Author: Dedaub

The $11M Cork Protocol Hack: A Critical Lesson in Uniswap V4 Hook Security
On 28th of May 2025, Cork Protocol suffered an $11M exploit due multiple security weaknesses, culminating in a critical access control vulnerability in their Uniswap V4 hook implementation. The attacker exploited missing validation in the hook’s callback functions fooling the protocol into thinking that valuable tokens (Redemption Assets) were deposited by the attacker, thus crediting the attacker with a number of derivative tokens that could be exchanged back to other valuable tokens. The attacker also exploited a risk premium calculation, which compounded the attack. Among other things, this incident highlights the importance of proper access control in Uniswap V4 hooks and the risks of highly flexible open designs, which are very hard to secure.

Background

Understanding Cork Protocol

Cork Protocol is a depeg insurance platform built on Uniswap V4 that allows users to hedge against stablecoin or liquid staking token depegs. The protocol operates with four token types per market:
- RA (Redemption Asset): The “original” asset (e.g., wstETH)
- PA (Pegged Asset): The “riskier” pegged asset (e.g., weETH)
- DS (Depeg Swap): Insurance token that pays out if PA depegs from RA
- CT (Cover Token): The counter-position that earns yield but loses value if depeg occurs
Another way to think of the DS is a put option at a fixed strike price denominated in RA, while CT is the corresponding short put.

Users can mint DS + CT by depositing RA, effectively splitting the redemption asset into two complementary positions. A legitimate transaction demonstrating this in action can be found here.

Unlike modern options protocols such as Opyn, the DS is fully collateralized with RA, which simplifies trust assumptions.

Understanding Uniswap V4

Uniswap V4 represents a significant architectural shift, moving to a central PoolManager (Singleton pattern) and introducing ‘hooks’ – external contracts that the PoolManager calls at various points in a pool’s lifecycle (e.g., before or after swaps, liquidity changes). This design, as highlighted by security experts like Damien Rusinek, offers immense flexibility and customization but, as the Cork Protocol incident demonstrates, also introduces new, critical security considerations for developers.

Vulnerability 1: Missing Access Control

An important vulnerability in the CorkHook contract was a critical oversight directly echoing a common pitfall warned about by many security researchers. Cork’s Uniswap hooks were called by the attacker’s smart contract directly, mid-transaction. Let’s examine the vulnerable beforeSwap function:
```
function beforeSwap(
	address sender,
	PoolKey calldata key,
	IPoolManager.SwapParams calldata params,
	bytes calldata hookData
) external override returns (bytes4, BeforeSwapDelta delta, uint24) {
	PoolState storage self = pool[toAmmId(Currency.unwrap(key.currency0), Currency.unwrap(key.currency1))];
	// kinda packed, avoid stack too deep 
	delta = toBeforeSwapDelta(-int128(params.amountSpecified), int128(_beforeSwap(self, params, hookData, sender)));
	// TODO: do we really need to specify the fee here?
	return (this.beforeSwap.selector, delta, 0);
}
```
Critical Issue: This function lacks an onlyPoolManager modifier (allowing only calls from a trusted Uniswap v4 manager), meaning anyone can call it directly with arbitrary parameters. While the contract inherits from BaseHook, which provides access control for unlockCallback, it fails to protect other hook callbacks.
```
// BaseHook provides this for unlockCallback: 
modifier onlyPoolManager() {
	require(msg.sender == address(poolManager), "Caller not pool manager"); _;
}
```
Vulnerability 2: Risk premium calculation rollover

Risk premium, which affects the price of derivative (CT) tokens had an extreme value when close to expiry. The exploiter acquired a small amount of DS tokens close to the expiry, manipulating the price ratio of CT to RA tokens. On rollover (for a new expiry period), this skewed ratio was used to compute how many tokens of CT and RA to deposit to the AMM. With a skewed ratio of CT to RA tokens deposited, the exploiter could convert a very small amount of 0.0000029 wstETH to 3760.8813 weETH-CT.

The Attack

Cork Protocol allowed DS (Insurance) tokens from one market to be used as RA (Safe assets) tokens in another market. This was likely not an intentional design choice, and the protocol authors probably didn’t think of this possibility. An unintentional consequence of this is that relatively valuable tokens (DS tokens) from a good market can potentially be accessed from another market if there’s a vulnerability.

This relatively obscure security weakness compounded the exploit perpetrated by this attacker in a very complex, multi-step attack.

STEP 1: CROSS-MARKET TOKEN CONFUSION

The attacker created a new market configuration that used one of the DS token in another market as an RA token in the new market.
```
// Legitimate market
Legit Market: {
	RA: wstETH,
	PA: weETH,
	DS: weETH-DS,
	CT: weETH-CT
}

// Attacker's new market 
New Market: { 
	RA: weETH-DS, // Using DS token as RA!
	PA: wstETH,
	DS: new_ds,
	CT: new_ct
}
```
Step 2: Malicious Hook Contract

The attacker deployed their own contract implementing the hook interface and rate provider interface. The custom rate provider appears to be a red herring in this attack – it simply returns a fixed rate.

The new market utilized a fresh Uniswap v4 pool created as part of the new market. The attacker also created (in a separate transaction) a Uniswap pool with the same tokens as a the newly created pool (trading new_CT and weETH-DS) but with the hacker’s contract as the hook!

Step 3: Direct Hook Manipulation

This is where the action takes place. Due to the missing access control, the attacker could directly call beforeSwap to fool the protocol:

This pool id of the maliciously-created pool was passed into the beforeSwap callback. The hook data supplied as part of the callback directed the protocol to an execution flow by which RAs are deposited and CT and DS tokens are returned. However, in such a transaction no RAs were deposited by the attacker. Instead an amount of roughly 3761 weETH-DS were credited towards the attacker. The carefully crafted hook data payload fooled Cork protocol into thinking that the attacker had deposited 3761 weETH-DS. By doing so the attacker illegitimately gains 3761 new_ct and 3761 new_ds tokens.

Step 4: DS Token Extraction

Once the attacker has gained the new_ct and new_ds tokens, the attacker used these to redeem weETH-DS tokens.

Step 5: wstETH Token Extraction

Note that in a previous step the attacker has also exploited another edge case to cheaply acquire weETH-CT tokens. Since writing this article, a clearer explanation was posted by the Cork protocol team about the miscalculations involved, however the essence is that the exploiter acquired a small amount of DS tokens close to the expiry, manipulating the price ratio of CT to RA tokens in the next expiry period. With this manipulation, the exploiter could convert 0.0000029 wstETH (a very small amount) to 3760.8813 weETH-CT.

Now, all that remains to be done by the attacker is to redeem these weETH-CT and weETH-DS tokens through the protocol, as intended, to withdraw $11m of wstETH.

Technical Deep Dive: Hook Manipulation

The _beforeSwap function contains complex logic for handling swaps, including reserve updates and fee calculations:
```
function _beforeSwap(
  PoolState storage self,
  IPoolManager.SwapParams calldata params,
  bytes calldata hookData,
  address sender
) internal returns (int256 unspecificiedAmount) {
    // ... swap calculations ...
    // Update reserves without validation
    self.updateReservesAsNative(Currency.unwrap(output), amountOut, true);
    // Settle tokens
    settleNormalized(output, poolManager, address(this), amountOut, true);
    // ... more logic ...
}
```
Without access control, an attacker can:
- Manipulate reserve ratios before legitimate trades
- Force the hook to settle tokens with arbitrary amounts
- Bypass normal swap routing through the PoolManager
Parsing the arguments used in hookData, the attacker crafted a payload intended to indicating that they deposited 3761 of weETH-DS tokens into the new market.

