExchange 🔥Keep rocking it for everyone!
The day after Christmas, we shipped one of our biggest upgrades on the Jupiter aggregator program. The project started around March with steady improvements and ended with a final rewrite on our Jupiter aggregator program. To developers and integrators on top of the program, they
0
0
11
🎄✨ It’s Finally Here! ✨🎄 After a (very) long year, we’re excited to share… our website is live! 🎉 Take a look—it’s a little piece of us, made with love. 👉 https://t.co/xfqQRQGvk6 Merry Christmas & Happy Holidays!🎅🎁
0
1
7
ecstatic to announce that solana-nostd-entrypoint has been audited by @Offside_Labs, generously funded by @JupiterExchange hyperefficient DeFi is coming to Solana...
16
14
124
Your security is our priority, and that's why our GAMMA pools are now fully audited by @Offside_Labs 🔥 We have been able to protect our smart contract thanks to their insights into our GAMMA pools. A short 🧵
4
4
24