Skip to content
master
Switch branches/tags
Code

Publications from Trail of Bits

Academic papers

Paper Title Venue Publication Date
Differential analysis of x86-64 instruction decoders LangSec 2021 May 2021
Echidna: effective, usable, and fast fuzzing for smart contracts ISSTA 2020 July 2020
Automated Grammar Extraction via Semantic Labeling of Parsers LangSec 2020 May 2020
What are the Actual Flaws in Important Smart Contracts? FC 2020 Feb 2020
Echidna: A Practical Smart Contract Fuzzer FC 2020 Feb 2020
RSA GTFO PoC||GTFO 0x20 Jan 2020
Manticore: Symbolic Execution for Binaries and Smart Contracts ASE 2019 Jun 2019
Slither: A Static Analysis Framework For Smart Contracts WETSEB 2019 May 2019
Toward Smarter Vulnerability Discovery Using Machine Learning AISec 2018 Oct 2018
The Past, Present, and Future of Cyberdyne IEEE S&P Apr 2018
DeepState - Symbolic Unit Testing for C and C++ BAR 2018 Feb 2018
Cyber-Deception and Attribution in Capture-the-Flag Exercises FOSINT-SI 2015 Jul 2015

Conference presentations

Automated bug finding and exploitation

Presentation Title Author(s) Year
Differential analysis of x86-64 instruction decoders William Woodruff, Niki Carroll, Sebastiaan Peters 2021
How to find bugs when (ground) truth isn't real William Woodruff 2020
The Treachery of Files and Two New Tools that Tame It Evan Sultanik 2019
Symbolically Executing a Fuzzy Tyrant Stefan Edwards 2019
Kernel space fault injection with KRF William Woodruff 2019
Binary Symbolic Execution With KLEE-Native Sai Vegasena 2019
Going sicko mode on the Linux Kernel William Woodruff 2019
Vulnerability Modeling with Binary Ninja Josh Watson 2018
File Polyglottery; or, This PoC is also a picture of cats Evan Sultanik 2017
Be a binary rockstar Sophia D'Antoine 2017
Symbolic Execution for Humans Mark Mossberg 2017
The spirit of the 90s is still alive in Brooklyn Ryan Stortz, Sophia D'Antoine 2017
The dream of a static and dynamic analysis shootout Ryan Stortz 2016
Binary constraint solving for automatic exploit generation Sophia D'Antoine 2016
The Smart Fuzzer Revolution Dan Guido 2016
Making a scaleable automated hacking system Artem Dinaburg 2016
Cyberdyne - Automatic bug-finding at scale Peter Goodman 2016
McSema: Static translation of x86 to LLVM IR Andrew Ruef, Artem Dinaburg 2014

Blockchain

Presentation Title Author(s) Year
Testing and Verifying Smart Contracts: From Theory to Practice Josselin Feist 2021
Safely integrating with ERC20 tokens Josselin Feist 2021
Detecting transaction replacement attacks with Manticore Sam Moelius 2020
Fantastic Bugs and How to Squash Them; or, the Crimes of Solidity Evan Sultanik 2019
SlithIR: High-Precision Security Analysis with an IR for Solidity Josselin Feist 2019
Slither: A Static Analysis Framework for Smart Contracts Josselin Feist 2019
What blockchain got right Dan Guido 2019
Property-testing of smart contracts JP Smith 2018
Anatomy of an unsafe programming language Evan Sultanik 2018
Contract upgrade risks and recommendations Josselin Feist 2018
Blackhat Ethereum Ryan Stortz, Jay Little 2018
Blockchain Autopsies - Analyzing Smart Contract Deaths Jay Little 2018
Rattle - an Ethereum EVM binary analysis framework Ryan Stortz 2018
Securing value on the Ethereum blockchain Dan Guido 2018
Binary analysis, meet the blockchain Mark Mossberg 2018
Automatic bug finding for the blockchain Felipe Manzano, Josselin Feist 2017