Contributing Factors

1. Decentralized Market Creation

The protocol allowed anyone to create markets with any token pair. This is a courageous design decision, however it’s clearly hard to pull off correctly.
```
function beforeInitialize(address, PoolKey calldata key, uint160) external ... {
    address token0 = Currency.unwrap(key.currency0);
    address token1 = Currency.unwrap(key.currency1);
    
    // Dedaub: No validation on token types!
    // Allows DS tokens to be used as RA tokens

}
```
2. Insufficient Token Validation

The _saveIssuedAndMaturationTime function attempts to validate tokens but fails to ensure proper token types:
```
function _saveIssuedAndMaturationTime(PoolState storage self) internal {
    IExpiry token0 = IExpiry(self.token0);
    IExpiry token1 = IExpiry(self.token1);
    // Dedaub: Only checks if tokens have expiry, not their type
    try token0.issuedAt() returns (uint256 issuedAt0) {
        self.startTimestamp = issuedAt0;
        self.endTimestamp = token0.expiry();
        return;
    } catch {}
    // ... similar for token1 ...
}
```
3. No Pool Whitelisting

The callback allowed pools that had the same tokens, but a different hook contract. There was no validation on the pool id nor the hook contract address.
```
mapping(PoolId => bool) public allowedPools;

modifier onlyAllowedPool(PoolKey calldata key) {
    require(allowedPools[key.toId()], "Pool not allowed");
    _;
}
```
4. Singleton Design

Tokens from the different markets co-mingled (Singleton pattern). Therefore, a vulnerability that was applied to the new market managed to extract tokens pertaining to another market.

Previous Cork Protocol Audits

Unfortunately, although the Cork protocol had undergone security reviews by four different audit providers, this incident still happened. The protocol team had clearly invested resources in security, making this exploit all the more tragic for both the team and users.

However, among the four auditors, three of them didn’t audit the vulnerable hook contracts, and it is uncertain whether the risk premium issue could have been easily found just by looking at the code. It is likely that Cantina/Spearbit had the vulnerable CorkHook contract within their audit scope. A pull request with recommendations shows they did identify some issues and suggested improvements.

Runtime Verification (another auditor who did not have CorkHook in their scope) presciently noted in their report:

“An interesting follow-up engagement would be to prove the invariants for the CorkHook functions that are being invoked by different components verified within the scope of this engagement, as well as the functions of other contracts, such as CorkHook, Liquidator and HedgeUnit.”

This observation now seems particularly prophetic, as it was precisely the CorkHook’s interaction with other components that enabled the exploit.

Recommendations for Hook Developers

If you’re building a project that interacts with Uniswap v4 Hooks in a meaningul way, get your code audited by experts in the area. Dedaub is Uniswap-whitelisted audit provider, with plenty of experience securing high-stakes projects. Since Dedaub is whitelisted by Uniswap, the audit can also be paid for via a Uniswap Foundation grant. In the meantime, follow the guidelines below. We also recommend listening to Damien Rusinek’s talk.

Master Access Control and Permissions

Strict PoolManager-Only Access: This is non-negotiable. Every external hook function that can modify state or is intended to be called by the PoolManager (e.g., beforeSwap, afterSwap, beforeInitialize) must implement robust access control, typically an onlyPoolManager modifier. This was a primary failing in the Cork exploit. As Damien and Hacken emphasize, allowing direct calls by arbitrary addresses is a direct path to state manipulation and fund loss. Cork didn’t follow this recommendation.

Correct Hook Address Configuration: Uniswap V4 derives hook permissions (which functions the PoolManager will call) directly from the hook contract’s address.

Address Mining: Deploy hooks using CREATE2 with a salt that ensures the deployed address correctly encodes all intended permissions (e.g., Hooks.BEFORE_SWAP_FLAG | Hooks.AFTER_SWAP_FLAG). Cork didn’t follow this recommendation.

Mismatch Avoidance: A mismatch between the functions implemented in your hook and the permissions encoded in its address will lead to functions not being called or PoolManager attempting to call non-existent functions, causing reverts (DoS).

Future-Proofing Upgrades: If you plan to add new hookable functions in future upgrades (for UUPS-style proxies), ensure the initial deployment address already encodes these future permissions. Alternatively, include placeholder functions for them.

Inherit from BaseHook: Whenever possible, inherit from Uniswap’s BaseHook contract. It provides foundational security checks (like onlyPoolManager for unlockCallback) and helps ensure correct interface adherence, reducing the risk of configuration errors.

Rigorous State Management and Pool Interaction

Restrict Pools. If a hook is designed for a specific pool or set of pools, it must validate the PoolKey in its functions (especially initialization) to prevent unauthorized pools from using it. Consider implementing an allowedPools mapping and a modifier like onlyAllowedPool. Ensure the hook can only be initialized once (e.g., in beforeInitialize) to restrict it to a single pool if that’s the design. Cork didn’t follow this recommendation.

Isolate State for Reusable Hooks: If a hook is intended to be shared across multiple legitimate pools, its internal state must be meticulously segregated (e.g., using mapping(PoolId => PoolSpecificData)). Failure to do so can lead to one pool’s activity corrupting another’s state, potentially locking funds or creating exploitable conditions.

Prevent Cross-Market Token Contamination: As seen in the Cork exploit, avoid designs where tokens (especially sensitive ones like derivatives or collateral) from one market can be misinterpreted or misused as different token types in another market. Enforce strict token type validation at market creation and within hook logic.

Understand sender vs. msg.sender vs. Transaction Originator. In hook functions like beforeSwap(address sender, ...) the sender parameter is typically the PoolOperator or the PoolManager itself, not the end-user (EOA) who initiated the transaction. If your hook logic needs the actual end-user, that address must be securely passed via the hookData parameter by a trusted PoolOperator.

Understand Delta Accounting. BeforeSwapDelta and BalanceDelta are from the hook’s perspective. If the hook takes a fee, it must be a negative delta. If it grants a rebate, it’s a positive delta. Ensure the correct order of token deltas (e.g., specified vs. unspecified, or token0 vs. token1) based on the swap direction (params.zeroForOne). Crucially, all deltas must net to zero by the end of the unlockCallback. The PoolManager tracks this with NonzeroDeltaCount. Unsettled balances will cause the transaction to revert. Hooks modifying balances must ensure they (or the user) settle these amounts correctly (e.g., via settle() or take()).

Upgradability: If your hook is upgradeable, recognize this as a significant trust assumption. A malicious or compromised owner can change the hook’s logic entirely. Ensure the upgrade mechanism is secure and governed transparently.

Conclusion

The Cork Protocol hack demonstrates that Uniswap V4 hooks, while powerful, introduce new security considerations that developers must carefully address. The combination of missing access controls and insufficient token validation created a perfect storm for exploitation. As the DeFi ecosystem continues to evolve with more composable protocols, developers must prioritize security at every layer of their architecture.
May 30, 2025
The Cetus AMM $200M Hack: How a Flawed “Overflow” Check Led to Catastrophic Loss
On May 22, 2025, the Cetus AMM on the Sui Network suffered a devastating hack resulting in over $200 million in losses. This incident represents one of the most significant DeFi exploits in recent history, caused by a subtle but critical flaw in “overflow” protection. This analysis dissects the technical details of the exploit and examines when this issue was introduced, fixed, and re-introduced.

Executive Summary

The attacker exploited a vulnerability that truncates the most significant bits in a liquidity calculation function of Cetus AMM. This calculation is invoked when a user opens an LP position. When opening such position, a user can open a large or small position by specifying a “liquidity” parameter (what fraction of the pool you would like to get in return), and supplying the corresponding amount of tokens. By manipulating the liquidity parameter to an extremely high value, they caused an overflow in the intermediate calculations that went undetected due to a flawed truncation check. This allowed them to add massive liquidity positions with just 1 unit of token input, subsequently draining pools collectively containing hundreds of millions of dollars worth of token.

Note: the technical term for the issue is not “overflow”, but an MSB (most significant bits) truncation, but let’s call it “overflow” for simplicity.

