Blog

Security Audits, Managed Crowdsourced Security, and Bug Bounty Programs: Complementary, Not Interchangeable

June 9, 2026

Security audits, managed crowdsourced security platforms, and open bug bounty programs are often treated as interchangeable approaches to security testing. In practice, they serve different roles. While crowdsourced approaches and bug bounty programs are effective at uncovering vulnerabilities in deployed systems, both remain inherently exploratory rather than systematic. Security audits

Read More »

LambdaClass – Ethrex

May 7, 2026

We performed a security audit of LambdaClass’s Ethrex. Ethrex is a Rust implementation of the Ethereum protocol, designed to support ZK proofs and L2 execution. It includes a client with support for two different modes, L1 and L2, with the former working as a regular Ethereum client and the latter

Read More »

Building Systems That Deserve Consent

April 30, 2026

Consent is one of the six lawful bases for processing personal data under the GDPR (Article 6(1)(a) GDPR). To be valid, it must be freely given, specific, informed, and unambiguous, reflecting a clear expression of the data subject’s wishes (Article 4(11) GDPR). In theory, this provides a strong safeguard, ensuring

Read More »

White Noise – whitenoise-rs

April 7, 2026

White Noise is an encrypted group chat application implementing the Marmot protocol. The Marmot protocol combines the MLS (Messaging Layer Security) protocol with Nostr’s decentralized network to provide private group messaging that does not rely on centralized servers. whitenoise-rs is the Rust backend for White Noise client applications. It leverages

Read More »

Espresso – TEE Smart Contracts

April 1, 2026

Espresso has requested that we perform a security audit of its smart-contract layer, focusing on the Solidity contracts that verify Nitro Trusted Execution Environment (TEE) attestations and enforce batch authentication for Optimism integration. Our final audit report was completed on April 1, 2026. To read the full report, including our

Read More »

White Noise – Marmot Development Kit (MDK)

March 20, 2026

Marmot combines the MLS (Messaging Layer Service) Protocol with Nostr’s decentralized network to provide private group messaging without relying on centralized servers or legacy identity systems. MDK is the Marmot Development Kit and consists of four crates. White Noise is the Rust backend of the Flutter application, and the whitenoise

Read More »

The Limits of Legal Control in Technical Systems

February 26, 2026

Data protection laws, such as the EU’s General Data Protection Regulation (GDPR), establish a comprehensive framework of individual rights intended to give data subjects greater control over the processing of their personal data. Together, these data protection rights aim to empower individuals while restricting how organizations use and process that

Read More »

Categories

Audits
Company News
Security Consulting
Product Development
Community Matters
Events

Archives