Cryptography

Presentation Title Author(s) Year
Seriously, stop using RSA Ben Perez 2019
Best Practices for Cryptography in Python Paul Kehrer 2019
Analyzing the MD5 collision in Flame Alex Sotirov 2012

Engineering

Presentation Title Author(s) Year
Improving PyPI's security with Two Factor Authentication William Woodruff 2019
Linux Security Event Monitoring with osquery Alessandro Gario 2019
osql: The community oriented osquery fork Stefano Bonicatti, Mark Mossberg 2019
Getting started with osquery Lauren Pearl, Andy Ying 2018
osquery Super Features Lauren Pearl 2018
osquery Extension Skunkworks Mike Myers 2018
Build it Break it Fix it Andrew Ruef 2014

Education

Presentation Title Author(s) Year
The Joy of Pwning Sophia D'Antoine 2017
How to CTF - Getting and using Other People's Computers (OPC) Jay Little 2014
Low-level Security Andrew Ruef 2014
Security and Your Business Andrew Ruef 2014
Bringing nothing to the party Vincenzo Iozzo 2013
From One Ivory Tower to Another Vincenzo Iozzo 2012

Infrastructure

Presentation Title Author(s) Year
Return to the 100 Acre Woods Stefan Edwards 2019
Swimming with the kubectl fish Stefan Edwards 2019

Machine Learning

Presentation Title Author(s) Year
PrivacyRaven: Comprehensive Privacy Testing for Deep Learning Suha Hussain 2020

Mobile security

Presentation Title Author(s) Year
Swift Reversing Ryan Stortz 2016
Modern iOS Application Security Sophia D'Antoine, Dan Guido 2016
The Mobile Exploit Intelligence Project Dan Guido 2012
A Tale of Mobile Threats Vincenzo Iozzo 2012

Programming

Presentation Title Author(s) Year
Python internals - let's talk about dicts Dominik Czarnota 2019
Low-level debugging with Pwndbg Dominik Czarnota 2018
Insecure Things to Avoid in Python Dominik Czarnota 2018

Side channels

Presentation Title Author(s) Year
Hardware side channels in virtualized environments Sophia D'Antoine 2015
Exploiting Out-of-Order Execution Sophia D'Antoine 2015

Threat analysis & malware

Presentation Title Author(s) Year
Peeling back the 'Shlayers' of macOS Malware Josh Watson, Erika Noerenberg 2019
The Exploit Intelligence Project Revisited Dan Guido 2013