The Attack Sequence

The attack unfolded in a carefully orchestrated sequence. Here’s an example of one such attack transaction (simplified):
1. Flash Swap Initiation: The attacker borrowed 10 million haSUI through a flash swap with maximum slippage tolerance
2. Position Creation: Opened a new liquidity position with tick range [300000, 300200] – an extremely narrow range at the upper bounds
3. Liquidity Addition: Added liquidity with just 1 unit of token A, but received a massive liquidity value of 10,365,647,984,364,446,732,462,244,378,333,008. This action succeeded due to an undetected bitwise truncation.
4. Liquidity Removal: Immediately removed the liquidity in multiple transactions, draining the pool
5. Flash Loan Repayment: Repaid the flash swap and kept approximately 5.7 million SUI as profit
Technical Deep Dive: The “Overflow” Vulnerability

The root cause lies in the get_delta_a function within clmm_math.move, which calculates the amount of token A required for a given liquidity amount:
```
public fun get_delta_a(
    sqrt_price_0: u128,
    sqrt_price_1: u128,
    liquidity: u128,
    round_up: bool
): u64 {
    let sqrt_price_diff = sqrt_price_1 - sqrt_price_0;
    
    let (numberator, overflowing) = math_u256::checked_shlw(
        // Dedaub: result doesn't fit in 192 bits
        full_math_u128::full_mul(liquidity, sqrt_price_diff)
    );
    // Dedaub: checked_shlw "overflows" result, since it << 64
    assert!(overflowing);
    
    let denominator = full_math_u128::full_mul(sqrt_price_0, sqrt_price_1);
    let quotient = math_u256::div_round(numberator, denominator, round_up);
    (quotient as u64)
}
```
The Mathematical Breakdown

Using the actual values from the transaction:
- liquidity: 10,365,647,984,364,446,732,462,244,378,333,008 (approximately 2^113)
- sqrt_price_0: 60,257,519,765,924,248,467,716,150 (tick 300000)
- sqrt_price_1: 60,863,087,478,126,617,965,993,239 (tick 300200)
- sqrt_price_diff: 605,567,712,202,369,498,277,089 (approximately 2^79)
The critical calculation:
```
numerator = checked_shlw(liquidity * sqrt_price_diff)
          = checked_shlw(~2^113 * ~2^79)
          = checked_shlw(2^192 + ε)
          // checked_shlw shifts a 256-bit register by 64
          = ((2^192 + ε) * 2^64) mod 2^256
          = ε
```
This multiplication produces a result exceeding 192 bits. When this value is left-shifted by 64 bits in checked_shlw (i.e., “checked shift left by one 64-bit word”) it overflows a 256-bit integer, but an overflow check designed for this check fails.

But wait. Isn’t a checked operation supposed to prevent this issue?

The Flawed Overflow Check

The critical flaw lies in the checked_shlw function:
```
public fun checked_shlw(n: u256): (u256, bool) {
    let mask = 0xffffffffffffffff << 192;  // This is incorrect!
    if (n > mask) {
        (0, true)
    } else {
        ((n << 64), false) // exact location of overflow
    }
}
```
The mask calculation 0xffffffffffffffff << 192 doesn’t produce the intended result. The developers likely intended to check if n >= (1 << 192), but the actual mask doesn’t serve this purpose. As a result, most values greater than 2^192 pass through undetected, and the subsequent left shift by 64 bits causes a silent overflow in Move (which doesn’t trigger runtime errors for shift operations).

Integer Considerations

In Move, the security around integer operations is designed to prevent overflow and underflow which can cause unexpected behavior or vulnerabilities. Specifically:
- Additions (+) and multiplications (*) cause the program to abort if the result is too large for the integer type. An abort in this context means that the program will terminate immediately.
- Subtractions (-) abort if the result is less than zero.
- Division (/) abort if the divisor is zero.
- Left Shift (<<), uniquely, does not abort in the event of an overflow. This means if the shifted bits exceed the storage capacity of the integer type, the program will not terminate, resulting in incorrect values or unpredictable behavior.
  
  It is normal for languages with checked arithmetic to not trigger errors when bit shifting truncates the result. Most smart contract auditors understand this.
The Exploitation Impact

Due to the overflow, the numerator wraps around to a very small value. When divided by the denominator, it produces a quotient close to 0. This means the function returns that only 1 unit of token A is required to mint the massive liquidity position.

In mathematical terms:
- Expected: very larger number of tokens required
- Actual (due to overflow): 1 token required
It is worth noting that the numeric values involved in the attack are precisely calculated – the attacker utilized some existing functions in the contract to compute these, notably get_liquidity_from_a.

The Audit Trail: Similar Issue Found Before

Ottersec’s audit identified an eerily similar overflow vulnerability in an earlier variant of the code (early 2023), specifically designed for Aptos:

“The numberator value is not validated before running u256::shlw on it. As a result, the non-zero bytes might be removed, which leads to an incorrect calculation of the value.”

They recommended replacing u256::shlw with u256::checked_shlw and adding overflow detection, which solved the issue. Note that this version of the code had custom implementations of 256-bit unsigned integer operations since Aptos didn’t support this naively at the time. Move 2 / Aptos CLI ≈ v1.10 rolled to mainnet early 2024.

It is really unfortunate that when the team ported the code to SUI a couple of months later (Sui always supported 256-bit integers), a bug was introduced in checked_shlw. Audits to this version of the AMM by Ottersec and MoveBit do not find this issue. A subsequent audit by Zellic in April 2025 found no issues beyond informational findings. It is possible that library code performing numerical calculations were out of scope and moreover, since 256-bit operations are natively supported, issues like these could have been overlooked.

Lessons for Developers

1. Understand Your Language’s Integer Semantics
- Know which operations abort and which silently overflow
- Pay special attention to bit shift operations
- Test your overflow checks with actual overflow conditions
2. Mathematical Rigor is Non-Negotiable
- DeFi protocols need to handle extreme values by design
- The bounds of every mathematical operation need to be clearly understood
- Consider using formal methods for verifying critical calculations (our team can assist)
3. Test Edge Cases Exhaustively
- Maximum values aren’t theoretical – they’re attack vectors
- Combine multiple edge cases
4. Audit Fixes, Not Just Changes
- Consider independent verification of critical fixes
5. Domain Expertise Matters
- AMM mathematics involves complex invariants
- Work with auditors who understand DeFi edge cases
In DeFi, edge cases aren’t edge cases – they’re attack vectors. AMMs are particularly vulnerable as they involve complex mathematical operations across extreme ranges. The Cetus hack demonstrates that even “checked” operations require careful verification.

Conclusion

The Cetus hack serves as a stark reminder that security in DeFi is hard, but not impossible to achieve. A single flawed overflow check, combined with the composability of flash loans and concentrated liquidity mechanics, enabled the theft of over $200 million.

For developers building on Move-based chains like Sui and Aptos, this incident underscores the importance of understanding your language’s integer semantics, rigorously testing edge cases, and working with auditors who deeply understand both the platform and the DeFi domain.

Contact us at Dedaub if you need help securing your Aptos or Sui Network project – our team specializes in the mathematical complexities and edge cases that come up in complex DeFi protocols.
May 23, 2025
Bedrock vulnerability disclosure and actions

A few hours ago, the Dedaub team discovered a smart contract vulnerability in a number of uniBTC vault smart contracts in the Bedrock project. We disclosed the issue to the Bedrock account on Twitter and soon thereafter (after no response in 20 mins) to SEAL 911 for immediate investigation and action.

A SEAL 911 war room, under the guidance of @pcaversaccio, was created and we frantically tried for two hours to reach Bedrock developers. At that time, blackhats exploited the vulnerability for a $1.8m loss. However, given that this was an infinite-mint vulnerability on the uniBTC token, it is perhaps fair to assess that the damage was contained. Most of the potential losses were averted by pausing third party protocols exposed to the at-risk funds, including Pendle and Corn. Notably, Pendle had over $30M of liquidity on the Corn network for the vulnerable asset. On Ethereum, the market cap of uniBTC was $75M, which an infinite mint renders worthless, and the asset was deployed in (at least) 8 networks.

Root Cause

The root cause of this vulnerability is a mismatched calculation of the exchange rate between Ethereum and Bitcoin, in one path of the minting logic. In turn, this allows anyone who deposits Ethereum to the vulnerable smart contract vault to mint uniBTC in equal amounts. (Up until the vulnerability, uniBTC could exit to Wrapped Bitcoin at 1-1 rates.) Since the price of Ethereum is many times lower than the price of BTC, this creates an instant profit for any attacker exploiting any of these vaults. The vulnerable vault contract was a permissioned minter for uniBTC, so infinite amounts could be minted. The only adjustment made during this minting function is appropriate scaling in the number decimals of the assets.

