Multilayer security for Web3 → AI, fuzzing, formal verification, manual audits & monitoring in a single audit → 1,500+protocol audits → 25+ chains → Since 2018
- Tweets 8,771
- Following 53
- Followers 14,900
- Likes 9,454
Tokenized RWA hit $32B in 2026. Up from $6B in 16 months.
Most teams are building yield mechanisms. Almost none are securing what sits between the investor and the asset.
The Treasury bill does not fail. The wrapper around it does.
This is where RWA protocols actually break:
• Custody gap, no bankruptcy remote structure
• Single key on the compliance registry
• Stale oracle misprices the fund NAV
• One bridge vulnerability hits every connected chain
• Redemption logic never stress tested under real demand
• Pre-launch audit with zero ongoing monitoring
ERC-3643, qualified custodians, multisig, Proof of Reserve. Not optional.
Security is not a feature you ship later. In RWA, it is the product.
2
9
847
Tokenized money market funds and private credit just crossed $32B, up from $6B in 16 months.
The growth is real. So is the risk most teams are not pricing in.
The underlying asset almost never fails. The wrapper around it does. Here is where tokenized RWA actually breaks:
• Custody, a single key in a hot wallet.
• Access control, no multisig on the compliance registry
• Oracle and reserves, a stale or single point of failure feed.
• Cross-chain bridges, a new trust boundary on every chain.
• Redemption design, never stress tested under real demand.
• Audit methodology, a one time review with no ongoing coverage.
Regulators in the EU, Switzerland, Germany, and the US have already converged on one rule. Same activity, same risk, same outcome.
We mapped all six layers in our latest report, built for founders shipping real world assets on chain 👇
2
2
10
961
🚨 @taikoxyz Bridge Hacked | ~$1.7M Drained
An RSA private key committed to a public GitHub repo just became a $1.7M exploit.
The attacker forged SGX prover registrations, generated fake L2 state attestations, and drained Taiko's L1 Bridge and ERC20Vault across two phases.
No private key theft. No social engineering.
Just one .pem file sitting in a public repo.
github.com/taikoxyz/raiko/bl…
Full breakdown 👇
13
42
219
51,996
Root Cause: Leaked SGX Signing Key
Taiko's Raiko prover uses Intel SGX to attest L2 state. L1 contracts trust any enclave whose MrSigner matches the stored trustedUserMrSigner.
enclave-key.pem the RSA-3072 private key used to sign ALL Taiko SGX enclaves, was publicly committed to the taikoxyz/raiko GitHub repo.
What the attacker did:
• Derived MrSigner = SHA-256(LE(RSA modulus)) from the public key
• Built a malicious enclave, signed it with the leaked key
• MrSigner matched trustedUserMrSigner - registered as trusted prover
• Malicious enclave attested fake L2 blocks with forged bridge messages
processMessage() forged SGX attestation passes proof check, message status set to RETRIABLE
retryMessage() zero proof verification, RETRIABLE status is all that's needed, funds actually drained
Bridge Contract:
etherscan.io/address/0xd6024…
Vault:
etherscan.io/address/0x99628…
Attacker wallets:
etherscan.io/address/0x7506D…
etherscan.io/address/0xa9803…
Major Drain txs:
etherscan.io/tx/0x451423923a…
etherscan.io/tx/0x017292a7de…
2
1
24
7,538
We've started our security review for @MSTBlockchain .
We're diving into the protocol and infrastructure layer to assess security, reliability, and network behavior across the updated implementation.
Excited to work alongside the team as they continue building.
Looking forward to digging in and sharing our findings when the review wraps up
4
11
51
1,209
Humanity Protocol got rekt by seven keys on one laptop.
No bug. No exploit. A director got phished, the attacker grabbed his Gnosis Safe signer keys on both chains, drained 141M H from the ETH bridge, then minted 122B+ H from nothing on BSC.
3-of-6 and 3-of-5 multisigs. Both were defeated by the same machine.
Full breakdown 🧵
3
6
25
2,116
Formal verification is the only security method with no miss rate.
Zcash's Orchard circuit had a silent inflation bug for 4 years. Expert audits missed it.
A formal verifier does not flag suspicious code. It attempts to prove output = [scalar]*base for all inputs. When the constraint is missing, the proof cannot close. That is a fundamentally different guarantee.
The proof closes or it does not.
We broke down the Zcash bug, the attack chain, and exactly how formal verification would have caught it.
Read it here 👇
3
1
17
1,461
Every crypto neobank says they're secure.
Most only audit the smart contracts.
The problem? Smart contracts are just 1 of 6 layers that hold user funds.
Attackers are increasingly exploiting:
• Custody infrastructure
• Card issuing systems
• Backend ledgers
• KYC vendors
• Mobile applications
The next Infini won't necessarily be a smart contract bug.
Security needs to cover the full stack.
2
1
6
665
🚨 @Humanityprot exploited for $40M+
The attacker didn't find a bug in the code. They compromised 3 Gnosis Safe admin keys, took ownership of the ProxyAdmin, and silently upgraded the entire H token infrastructure across Ethereum and BSC, and managed to get 1,641,182,632 H tokens.
Here's exactly what happened 🧵
2
6
22
1,855
On-chain trail:
Attacker
ETH: etherscan.io/address/0xD1ea8…
BSC: bscscan.com/address/0x6aa22c…
Malicious implementations deployed by attacker
ETH: etherscan.io/address/0xee1bd…
BSC: bscscan.com/address/0xd18cdc…
Previous legitimate bridge implementation (ETH + BSC): 0xfe1a06260b3b68f49862ae5d617686d78f454dea
ProxyAdmin (ETH + BSC): bscscan.com/address/0xd73cd1…
Gnosis Safe owning ProxyAdmin
ETH: etherscan.io/address/0x57641…
BSC: bscscan.com/address/0x2f41c9…
H Token (ETH + BSC): bscscan.com/address/0x44f161…
Root cause: the ProxyAdmin had no timelock. The moment the attacker crossed the Gnosis Safe signing threshold, there was no delay, no monitoring window, and no circuit breaker before the upgrade executed. A timelock on the ProxyAdmin, even 24 hours, combined with AdminChanged event monitoring would have given the team time to respond before a single token moved.
1
3
419
INCIDENT UPDATE:
Last night, June 8, the H token was hit by a coordinated attack across Ethereum and BSC. While we’re still investigating this incident, we want to be transparent with our community about what happened.
As of right now, ~$36M+ has been stolen across both chains and dumped. This was a result of a breach that happened after an employee’s laptop was compromised.
Three of six Gnosis Safe owner keys controlling the Hyperlane bridge ProxyAdmin were compromised. The attacker used these to transfer ProxyAdmin ownership to their own wallet, then upgraded the bridge contract to a malicious implementation and swept ~141.2M H in a single transaction.
Three of five BSC Safe owner keys were also compromised. The attacker performed the same ProxyAdmin seizure on BSC, deployed a malicious implementation with an unlimited mint function, and minted 200,000,005 H in two tranches directly to their wallet.
We’ve now halted all deposits and withdrawals to the affected bridges and are working with all related parties, including exchanges, to minimize the damage. Further to our internal investigation, we’re also working closely with the police to investigate this incident and recover some of the stolen funds.
People in this community worked hard for what they hold here, and we feel the weight of that. We want to apologize for what has happened and thank you for your patience, messages, and for sticking with us.
3
268