Datasets

Dataset Date
Smart Contract Audit Findings Aug 2019

Podcasts

Podcast Guest Date Topic(s)
Press Freedom Foundation Dan Guido July 2021 Mobile security and iVerify
Employee Cycle Hannah Hanks Mar 2021 First PeopleOps hire
Risky Business 614 Dan Guido Feb 2021 iVerify
Building Better Systems #6 Dan Guido Jan 2021 What blockchain got right
WCBS 880 Dan Guido Sep 2020 Gap years and intern hiring
Risky Business 594 Dan Guido Aug 2020 Apple security
Epicenter 346 Dan Guido Jun 2020 Smart contract security
Absolute AppSec 97 Stefan Edwards May 2020 Threat modeling
Unchained 170 Dan Guido May 2020 DeFi security
Risky Business 580 Dan Guido Apr 2020 Mobile voting
Absolute AppSec 91 Stefan Edwards Apr 2020 Mobile voting
Zero Knowledge 122 Ben Perez Mar 2020 Cryptography reviews, ZKPs
Changelog Dan Guido Jan 2020 AlgoVPN
Risky Business 559 Stefan Edwards Oct 2019 Kubernetes
FOSS Weekly 545 William Woodruff Sep 2019 PyPI security improvements
Podcast.__init__ 225 William Woodruff Aug 2019 PyPI security, UX, and sustainability
Absolute AppSec 68 Stefan Edwards, Bobby Tonic Aug 2019 Kubernetes
Hashing it Out 53 Dan Guido Jul 2019 Smart contract testing
Absolute AppSec 60 Stefan Edwards May 2019 Android, programming languages
Absolute AppSec 55 Stefan Edwards Apr 2019 Security testing
Hashing it Out 35 Dan Guido, Josselin Feist Jan 2019 Ethereum's failed EIP-1283
Risky Business JP Smith Jan 2019 Post-quantum crypto in CTFs
Absolute AppSec 37 Stefan Edwards Nov 2018 Programming languages, symbex
Risky Business 510 Lauren Pearl Aug 2018 Open source security engineering
Absolute AppSec 34 Stefan Edwards Oct 2018 Security testing, blockchain
Zero Knowledge 16 JP Smith Mar 2018 Smart contract security
Risky Business 488 JP Smith Feb 2018 Smart contract testing w/ Manticore
Risky Business 474 Dan Guido Oct 2017 How to engineer secure software
Georgian Partners 47 Dan Guido May 2017 AlgoVPN and Tor
VUC 643 Dan Guido Apr 2017 AlgoVPN
Risky Business 449 Dan Guido Mar 2017 Control Flow Integrity
Risky Business 425 Dan Guido Sep 2016 Recap the week's news
Risky Business 421 Dan Guido Aug 2016 Car hacking and the week's news
Risky Business 416 Dan Guido Jul 2016 DARPA Cyber Grand Challenge
Risky Business 399 Dan Guido Feb 2016 Apple vs the FBI
Risky Business 370 Dan Guido Feb 2015 DARPA Cyber Grand Challenge
Risky Business 348 Dan Guido Jun 2015 DARPA Cyber Grand Challenge

Security Reviews

Companies that have allowed us to speak about our work can be found here. Many more remain confidential.

Technology products

Product Review Date Level of Effort Deliverables Announcement
Doppler Sept 2021 4 person-weeks
Datadog Agent Aug 2021 8 person-weeks
Appian Jun 2021 4 person-weeks
Cashero-2.0 Jun 2021 4 person-weeks
Linux Kernel Apr 2021 2 person-weeks Policy Review A Review of the Linux Kernel’s Release Signing and Key Management Policies
Orbit Apr 2021 1 person-week
VGS Proxy Apr 2021 4 person-weeks
Skiff Feb 2021 4 person-weeks
CircleCI Server 3.0 Jan 2021 6 person-weeks
BitMEX Jan 2021 4 person-weeks
SecureDrop Dec 2020 8 person-weeks Security Review 2nd audit of SecureDrop Workstation
Citizen Browser Dec 2020 3 person-days How We Built a Facebook Inspector
Azure Sphere Jun 2020 12 person-weeks Azure Sphere 20.07 Security Enhancements
Zoom May 2020 9 person-weeks 90 Days Done, What’s Next for Zoom
Secure Transport Apr 2020 4 person-weeks
ZeroTier 2.0 Mar 2020 2 person-weeks Security Review ZeroTier
Standard Notes Mar 2020 1 person-week Security Review Standard Notes Completes Crypto Audit
Voatz Feb 2020 12 person-weeks Security Review, Threat Model Voatz, Tusk
Voice Jan 2020 4 person-weeks
Sweet B Jan 2020 4 person-weeks Security Review Western Digital
Azure Sphere Jun 2019 12 person-weeks
SanDisk X600 May 2019 6 person-weeks Security Review Multiple vulnerabilities in SanDisk X600
Project Callisto Aug 2018 5 person-weeks
zlib Sep 2016 1 person-week Security Review

Cloud-native

Product Review Date Level of Effort Deliverables Announcement
HashiCorp Cloud Jun 2021 8 person-weeks
Argo Mar 2021 4 person-weeks Security Review, Threat Model
Terrform Cloud Jan 2021 6 person-weeks
Consul Oct 2020 10 person-weeks
Nomad Aug 2020 6 person-weeks
Helm Aug 2020 4 person-weeks Security Review Helm 2nd Security Audit
Terraform Mar 2020 6 person-weeks
OPA Mar 2020 2 person-weeks Security Review Open Policy Agent (OPA) Graduation Proposal
Vault Feb 2020 12 person-weeks
etcd Jan 2020 4 person-weeks Security Review CNCF
Rook Dec 2019 2 person-weeks Security Review CNCF
Kubernetes May 2019 12 person-weeks Security Review, Threat Model, Whitepaper Google, CNCF