In order to appreciate the gravity of this issue, we can illustrate this directly on the following code, straight from the vulnerable uniBTC vault smart contract (the implementation behind the proxy for the Vault):

function mint() external payable {
    require(!paused[NATIVE_BTC], "SYS002");
    // Dedaub: adjust decimals and mint equal amount
    _mint(msg.sender, msg.value);
}

Once the issue is exploited, the next step of a potential attacker would be to make use of this ill-gotten token on a number of other DeFi protocols, such as decentralized exchanges like Uniswap.

Reporting the issue to Bedrock and exploitation

As soon as our team had the issue, we contacted Bedrock on Twitter and entered a war room on SEAL 911.

Initial X.com exchange (time in UTC+2).

Unfortunately, even though we found the issue in the smart contract several hours before, by the time the team responded, the vulnerability had been exploited. The vulnerability could be discovered via shallow means (e.g., fuzzing bots) and the smart contract had only been deployed for under two days.

Timeline prior to exploit:

UTC 16:00 – issue discovered by Dedaub team and confirmed through simulation

UTC 16:27 – issue reported to Bedrock team

UTC 16:41 – war room on seal created on telegram

UTC 18:28 – First exploit transaction on Ethereum

The exploiter(s) subsequently minted large amounts of uniBTC and swapped them on a number of Uniswap and other AMM pools, stealing around $2M in funds directly. Note that the market cap of uniBTC on the Ethereum mainnet is $75M, which is the real potential loss for an infinite mint vulnerability.

Notably, the vulnerable contract was deployed on (at least) 8 different chains. We are aware of Ethereum, Binance, Arbitrum, Optimism, Mantle, Mode, BOB, and ZetaChain.

Averting Larger Losses

In addition to a number of pools on Uniswap (and Pancakeswap on Binance), the largest holder of uniBTC was Pendle. Luckily through war room actions, the Pendle team disabled the uniBTC token on their platform. With the main exit liquidity gone, the Bedrock team reacted some hours later (with the main devs in a 2-5am timezone) to also pause the relevant vaults.

This article will be updated with more detail and context on the discovery (which happened as part of a challenge task during our company retreat) in the next days.

September 26, 2024
Dedaub coordinated the Secureum RACE-32

Smart contracts are the underpinning of blockchain technology, and they present unique security challenges. To address this, platforms like Secureum have emerged, focusing on training researchers and developers to navigate and mitigate security risks, and we at Dedaub decided we wanted to partner Secureum in this mission.

Why we support the Secureum RACE

We decided to be part of the Secureum RACE because we believe hands-on challenges are the best way to learn. Security isn’t something you can fully grasp from reading papers or attending lectures—you need to get your hands dirty, confront real-world vulnerabilities, and think like an attacker.

The security of smart contracts is challenging due to the inability to modify the code once it goes live. This makes it extremely difficult to fix bugs or vulnerabilities. It’s even more complex, because contracts frequently interact with other contracts and different platforms, which adds even more complexity and multiplies the risk factor.

Secureum platform empowers researchers and developers to help improve their technical skills for what is needed in the challenge to secure Web3 technologies.

As the designer of RACE-32, we have the privilege of observing Web3 researchers and developers navigate complex security issues that mirror real-world vulnerabilities in Ethereum smart contracts. This allows us to witness firsthand and see how they apply their knowledge to devise creative and effective solutions.

As well as this, we see how researchers and developers grow in their ability to identify risks and exploit weaknesses, both of which are critical for the security of the Web3 ecosystem.

Why the RACEs are important

The Secureum RACE aims to create a community of researchers and developers who think critically about security. It’s an opportunity to expand their skills and immerse themselves in the world of Web3 security.

By addressing actual vulnerabilities in smart contracts, participants acquire necessary technical knowledge and develop the mindset to safeguard decentralized applications in real-world scenarios.

“RACEs are hands-on, immersive, and, frankly, a bit relentless—just like the threats we’re up against.” Yannis Smaragdakis, Dedaub Co-funder

Designing the RACE-32

We wanted much more than your standard easily graded competition, so we created the Secureum RACE 32 to be an educational challenge. Our main aim, therefore, was to encourage participants to delve deeply into complex smart contract security issues. With this in mind, The RACE is designed to create an experience that participants can refer to for a long time rather than single out the top performers based on scores.

Even though the time constraint made it challenging to understand the depth of the questions thoroughly, we stressed that the competition aims at learning and gaining insights. We urged participants not to feel disheartened if their scores hadn’t met their own high expectations. Instead, we praised some participants for putting together the solutions, pointing out that this would make the RACE a valuable educational resource beyond just the competition.

This focus on education shows Dedaub’s commitment to helping the smart contract developer community grow. This is the backbone of Dedaub’s mantra as our co-founders both have strong academic backgrounds and always value teaching and sharing knowledge. With this in mind, one of the company’s core values is to empower the next generation by educating and supporting future blockchain security experts and help them reach their full potential.

With challenges like Secureum RACE 32, we create real-world learning opportunities that give researchers and developers practical skills and deeper understanding. Our aim is to help them succeed in the Web3 space.

What is Secureum?

Secureum is a portmanteau of “Security” and “Ethereum” and their focus is safeguarding the Ethereum ecosystem through expert training and challenges. It’s an extensive educational platform that focuses on Ethereum smart contract security, providing a variety of resources and training programs. These include:

Secureum RACEs: Interactive quizzes that assess participants’ understanding of smart contract vulnerabilities. These quizzes are part of Secureum’s efforts to enhance practical security skills.

Community and Events: Secureum hosts events like TrustX to advance the Ethereum security ecosystem.

In summary, Secureum is committed to educating and preparing individuals for roles in Ethereum security through structured learning and practical challenges. Learn more

September 20, 2024
Rho Markets Incident

On July 19th, Rho Markets — a Compound V2 fork on Scroll — was involved in an incident that led to the creation of $7.5mil in bad debt. The root cause of the vulnerability was the misconfiguration of the oracle for ETH, i.e., setting the address to a wrong price feed, at initialization time, and not a bug in the code. The price mis-alignment was quickly exploited by an MEV bot that observed the opportunity.

Fortunately, lost funds were returned due to the quick and coordinated efforts between the protocol team and SEAL 911 (of which we are also part). That being said, the willingness of the MEV Bot operator behind the incident to co-operate with the protocol and return the funds significantly sped up the recovery.

One may also read Rho Markets’ official statement [tweet | blog] on the incident, which does a great job of explaining the circumstances that led to the loss of funds.

Technical Details

The misconfiguration

Quoting Rho Markets’ incident report:

This issue occurred due to the erroneous configuration of the ETH oracle price feed to the BTC price feed. Normally, such settings are validated before any changes are implemented. However, due to a human error in overseeing the deployment process, this validation check was missed in the case of the oracle price.

The on-chain misconfiguration of the PriceOracleV2 contract occurred in this transaction: https://scrollscan.com/tx/0x9d2388a0c449c6265b968d86f0f54e75a5b82e2b04176e35eefdff5f135547ec#eventlog

As can be seen from the emitted event, the transaction has the effect of erroneously setting the oracle for the underlying asset at address(0) to be the WBTC/USD oracle.

At the time of the transaction, the configuration for the rWBTC token ( 0x1d7.. ) had not been set inside the oracle contract:

This is also evident by the fact that no calls to the PirceOracleV2‘s setRTokenConfig function had been performed, prior to the oracle update on block 7580111 and after rWBTC ’s deployment on block 7579842

The problem with setting the oracle for the asset at address(0) is that, as stated before, this address represents the underlying token of rETH (ETH) [ configuration of rETH ]

Which is a notion inherited from Compound’s semantics:

Screenshot depicting the configuration of ETH in Compound’s UniswapAnchoredView contract — the second address in the tuple is the underlying address

The consequences of the misconfiguration

At this point we can note that no contract code was vulnerable or broken, since the setter of the price oracle functioned as intended.

However, this misconfiguration alone was enough to enable the arbitrage opportunity that an MEV bot exploited. Since all ETH collateral would be priced at the value of WBTC —a 20X increase in the actual value of ETH— this allowed the bot to borrow more funds than one should normally get when using ETH as collateral (which lead to the creation of bad debt).

