• OtterSec OtterSec

Posts

Hitchhiker's guide to Aptos fungible assets

We take a deep dive into Aptos’ implementation of fungible assets, exploring the intricacies hidden within its functions, objects, and interactions. While the Fungible Asset model was designed to address the limitations and security flaws of the legacy Coin standard, it also introduced new challenges and vulnerabilities that developers should be aware of.
OtterSec

The story of the curious rent thief

A tale of pickpockets preying on the Solana ecosystem. Read our investigation into the persistent theft of rent from uninitialized accounts. This is the story of the Solend rent thief.
OtterSec

Becoming a millionaire, 0.000150 BTC at a time

How we discovered a critical issue in Solana's stable swap implementation. A story about arbitrage and rounding.
OtterSec

Solana: an auditor's introduction

A security-focused introduction to Solana, exploring the underlying runtime environment, security boundaries, and implications. An important resource for all developers who want to write more secure code.
OtterSec

The $200m bluff: cheating oracles on Solana

How we fooled oracles to beat the house. An exploration into liquidity tokens and oracle price manipulation.
OtterSec