An attack where a single entity controls over half of a blockchain’s mining power or stake to manipulate transactions.

System for restricting who can call specific smart contract functions based on permissions.

The risk that if admin keys are compromised, attackers can exploit smart contract functions to steal funds or break protocol.

A reward program that pays security researchers for responsibly finding and reporting vulnerabilities.

Cryptographic proof that you authorized a transaction, created with your private key and verified with your public key.

An attack where someone attempts to spend the same cryptocurrency twice.

A measure of randomness or unpredictability, critical for cryptographic key generation and security.

A deliberate attack using code vulnerabilities to steal funds or break protocol functionality.

A transaction ordering attack where someone submits a transaction before a victim’s to profit from the victim’s trade.

A cryptographic function that converts any data into a fixed-size unique fingerprint.

A malicious smart contract that allows users to buy tokens but prevents them from selling, trapping their funds.

Wallet or smart contract requiring multiple signatures from different private keys to authorize transactions.

Security model using multiple signatures to authorize transactions, preventing single points of failure.

Attacking price feed oracles to artificially manipulate smart contract decisions.

Social engineering attacks designed to steal private keys or wallet approvals.

Cryptographic key derived from private key that enables others to verify your transaction signatures.

A cryptographic system using paired keys: public key for encryption/verification, private key for decryption/signing.

Smart contract vulnerability where recursive calls allow draining funds before state updates.

Attack reusing a valid transaction from one blockchain on another blockchain.

A scam where developers abandon a project after raising funds or draining protocol liquidity.

A front-running variant where an attacker places transactions before and after a victim's to manipulate price and profit.

A penalty mechanism where validators lose staked cryptocurrency for misbehavior or protocol violations.

A professional security review of code to identify vulnerabilities, bugs, and potential exploits.

Potential for bugs, exploits, or logical errors in smart contract code to cause loss of funds.

An attack where one entity controls multiple identities to gain disproportionate influence in a decentralized system.

The process of confirming that smart contract source code matches the deployed bytecode on the blockchain.