The MEV bot performed multiple transaction like this one: https://scrollscan.com/tx/0x0a7b4c6542eb8f37de788c8848324c0ae002919148a4426903b0fb4149f88f05

As one may see, the bot mints ~84 rETH

But it successfully manages to borrow ~942 wstETH which is then swapped into ETH

The total amount of bad debt that was created by this method ended up being ~7.5 million.

Return of funds

The war room set up with the protocol team and SEAL 911 was quick in gathering information on the attack and the operator of the MEV bot. However, the bot operator acted in good will and contacted the protocol team for the return of funds:

https://etherscan.io/tx/0xab7bc87fca7df222000b870fbe55750c33b3ea0461a8ba8a8ddbe530a1934248

https://scrollscan.com/tx/0xd9c2e4f0364b13ada759f2dd56b65f5025e70cce4373e7c57ac31bf5226023e0

Hello RHO team, our MEV bot have profited from your price oracle misconfiguration. We understand that the funds belong to users and are willing to fully return. But first we would like you to admit that it was not an exploit or a hack, but a misconfiguration on your end. Also, please provide what are you going to do to prevent it from happening again.

Funds were successfully returned at: https://scrollscan.com/tx/0x15da6af0207d82d27ca20a542dae1b81580ca1cbfee7028c312229968e356446

Takeaways

The incident highlights the importance of rigorously reviewing deployment procedures. Even when there are no smart contract vulnerabilities, protocols must ensure that updates do not break any invariants posed by the protocol’s complex modules.

We’d like to thank Rho Markets for their quick action and transparency on the issue, as well as all the members of SEAL 911 who also participated in the war room with us.

September 5, 2024
Audits
Dedaub’s Terms of Service (the “Agreement”) are a legal agreement between You as the Client and Dedaub Ltd. (“Dedaub”, “We”, “Us” and “Our”), a private limited liability company registered under the Laws of Malta with company number C99606, collectively referred to as Parties. By using our services, You agree to be bound by these Terms of Service and all terms incorporated by reference.

There are important terms provided below including your indemnification responsibilities, our limitation of liability and warranty disclaimers, and your agreement to arbitrate disputes. Please take the time to read these terms of service carefully. You can always contact us at legal@dedaub.com if you have any questions.
1. Service Summary: An “Audit” is a careful inspection of your project’s code by expert human inspectors, aided by Dedaub’s proprietary analysis tools, off-the-shelf tools, and other techniques in accordance with state-of-the-art practices. The findings of this exercise will be detailed in an audit report. This report will rank issues as “Critical”, “High Severity”, “Medium Severity”, “Low Severity”, and “Advisory Suggestions”.
2. Project Preparation: Prior to an audit you shall provide Dedaub with succinct, but sufficient, documentation about the project to be audited. You shall make sure that the project compiles and is operational by the time an audit begins, and maintain timely communication throughout the audit period.
3. Access to Dedaub Security Suite: The project’s code will be uploaded to the Dedaub Security Suite to run initial vulnerability discovery, and Dedaub will grant 30-day free access to the platform up to 5 email addresses of the Client personnel involved in the audit negotiation and audit code review.
4. Transparency: Dedaub reserves the right to publish the Audit report on Dedaub’s website or other repository. Likewise, you reserve the right to publish it, in full, without making any modifications to it. However, should you want us to not publish the report, let us know within 24 hours of delivering it to you and we will accommodate your request.
5. Scope of an Audit: The scope of the auditing shall be specifically security considerations, not functional correctness. Therefore, the auditing will be aimed at detecting the potential for malicious use of the contracts, and on cryptoeconomic considerations (e.g., price manipulation or forced unprofitable exchanges), and not on ensuring functionality and correctness of business logic (e.g., numeric calculations specific to the business domain), unless specific properties of numerical correctness are specified up front as being required of Dedaub. Throughout the validity of this Agreement, the Parties shall be free to agree on the provision of additional services by Dedaub and on the relative terms and conditions.
6. Assumption of Risk: You warrant to fully understand: (a) that there are inherent risks associated with blockchain-based software systems, and that (b) additional risks to the Services and blockchain-based technologies may be present as a result of advances in code-cracking or technical advances, such as novel flaws identified in cryptography. You acknowledge that these risks could result in the loss or theft of crypto tokens or property.
7. Indemnification: You shall defend, indemnify, and hold harmless Dedaub (and each of our officers, directors, members, employees, agents and affiliates) from any claims, damages, proceedings, costs and expenses resulting from any breach of any representations, warranties, covenants or agreements of the Client in this Agreement or at law
8. Limitations:
  1. Audits and other services provided by Dedaub are not a warranty on the security and/or functionality of the systems audited and you assume any and all risks and losses.
  2. Dedaub will not be liable to you (whether under the law of contact, the law of tort or otherwise) in relation to the service provided:
    
    for any direct, indirect, special or consequential loss; or
    
    for any business losses, loss of revenue, income, profits or anticipated savings, loss of contracts or business relationships, loss of reputation or goodwill, or loss of cryptocurrency/tokens/NFTs or data or any other loss, or any other damages in general.
    
    These limitations of liability apply even if you have been expressly advised of the potential loss.
  3. In any event, Dedaub’s total maximum aggregate liability under this Agreement, shall not exceed the audit fees.
9. Use of Marks: Each Party agrees that the other Party and/or its affiliates are the sole owners of their respective Marks. “Marks” means the trade names, trademarks, service marks, logos or other commercial symbols of a Party hereto or any of its affiliates. Notwithstanding the aforementioned, both Parties are granted a non-exclusive, revocable, non-transferable, and limited right to use and display the other Party’s Marks for the specific purpose of marketing and promotion directly associated with the services and obligations outlined within this Agreement. Any use of the other Party’s Marks must be in accordance with the specifications and guidelines provided by the owning Party and must not harm or diminish the value of the Marks.
10. Relationship of the Parties: Nothing contained in this Agreement shall be interpreted or construed to create a partnership, agency, single employer, joint employer or any other type of employment relationship between the parties hereto, or to impose liability attributable to such relationship upon either party. Neither party will have any right, power or authority to enter into any agreement on behalf of, to incur any obligation or liability of, or to otherwise bind the other party.
11. Non-solicitation: During the entire term of service, and for a period of two years after termination of any relationship between the Parties, the Parties agree to not, either directly or indirectly, recruit, solicit, or induce, or attempt to recruit, solicit, or induce, any of the other Parties’ employees, partners, contractors or collaborators to work for or with the other party in any respect, or to in any manner render services to such other Party.
12. Prices: Prices and fees include all taxes levied by Malta but exclude taxes levied in your jurisdiction. For cryptocurrency payments (if any), the value of any cryptocurrency for the purposes of payment fulfillment will be the value in USD at NYSE closing time (4 PM EST/EDT) on the day prior to the due date (as provided at https://messari.io/) on the issued invoice.
13. Severability: If any of the provisions or portions thereof of this Agreement are found to be invalid under the applicable law, then, that provision notwithstanding, this Agreement shall remain in full force and effect and any such provision or portion thereof shall be deemed omitted.
14. Survival: Rights and obligations under this Agreement which by their nature are intended to survive termination, including without limitation the indemnification and liability limitations provisions set forth in this Agreement, shall remain in full effect after termination or expiration of the Agreement.
15. Governing Law and Arbitration: This Agreement is governed by and construed in accordance with the laws of Malta. Any dispute, controversy or claim arising out of or in relation to this Agreement, including the validity, invalidity, breach or termination thereof, shall be finally settled by arbitration in accordance with the provisions of Part IV (“Domestic Arbitration”) of the Arbitration Act (Chapter 387 of the Laws of Malta) and the Arbitration Rules made thereunder, as in force on the date of commencement of the relevant dispute.
June 12, 2024
Terms of Service – App
Dedaub’s Terms of Service (the “Agreement”) are a legal agreement between You as the Client and Dedaub Ltd. (“Dedaub”, “We”, “Us” and “Our”), a private limited liability company registered under the Laws of Malta with company number C99606. By using our services, you agree to be bound by these terms of service and all terms incorporated by reference.

Dedaub provides a subscription software (the “Service“) over supported EVM-based blockchain protocols. The Service combines static application security testing (SAST), theorem proving techniques, realtime blockchain monitoring, and fuzzing.

