Damian RusinekBNB Bridge hack ELI5 explained and visualisedA week ago, the BNB Bridge was attacked for almost $600M. I wanted to dig deeper to understand the fundamentals of the root cause and this…9 min read·Oct 12, 2022----
Damian RusinekAnalysis of OZ TimelockController security vulnerability patch… and why you must stay up to date!5 min read·Sep 2, 2021----
Damian RusinekinSecuRingFour common pitfalls of HyperLedger implementationAfter several security audits of HyperLedger implementations (and other custom blockchain platforms), we have selected a couple of…4 min read·Mar 18, 2021----
Damian RusinekWrite-ups and lessons learned from Damn Vulnerable #DeFiI have solved all of the Damn Vulnerable #DeFi challenges by Zeppelin. Here I present the write-ups and lessons learned from …19 min read·Nov 26, 2020--2--2
Damian RusinekinSecuRingSecure OAuth 2.0: How To Keep OAuth Secure?Previous parts (part 1, part 2) of the series introduced the risks and described potential vulnerabilities in OAuth 2.0 implementation…7 min read·Nov 3, 2020----
Damian RusinekinSecuRingSecure OAuth 2.0: What Could Possibly Go Wrong?The previous section, Starting with OAuth 2 — Security check, covered the main threats which are the users’ sensitive data leakage and the…6 min read·Sep 4, 2020----
Damian RusinekinSecuRingStarting with OAuth 2 — Security checkOAuth 2.0 is the second version of Open Authorization Framework, the industry-standard delegation protocol for authorization.3 min read·Jul 31, 2020----
Damian RusinekinSecuRingThe Truth About Privacy in COVID Tracing SolutionsAnd why people might not trust them.14 min read·Jun 4, 2020----
Damian RusinekinSecuRingBlockchain — new types of insider threatBlockchain does not defend from insider threat in any way. What is more, blockchain introduces new threats that can be classified as…12 min read·Jan 10, 2020----
Damian RusinekinSecuRingWhat is going on with OAuth 2.0? And why you should not use it for authentication.A few weeks ago I was planning to write an article explaining why it is not a good idea to use OAuth for authentication (as Auth in OAuth…11 min read·Dec 12, 2018--6--6