Smart contracts

Product Review Date Level of Effort Announcement
Yield V2 Sept 2021 6 person-weeks
Hop Protocol V2 Sept 2021 4 person-weeks
Gro protocol Sept 2021 2 person-weeks
Futureswap V4 Sept 2021 6 person-weeks
Golden Gate Library Sept 2021 1 person-week
RocketPool Aug 2021 5 person-weeks
AlphaX Aug 2021 6 person-weeks
Bug Bounty Platform Aug 2021 8 person-weeks
88mph V3 Aug 2021 6 person-weeks
Timeswap Jul 2021 2 person-weeks
CompliFi Jul 2021 6 person-weeks
Optics Jul 2021 2 person-weeks
xUDT Jun 2021 2 person-weeks
Abyss Lockup Jun 2021 2 person-weeks
Compli\Fi Jun 2021 6 person-weeks
Uniswap V3 Staker Jun 2021 2 person-weeks
Futureswap V3 Jun 2021 6 person-weeks
Chainlink Jun 2020 8 person-weeks
FlareFinance Jun 2021 4 person-weeks
Opyn Gamma May 2021 6 person-weeks
Syndicate May 2021 4 person-weeks
Frax May 2021 4 person-weeks
FlareFinance Apr 2021 3 person-weeks
Yearn v2 Vaults Apr 2021 6 person-weeks
DFX Finance Apr 2021 6 person-weeks
Open Oracle Apr 2021 2 person-weeks
Tokemak Apr 2021 1 person-week
Warp Contracts Apr 2021 6 person-weeks Completion of Trail of Bits’ Audit
Uniswap V3 March 2021 10 person-weeks Introducing Uniswap V3
MC Dai Mar 2021 6 person-weeks
dForce Lending Mar 2021 6 person-weeks
Nervos -RSA Mar 2021 4 person-weeks
Liquity Proxy Contract Feb 2021 4 days
Liquity Protocol Feb 2021 8 person-weeks
RAY-DAO Feb 2021 4 person-weeks
Force Bridge - Solidity Feb 2021 4 person-weeks
Force Bridge - Rust Feb 2021 3 person-weeks
Balancer V2 Jan 2021 6 person-weeks
Balancer Jan 2020 4 person-weeks
C.R.E.A.M. Jan 2021 1 person-week
LUSD Dec 2020 8 person-weeks
Origin Dollar Nov 2020 4 person-weeks Origin Dollar Relaunches
wXTZ Nov 2020 4 person-weeks
wALGO Nov 2020 4 person-weeks
Hermez Nov 2020 4 person-weeks Hermez Second Audit, by Trail of Bits
Nervos SUDT Oct 2020 6 person-weeks
OVM Oct 2020 6 person-weeks
DODO Sep 2020 3 person-weeks
Yield Protocol Aug 2020 6 person-weeks
DeFiner Aug 2020 1 person-week
Smart Pool Aug 2020 1 person-week
Argent Aug 2020 4 person-weeks
MYKEY Jul 2020 4 person-weeks
CurveDAO Jul 2020 6 person-weeks
Amp Jul 2020 3 person-weeks
Federated Bridge Jul 2020 1 person-week
dForce dToken Jul 2020 2 person-weeks
Dexter Jun 2020 4 person-weeks
QTUM Apr 2020 3 person-days
Hegic Apr 2020 3 person-days