Prior to giving You access to some features of the Service, Dedaub may ask You for cryptographic proof that You are a member of a Protocol’s development team, and that your Protocol (the “Protocol”) is not an unmodified fork of another well-known Protocol.

The security analyses provided through the Service are designed to find security weaknesses in Smart Contracts. Some of these analyses may detect potential for malicious use of the contracts, for instance, potential cryptoeconomic weaknesses (e.g., price manipulation or forced unprofitable exchanges). The Service, however, does not ensure the correctness of the business logic.

There are important terms provided below including your indemnification responsibilities, our limitation of liability and warranty disclaimers, and your agreement to arbitrate disputes. Please take the time to read these terms of service carefully. You can always contact Us at legal@dedaub.com if you have any questions.
1. Service:
  1. We agree to grant You an unlimited, worldwide and non-exclusive right to use the Service, subject to limitations of the pricing tier you have subscribed to.
  2. You agree to use the service solely and exclusively in terms of the present Agreement and shall ensure that such Service is not used by any other third party.
  3. You agree not to transfer, share or assign your right to use and access the Services and will not tolerate or permit any third party from accessing or using the Services.
  4. You agree to not share or distribute in any manner, in whole or in part, any content forming part of the Service.
  5. You agree not to alter or attempt to alter or do anything that may potentially alter the software which is in any manner related to the Service.
2. Consideration:
  1. By way of consideration for the Service, You shall pay Dedaub the sum indicated within the relevant pricing plan at the applicable service tier. Such sum is exclusive of Taxes imposed by your jurisdiction if due, and this sum shall be settled on a quarterly basis and in advance, to be reckoned from the start of your service. Payments are due without the need of a request to be made by Dedaub.
  2. In the event that the present Agreement is renewed, the same terms shall apply, provided, however, that on a yearly basis, We shall have a right, saving any other Agreement as may be reached with Dedaub, to increase the price due for the service. In the event that We would be exercising this right to increase the price, then We shall give notice in writing of such increase thirty (30) days before the commencement of the billing period on which such increase would become first applicable.
  3. If you move to a higher tier of a paid plan, the change will take effect immediately and we will charge You for the additional fees associated with the new paid plan on a pro-rata basis. If You move to a lower tier of a paid plan, the fee change will take effect in the next billing cycle. You acknowledge that You will not receive a refund for the then-current billing cycle if You move to a lower tier of a paid plan, or to a non-payment subscription plan.
  4. In the event that You do not pay any amount due upon the day when the same falls due, automatically interest shall be chargeable, ipso jure, on any balance due from the relative payment at the highest rate permissible by law.
  5. You agree that in the event that You would need to carry out any works, upgrade any of your systems, alter your hardware, software or other infrastructure in order for You to be able to receive the Service, or to continue to receive the Service, any related costs shall be solely and exclusively incurred by You. You shall have no right to request and compensation, redress, reimbursement or discount from Dedaub, even in the event that the need for such expense is brought about by a change on our part.
3. Continued Service:
  1. We shall use all reasonable efforts in order to ensure that availability of the Service in terms of this Agreement is maintained throughout the whole term of this Agreement, provided, however, that You recognize and accept that we are not in any manner promising or guaranteeing availability at all times. Among other things, service may be interrupted, directly or indirectly, due to the following and in such cases, interruption shall not be deemed to constitute a breach on our part:
    
    Any failure or fault on any system or infrastructure on which we rely on, in providing the Service;
    
    Any failure or fault of any system upon which You rely on in making use of the Service;
    
    Any breach of this Agreement, whether direct or indirect, on your part;
    
    Any event of force majeure;
    
    Any scheduled maintenance which may be necessary.
  2. Provided, however, that in the event that You are, at any point in default of payment of any amount due in terms of this Agreement to Dedaub, and we have also given You notice requesting payment to be effected within fifteen (15) days from such notice being given, then the we may, upon the lapse of such fifteen (15) day period suspend the provision of service without any right of recourse or any right to damages. Any such suspension shall be without prejudice to our right to collect any amounts due to it in terms of this Agreement.
  3. We shall have the right to interrupt services for the purpose of maintenance of our systems, provided that where practicable we shall give You reasonable prior notice thereof.
4. Intellectual Property: Any intellectual property rights in any manner connected or related to the Service shall remain our sole and exclusive property and nothing in this Agreement shall be construed in any manner as assigning or transferring any such rights to You.
5. Data Use and Processing:
  1. You are granting Dedaub the widest and broadest right to make use of any of your data as may be required in the provision of the Service, in the execution of the Our obligations and exercise of Our rights in terms of this Agreement and in terms of the law.
  2. You confirm and warrant that any data You make available to Dedaub does not infringe any rights of third parties, including intellectual property and other proprietary rights.
  3. You agree that such obligations shall survive any expiration or early termination of the present Agreement.
6. Accuracy and Legality: It is your sole responsibility to ensure that all information or data provided to Dedaub is accurate, legitimate and conforms to all applicable legal requirements. Dedaub shall in no event assume any responsibility for any inaccuracies in the information or data provided by You if it infringes any laws and regulations, including but not limited to, intellectual property regulations. In this regard, you shall fully indemnify and hold the Dedaub harmless against all claims or demands (including legal and other professional fees and expenses) which We may suffer arising from or in connection with any inaccuracies or infringement in information or data provided.
7. Data Protection: We shall comply with all Applicable Laws when carrying out this Agreement, in particular:
  1. We shall keep your personal data logically separated from personal data processed on behalf of any third party;
  2. We will entrust only persons (whether natural or legal) with the Processing under this Agreement who maintain confidentiality and have been informed of any special data protection requirements relevant to their work;
  3. We shall cooperate, on request, with the relevant data protection supervisory authority in the performance of its tasks;
  4. We shall undertake reasonable efforts to support you if you are subject to inspection by the supervisory authority, an administrative or summary offense or criminal procedure, a liability claim by a data subject or by a Third Party or any other claim in connection with this Agreement;
  5. We shall periodically monitor the internal processes and the technical and organizational measures to ensure that processing of personal data is in accordance with the requirements of applicable law and the protection of the rights of the data subject.
8. Authority to Enter Agreement: Each Party warrants and declares that it has the right and authority to enter into the present Agreement.
9. Assumption of Risk: You fully understand: (a) that there are inherent risks associated with blockchain-based software systems, and that (b) additional risks to the Services and blockchain-based technologies may be present as a result of advances in code-cracking or technical advances, such as novel flaws identified in cryptography. You acknowledge that these risks could result in the loss or theft of crypto tokens or property.
10. Acceptable Use: When accessing or using the Services, You agree that You will not violate any law, contract, intellectual property or other third-party right or commit a tort, and that You are solely responsible for your conduct while using our Services. Without limiting the generality of the foregoing, You agree that You will not:
  1. Use our Services to exploit or harm in any way third party protocols;
  2. Cause any damage to Dedaub, our infrastructure, our software or our other clients;
  3. Use any robot, spider, crawler, scraper or other automated means or interface not provided by us to access our Services or to extract data;
  4. Use or attempt to use another user’s account without authorization;
  5. Access or use the Services for the benefit of one of Our direct competitors or access the Services for the purpose of monitoring their availability, performance or functionality, or for any other benchmarking or competitive purposes;
  6. Encourage or induce any third party to engage in any of the activities prohibited under this Section.
11. Indemnification: You shall defend, indemnify, and hold Us harmless (and each of Our officers, directors, members, employees, agents and affiliates) from any claims, damages, proceedings, costs and expenses resulting from any of your breaches of any representations, warranties, covenants or Agreements with Us.
12. Limitations:
  1. The Service does not provide a warranty on the security and/or functionality of the systems and You assume any risks and losses, and You declare not to hold Dedaub liable to any degree for any loss of whatever nature, irrespective of the services which may have been provided by Dedaub.
  2. Dedaub will not be liable to You (whether under the law of contact, the law of tort or otherwise) in relation to the service provided:
    
    for any direct, indirect, special or consequential loss; or
    
    for any business losses, loss of revenue, income, profits or anticipated savings, loss of contracts or business relationships, loss of reputation or goodwill, or loss of cryptocurrency/tokens/NFTs or data or any other loss, or any other damages in general.
    
