Introducing the latest album by the versatile metal genius DeepSlayerXL, with song reviews by GPT-3. *Apologies to ML researchers for saying “AI” in the title, the article was written for a general audience.

As a teenager, I played in a small-town metal band. This was the nineties so our music…


A risk assessment by a DeFi security dude. Note: I worked as a security auditor and engineer in the blockchain space for three years and participated in audits and formal verification of DeFi protocols such as Aave, Bancor and mStable which also involved assessing economic risk. …


Can GPT-3 compute the ultimate question about life, the Universe and everything?

It is known that the answer to life, the Universe and everything is 42. However, despite the concerted efforts of the best minds humanity has to offer, the appropriate question has yet eluded us.

Needless to say, I…


Contract invariants are properties of the program program state that are expected to always be true. In my previous article I discussed the use of Solidity assertions to check contract invariants. This article expands on the use of invariants and provides a couple of additional examples.

An interesting property of…


Thought leading is a complicated profession. Thanks to the emergence of cryptocurrency, it has also been one of the fastest growing fields of the past decade. This article outlines simple rules to get you started on this rewarding career path. It doesn’t reflect the opinion of my employer.

Thought leaders exhibit extraordinary abilities, such as levitating objects, tricking minds, and seeing things before they happen.

The most…


The Remix development environment provides users with a convenient and powerful way of checking the correctness of smart contracts via the MythX plugin. In this article, I’ll explain the basics and provide several examples including security tests of real-world smart contracts.

Smart contracts are immutable (or at least supposedly so)…


Why the cryptocurrency experiment has failed. Heads up: This article is satire based on an 1995 article about the early Internet. It won’t age well.

Clifford Stoll — Photo by Newsweek

After one decade of blockchain, I’m perplexed. It’s not that I haven’t had a gas of a good time on Crypto Twitter. I’ve met great…


ConsenSys Diligence is a security-focused group of 30+ Ethereum engineers, auditors and researchers distributed all over the world. We have a tradition of building security tools for ourselves and the Ethereum community. Because our time is precious, we focus on creating polished, highly usable tools that are truly helpful to…


MythX integrates static and dynamic analysis to detect security flaws in smart contracts. But how do you unleash this security analysis on your code? In this article I’ll show the use of Sabre, a JavaScript tool I made when MythX was first released, to detect critical smart contract vulnerabilities (in…


“Hard fork” is a term that often incites heated debates. Some communities explicitly embrace on-chain governance, such as freezing accounts and changing smart contract code on-the-fly, while others are known to be fiercely rooted in the “you don’t hard fork, ever” camp.

The Bitcoin community has a reputation for being…

Bernhard Mueller

Security researcher, uncertified hacker, crypto trader. Author of the OWASP Mobile Security Guide. Pwnie winner. Former @ConsenSys engineer / auditor.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store