Golem Network Mar 2020 2 person-weeks
Reddit Mar 2020 1 person-week A New Frontier
Compound Feb 2020 2 person-weeks
Chai Feb 2020 2 person-days
WorkLock Jan 2020 2 person-weeks WorkLock Security Audit
Balancer Jan 2020 4 person-weeks
Curve.fi Jan 2020 1 person-week
Livepeer Oct 2019 3 person-weeks
Topo Finance Oct 2019 4 person-weeks
Dharma Wallet Oct 2019 4 person-weeks
0x Protocol Oct 2019 10 person-weeks
Flexa Sep 2019 2 person-weeks Announcing Flexa Capacity
Aave Protocol Sep 2019 4 person-weeks
MC Dai Aug 2019 13 person-weeks MCD Security Roadmap Update: Oct 2019
Compound Aug 2019 2 person-weeks
Staked Aug 2019 4 person-weeks
Computable Jul 2019 8 person-weeks Computable Contract Audit
Numerai May 2019 3 person-weeks NMR 2.0 is now live!
MerkleX May 2019 4 person-weeks
Interest Token May 2019 2 person-days
TokenCard May 2019 5 person-weeks
Compound Apr 2019 8 person-weeks Compound v2 is Live
Unity Coin Apr 2019 1 person-week
Ocean Protocol Mar 2019 4 person-weeks One Protocol. One Network. One Community.
UMA Project Mar 2019 3 person-weeks
Nomisma Mar 2019 1 person-week
Reserve Protocol Mar 2019 1 person-week
Set Protocol Mar 2019 5 person-weeks The Road to MainNet
NuCypher Feb 2019 4 person-weeks Security Audits (Round 2)
AMP StableWire Jan 2019 1 person-week
EIP-1283 Jan 2019 1 person-week Constantinople Security Update
Ampleforth Nov 2018 4 person-weeks Source Code and Security Audits with Trail of Bits
Origin Protocol Nov 2018 4 person-weeks How We Approach Security at Origin
Paxos Standard Oct 2018 4 person-weeks
Basecoin Oct 2018 12 person-weeks
Compound Sep 2018 12 person-weeks Compound launches money markets for Ethereum
NuCypher Aug 2018 12 person-weeks Security audits: round 1
CENTRE Jul 2018 4 person-weeks Designing an upgradeable Ethereum contract
Bloom Jul 2018 1 person-week Bloom development update
Gemini Dollar Jun 2018 8 person-weeks Stablecoins: Understanding Counterparty Risk
Dharma May 2018 1 person-week Dharma protocol v1 is live on mainnet
Golem Apr 2018 4 person-weeks Smart contracts: audit report
LivePeer Mar 2018 4 person-weeks Livepeer smart contract security audit #1 results
DappHub Dec 2017 8 person-weeks
MakerDAO Sai Oct 2017 8 person-weeks Single-collateral Dai security reviews
Omega One Aug 2017 6 person-weeks