    These limitations of liability apply even if You have been expressly advised of the potential loss.
  3. Dedaub and any of its directors, officers, employees and contractors, will not be liable to You except by reason of acts constituting bad faith of Dedaub or willful misconduct or reckless disregard of our duties. The Parties hereto recognize and accept that the effectiveness of the Services are not guaranteed or warranted by Dedaub in any respect whatsoever.
  4. In any event, Dedaub’s total maximum aggregate liability under this Agreement shall not exceed the fees You paid to Dedaub over the last 12 months.
13. Relationship of the Parties: Nothing contained in this Agreement shall be interpreted or construed to create a partnership, agency, single employer, joint employer or any other type of employment relationship between the parties hereto, or to impose liability attributable to such relationship upon either party. Neither party will have any right, power or authority to enter into any agreement on behalf of, to incur any obligation or liability of, or to otherwise bind the other party.
14. Updates to The Agreement: We periodically update the terms of this Agreement. If You have an active Dedaub account, we will notify You of updates via an email or a notification on the Dedaub platform. Unless the notice states otherwise, the updated terms of this Agreement will become effective and binding on the next business day after it is posted.
15. Subcontracting: We may sub-contract, in whole or in part, any of our obligations in terms of this Agreement to third parties.
16. Severability: If any of the provisions or portions thereof of this Agreement are found to be invalid under the applicable law, then, that provision notwithstanding, this Agreement shall remain in full force and effect and any such provision or portion thereof shall be deemed omitted.
17. Survival: Rights and obligations under this Agreement which by their nature are intended to survive termination, including without limitation the indemnification and liability limitations provisions set forth in this Agreement, shall remain in full effect after termination or expiration of the Agreement.
18. Governing Law and Arbitration: This Agreement is governed by and construed in accordance with the laws of Malta. The parties agree that any dispute or claim arising out of or in connection with this Agreement or its subject-matter shall be subject to the exclusive jurisdiction of the Malta Arbitration Center in accordance with the Arbitration Act (Cap. 387 of the Laws of Malta) and the arbitration rules of the Malta Arbitration Center in force at the time of the dispute. Dedaub shall retain the right, at its option and for its exclusive benefit, to institute proceedings regarding or relating to Your use of the Service in the courts of law of the country in which You reside.
19. Waiver of Jury Trial: You and Dedaub waive their rights (if applicable) to a trial by jury relating to all claims and causes of action (including counterclaims) related to or arising out of this Agreement. This waiver shall also apply to any subsequent amendments or modifications to this Agreement.
20. No Class Actions: All claims between the parties, including parent companies and subsidiaries, related to this Agreement will be litigated individually and You will not consolidate or seek class treatment for any claim with respect to the Services.
June 12, 2024
Non-Disclosure Agreement

Dedaub has a very balanced Mutual Non-Disclosure Agreement (MNDA). We sign MNDAs with potential and current users/customers and suppliers as needed free of charge. In doing so we commit to safeguarding their confidential information as laid down in the provisions of the MNDA. In return we seek the same commitment via this mutual agreement.

You can review and digitally sign a copy of our Mutual Non-Disclosure Agreement. Once you sign the agreement, you will receive a fully executed downloadable copy via email.

Sign Dedaub MNDA

June 12, 2024
Privacy Policy
We will NEVER sell Your Personal Data to Third Parties.

Dedaub will only share or disclose Personal Data as described in this Privacy Policy.

This Privacy Policy applies to Personal Data processed by Dedaub Ltd. (“Dedaub”, “We”, “Us” and “Our”) when You visit dedaub.com in addition to any sub-pages that are integrated within it (the “Site”); and/or make use of Dedaub’s Software.

This Privacy Policy explains what Personal Data We collect through Our Site and Software, how and why We collect it, how We use and disclose the Personal Data We collect and information on how to exercise privacy rights over this Personal Data.

We may revise this Privacy Policy from time to time but We will never do so in a manner that compromises Our commitment to respect the privacy of individuals. The most current version of this Privacy Policy governs Our practices for collecting, processing, and disclosing Personal Data. We will provide notice via email to Our Customers and on this page of any material modifications to this Privacy Policy. Continued use of Our Site and/or Software and/or Services following the effective date of any modifications will constitute acceptance of the modified Agreement (this includes Our Terms of Service and this Privacy Policy).

All capitalized terms in this Privacy Policy shall have the same meaning as defined in the Terms of Service and in the Applicable Law.

This rest of this policy applies to Personal Data Dedaub collects from visitors to Our Site (dedaub.com) or any of Our sub-sites, software, or sub-domains (e.g. app.dedaub.com, etc.).

Any Personal Data provided by a visitor to Our Site will be used only as described in this Privacy Policy

Usage Data

When someone visits the Dedaub Site, We may store the name of their internet service provider, the website they visited Us from, the parts of Our Site they visit, the date and duration of the visit, and information from the device (e.g. device type, operating system, screen resolution, language, country You are located in, and web browser type) used during their visit. We process this usage Data to facilitate access to Our Site (e.g. to adjust Our Site to the devices that are used).

We temporarily store IP addresses of visitors to Our Site for associated performance metrics (i.e. data related to how well Our Software performs on Our Site) and to monitor and track application errors. We will never access these IP addresses without any operational or security need. We automatically delete these IP addresses within thirty (30) calendar days. The legal basis for this data processing is Article 6(1)(f) GDPR.

We also process usage Data in an aggregated or de-identified form for statistical purposes and to improve Our Site.

Cookies

Cookies are small data files transferred onto computers or devices. Dedaub uses cookies to process information including standard internet log information and details of the visitor’s behavioral patterns upon visiting Our Site. This is done to:
- operate Our Site;
- provide visitors to Our Site with a better experience by providing Us with insights on how visitors use Our Site; and
- for marketing purposes.
For more info about the cookies We make use of, please visit Our Cookie Information Page.

Contact with Us via email

Visitors to Our Site have the opportunity to contact Us to ask Us questions, for example via the contact form, where We ask for contact information (e.g. name, email address etc.). We use this data solely in connection with answering the queries We receive.

If a visitor to Our Site receives emails from Us, We may use certain analytics tools, to capture data such as when the email is opened or when any links or banners in the email have been clicked. This data helps Us to gauge the effectiveness of Our communications and marketing campaigns.

The legal basis for this processing is Article 6(1)(f) GDPR.

Access and Disclosure to Third Parties

We use a select number of trusted external service providers for certain technical data analysis, processing and/or storage offerings (e.g., IT and related services). These Third Party service providers are carefully selected and meet high data protection and security standards. We only share Data with them that is required for the services offered and We contractually bind them to keep any information We share with them as confidential and to process Personal Data only according to Our instructions. The legal basis for such processing would be Article 6(1)(f) GDPR.

In addition to services providers, other categories of Third Parties may include:
- Vendors/public institutions. To the extent that this is necessary in order to make use of certain services requiring special expertise (such as legal, accounting or auditing services) We may share Personal Data with vendors of such services or public institutions that offer them (e.g. courts). The legal basis of this data processing is Article 6(1)(f) GDPR.
- Disclosure in the Event of Merger, Sale, or Other Asset Transfers. If We are involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, purchase or sale of assets, or transition of service to another provider, then Data may be sold or transferred as part of such a transaction, as permitted by law and/or contract. The legal basis for such processing would be Article 6(1)(f) GDPR.
Other than the cases mentioned above, We will only transfer Personal Data to Third Parties without express consent in accordance with Article 6(1)(a) GDPR or if We are obliged to do so by statutory law or by instruction from a public authority or court as outlined in Our Terms of Service.

Communication Purposes

We may occasionally send notification emails about updates to Our product, legal documents, customer support or for marketing purposes. To the extent required by Applicable Law, We will only send such messages if We have obtained consent in accordance with Article 6(1)(a) GDPR. In all other cases, the legal basis of this data processing is Article 6(1)(f) GDPR.

Except for cases where We are required to do so by law (e.g. notification of a data breach), recipients of Our communication shall have the opportunity to unsubscribe from receiving these messages free of charge. We process requests to be placed on do-not-contact lists as required by Applicable Law.

Marketing Purposes

We occasionally use Personal Data given to Us by Dedaub’s Customers, Users and/or visitors to Our Site to target advertisements to potential new Customers that appear to have shared interests or similar demographics. The legal basis of this data processing is Article 6(1)(f) GDPR.

We do this by sharing Personal Data with Third Party marketing platforms that have high privacy and confidentiality standards and which have gone through a legal and security review by Dedaub. This ensures that these Third Parties cannot do anything with the Personal Data We provide them other than use it for the express purpose of providing Us with the marketing services We contract them for.

This Personal Data is only shared with these Third Parties through secure and encrypted means. If You wish to opt out of this processing activity, please contact Us at legal@dedaub.com with the subject line “Opt-Out of Marketing”.

Compliance and Protection

We may use Personal Data to (legal basis for the respective processing in parentheses):
- protect Our, Our Customers’/Users’, visitors’ to Our Site or Third Parties’ rights, privacy, safety or property including by making and defending legal claims (Article 6(1)(b), (c) or (f) GDPR);
- audit Our internal processes for compliance with legal and contractual requirements and internal policies (Article 6(1)(f) GDPR);
- enforce Our Terms of Service (Article 6(1)(b) or (f) GDPR);
- protect, investigate and deter against fraudulent, harmful, unauthorized, unethical or illegal activity, including cyberattacks and identity theft (Article 6(1)(f) GDPR); and
- comply with the Applicable Law, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities (Article 6(1)(c) or (f) GDPR).
Benchmarking

Dedaub reserves the right to use and retain Data in a de-identified and/or aggregated form to improve Our Site and/or Software and for statistical and benchmarking purposes, including enabling comparisons within the same industry to enhance the insights collected through Our Site and Software. Benchmarks look at all collected metrics and compare them to others of the same nature. These de-identified and/or aggregated benchmarks may be published and shared publicly within Our Software or in the form of other content We publish which may show a summary of results for a certain category or question type.

No Data which can individually identify Our Customers or their end-users will ever be shown in this statistical or benchmark data.

The legal basis for aggregating/anonymizing this Personal Data is Article 6(1)(f) GDPR.

Intra-group sharing of User and visitor Data

In the course of our normal operations, Dedaub may share Data (e.g. name and contact details) of Users of Dedaub accounts and visitors of Our Site (dedaub.com) with other entities in our group.

The purpose of sharing this Data is to pursue synergies in sales strategies. The legal basis of this Data processing is Article 6(1)(f) GDPR.

The use of any Personal Data for marketing purposes is subject to the prior consent of the data subject, i.e. the natural person to whom the communication shall be sent. You may withdraw Your consent at any time with future effect. The legal basis for this data processing is Your consent in accordance with Article 6(1)(a) GDPR.

If You would like more information in this regard or would like to exercise Your rights as described in this Privacy Policy, please contact Us through our Contact Details.

Other Purposes with Your Consent

In some cases, We may ask You for consent to collect, use or share Personal Data for other purposes. For example, We may ask You for consent to send marketing emails where required by law or to post testimonials or endorsements. In such cases, there will always be the ability to deny or revoke consent if desired. The legal basis for the data processing is under Article 6(1)(a) GDPR.

Duration of Processing

Unless a different timeframe has been specifically stated in this Privacy Policy or in Our Pricing Page, Personal Data will be retained for as long as is necessary for the purpose(s) for which We originally collected it or to provide Our Software, resolve disputes, establish legal defenses, conduct audits, pursue legitimate business purposes, and enforce Our Agreement. We may also retain information as required by Applicable Law.

International Transfers of Personal Data

In most cases, Personal Data We collect is stored in the EU. However, in some limited cases, customer information may be accessed from, or other Personal Data (e.g., email) may be transferred, outside of the EU. These countries may have different data protection laws. Dedaub endeavors to ensure appropriate safeguards are in place requiring that Personal Data will remain protected. Dedaub has concluded Standard Contractual Clauses with entities who We share Personal Data with outside of the EU.

Children’s Information

Dedaub’s Software and Services are not directed to children under 13 (or other age as required by local law), and We do not knowingly collect Personal Data from children. If you learn that your child has provided Us with Personal Data without your consent, you may contact Us through Our Contact Details below. If We learn that We have collected a child’s Personal Data in violation of Applicable Law, We will promptly take steps to investigate this, delete such information and terminate the child’s account. We will also make sure to have preventive measures in place for this not to happen again in the future.

Rights over Personal Data

If You’re a visitor to Our Site or a Customer and/or User of Our Software and We have collected Personal Data about You, You have a right to access and to be informed about what Personal Data is processed by Dedaub, a right to rectification/correction, erasure/anonymization and restriction of processing (subject to certain exceptions and other requirements prescribed by law). You also have the right to receive from Dedaub a structured, common and machine-readable format of Personal Data You provided Us.

When You have provided consent, You may withdraw it at any time, without affecting the lawfulness of the processing that was carried out prior to withdrawing it. Whenever You withdraw consent, You acknowledge and accept that this may have a negative influence on the quality of Our Site and/or Software. Please be aware that when You withdraw consent, We may delete the Personal Data previously processed on the basis of Your consent and will not be allowed to keep it further which will mean that it cannot be accessed, downloaded or otherwise secured by You.

In addition, You have the right to lodge a complaint with Your respective data protection authority.

To protect Your privacy, We take steps to verify Your identity before fulfilling Your request. We can only identify You via Your email address and We can only adhere to Your request and provide information if We have Personal Data about You through You having made contact with Us directly and/or You are using Our Site and/or Software.

Sign-in using an external external identity provider

If you sign-in using external identity providers like Google, we will collect and store your email, user id as well as first and last name (if they are provided). This data is necessary for using our applications and is not shared with any third party unless specific consent is given by the user

If You are located in California…

This section only applies to Our processing of Personal Data as a “business” under the California Consumer Privacy Act (CCPA).

The CCPA provides California residents with the right to know what Categories of Personal Data Dedaub has collected about them and whether Dedaub disclosed that Personal Data for a business purpose (e.g. to a service provider) in the preceding 12 months.

If You are a California resident and would like to exercise any of Your rights under the CCPA, please contact Us at legal@dedaub.com. We will process Your request in accordance with the Applicable Laws.

Sales of Personal Information Under the CCPA. For purposes of the CCPA, Dedaub does not “sell” Personal Data, nor do We have actual knowledge of any “sale” of Personal Data of minors under 16 years of age.

Non-Discrimination. California residents will have the right to exercise the rights conferred to them by the CCPA.

Authorized Agent. Only You, or someone legally authorized to act on Your behalf, may make a verifiable consumer request under the CCPA. If applicable, You may also make a verifiable consumer request on behalf of Your minor child. To designate an authorized agent, please contact Us at legal@dedaub.com.

Verification. To protect Your privacy, We will take steps to verify Your identity before fulfilling any consumer request under the CCPA. When You make a request, We will ask You to provide sufficient information that allows Us to reasonably verify You are the person We collected Personal Data about or an authorized representative, which may include Your email address.

If You are located in Brazil…

This section only applies to Our processing of Personal Data under the Brazilian Lei Geral de Proteção de Dados (LGPD).

In addition to the rights described above, You also have the right to:
- access Your Personal Data processed by Dedaub;
- unless restricted by law, request information about the public and private entities with which We have shared Your Personal Data;
- oppose to the processing carried out; and/or
- receive information about the possibility of not providing Your consent and the consequences of such denial.
If You are a Brazilian resident or were in Brazil when Your Personal Data was collected and would like to exercise any of Your rights under the LGPD, please contact Us at legal@dedaub.com. We will process Your request in accordance with the Applicable Laws.

Information about Dedaub

Dedaub is a company headquartered in the European Union (EU) that provides security auditing services and software which keeps Our Customers’s projects safe from Hackers.

Contact Details

Dedaub Ltd., Malta Life Sciences Park, San Gwann, SGN3000, Malta
June 12, 2024
Other Forms

The W-8BEN-E form is a document provided by a foreign entity to the United States Internal Revenue Service (IRS) to confirm its status as a non-resident alien or foreign entity for purposes of U.S. income tax withholding and reporting.

W-8BEN-E for Dedaub Ltd

June 12, 2024