Blockchain protocols and software

Product Review Date Level of Effort Announcement
STAS-JS SDK Sept 2021 4 person-weeks
PINT Sept 2021 4 person-weeks
Qredo Blockchain Sept 2021 6 person-weeks
PolySign Sept 2021 6 person-weeks
Arbitrum Sept 2021 16 person-weeks
ShardX Aug 2021 4 person-weeks
go-schnorrkel Aug 2021 4 person-weeks
THORChain Aug 2021 12 person-weeks
Casper Web Wallet Jul 2021 4 person-weeks
Polkaswap Jul 2021 6 person-weeks
AElf Jul 2021 4 person-weeks
CrossChain-Bridge Jul 2021 8 person-weeks
AlephBFT Jun 2021 4 person-weeks
Acala Network Jun 2021 4 person-weeks
DFINITY May 2021 24 person-weeks
Compound Chain May 2021 6 person-weeks
Flare Network Mar 2021 8 person-weeks
Arbitrum V2 Feb 2021 8 person-weeks
Cheque Cell & ORU Feb 2021 8 person-weeks
Fog Protocol Jan 2021 4 person-weeks
Acala Network Jan 2021 6 person-weeks
Bitcoin SV Jan 2021 6 person-weeks
eFIL Jan 2021 2 person-weeks
Futureswap Jan 2021 2 person-weeks
Teller Protocol Nov 2020 4 person-weeks
Highway Consensus Nov 2020 4 person-weeks ToB Audit of the Casper Highway Protocol
Zerion SDK Nov 2020 4 person-weeks
MobileCoin BFT Oct 2020 4 person-weeks
Graph Protocol Oct 2020 3 person-weeks
Stacks V2 Sep 2020 6 person-weeks
Prysm Sep 2020 6 person-weeks
ETH2.0 Deposit CLI Aug 2020 4 person-weeks
VRFs Aug 2020 2 person-weeks
MobileCoin Aug 2020 4 person-weeks
Ren Aug 2020 4 person-weeks August Development Update
Meld Gold Jul 2020 2 person-weeks
Ledger Filecoin Jul 2020 2 person-weeks
Arbitrum Jul 2020 6 person-weeks
Symbol Jul 2020 4 person-weeks Symbol from NEM completes Trail of Bits Security Audit
Zcoin Jul 2020 2 person-weeks Lelantus Cryptographic Library Audit Results
Magma Jun 2020 1 person-week
Lighthouse Jun 2020 4 person-weeks
Matic Jun 2020 4 person-weeks
tBTC May 2020 6 person-weeks
Chainlink Flux May 2020 4 person-weeks
Zcash Apr 2020 3 person-weeks Heartwood security assessment results
Elrond Mar 2020 6 person-weeks
EOSIO SDK Jan 2020 4 person-weeks
Pixel Dec 2019 4 person-weeks
Paymail Protocol Nov 2019 7 person-weeks
Zcash Nov 2019 6 person-weeks NU3, Blossom, and Sapling security reviews
Zcash Nov 2019 6 person-weeks
NEAR Protocol Nov 2019 8 person-weeks
Status-go Oct 2019 9 person-weeks
Simple Ledger Oct 2019 3 person-weeks
EOSIO 2.0 Oct 2019 8 person-weeks
Oasis Labs Sep 2019 13 person-weeks
AZTEC Protocol Sep 2019 10 person-weeks
Celo Sep 2019 8 person-weeks
Parity Fether Aug 2019 4 person-weeks
Blockchain.com Aug 2019 4 person-weeks
RandomX Jun 2019 2 person-weeks Monero and Arweave to Validate RandomX
ZecWallet Apr 2019 2 person-weeks
Loom May 2019 10 person-weeks Loom SDK Q1 2019 Security Audit
Algorand Mar 2019 14 person-weeks Success and momentum of Algorand
Centrifuge Mar 2019 5 person-weeks
Tendermint Mar 2019 12 person-weeks
ndau Nov 2018 8 person-weeks ndau Holders Elect Inaugural Policy Council
Bitcoin SV Nov 2018 12 person-weeks
Pantheon Oct 2018 8 person-weeks What we learned from auditing our Ethereum client
Building Blocks Aug 2018 7 person-weeks UN WFP uses Ethereum to aid 100,000 refugees
Parity Jul 2018 12 person-weeks Parity completes Trail of Bits security review
Tezori Jul 2018 2 person-weeks Thanks to @trailofbits for their security review
Web3 Mar 2018 2 person-weeks W3F and TOB hardware wallet security guidance
RSKj Nov 2017 6 person-weeks RSK security audit results

Workshops

Workshop Title Venue Date
Smart Contract Security Automation Workshop TruffleCon 2019 Oct 2019
Manticore EVM Workshop Devcon4 2018 Nov 2018
Introduction to Smart Contract Exploitation GreHack 2018 Nov 2018
DeepState: Bringing Vulnerability Detection Tools into the Dev Cycle SecDev 2018 Oct 2018
Smart Contract Security Automation Workshop TruffleCon 2018 Oct 2018
Smart Contract Security Automation Workshop ETH Berlin 2018 Sep 2018
Manticore EVM Workshop EthCC 2018 Mar 2018
Manticore Workshop GreHack 2017 Oct 2017