Select Language

Bahasa Indonesia

แบบไทย

Foundations

Core blockchain and crypto concepts: wallets, keys, consensus, and the building blocks of Web3.

What is a Honeypot Token?A honeypot token solves a scammer’s hardest problem in a decentralized market: how to let people buy while quietly making exit impossible

What is a Honeypot Token?A honeypot token solves a scammer’s hardest problem in a decentralized market: how to let people buy while quietly making exit impossible. The trap often looks like an ordinary token trade, but the key behavior is asymmetric permission — entry is open, selling is blocked, taxed into uselessness, or selectively allowed only for insiders.Mar 21, 202623 min read

What Is Phishing?Phishing is not mainly a malware problem or an email problem

What Is Phishing?Phishing is not mainly a malware problem or an email problem. It is a decision-manipulation problem: an attacker gets a real person to authenticate the wrong thing, trust the wrong interface, or approve the wrong action. That is why phishing keeps working even as technical defenses improve.Mar 21, 202625 min read

What is Bug Bounty?Bug bounty programs try to solve a hard security problem: the people best able to find your flaws often live outside your organization

What is Bug Bounty?Bug bounty programs try to solve a hard security problem: the people best able to find your flaws often live outside your organization. By turning unsolicited hacking into a structured, authorized, and rewarded reporting process, bug bounties can uncover real vulnerabilities earlier—but only if scope, triage, remediation, and safe harbor are designed well.Mar 21, 202624 min read

What is a Flash Loan Attack?A flash loan attack looks like a lending exploit, but the loan is often just the fuel

What is a Flash Loan Attack?A flash loan attack looks like a lending exploit, but the loan is often just the fuel. The real failure is usually elsewhere: a protocol trusts a price, balance, or accounting rule that can be distorted for one transaction, and flash liquidity makes that distortion cheap enough to exploit.Mar 21, 202623 min read

What is Allowlist/Blocklist?Allowlists and blocklists look similar on the surface: both are just lists of things to permit or deny

What is Allowlist/Blocklist?Allowlists and blocklists look similar on the surface: both are just lists of things to permit or deny. But they embody very different security assumptions. The difference between “allow known good” and “block known bad” explains why these controls are useful, where they fail, and why they show up everywhere from login systems to crypto exchange withdrawals.Mar 21, 202624 min read

What Is an Anti-Phishing Code?An anti-phishing code is a simple idea with a narrow job: give you a secret marker that legitimate account emails include, so fake ones are easier to spot

What Is an Anti-Phishing Code?An anti-phishing code is a simple idea with a narrow job: give you a secret marker that legitimate account emails include, so fake ones are easier to spot. It helps against exchange impersonation, but it is not magic — its value depends on what channel it covers, whether you actually check it, and how strong the platform’s email security is underneath.Mar 21, 202623 min read

What Is an Audit Trail?An audit trail is the difference between 'something happened' and 'we can reconstruct what happened, who did it, and whether the record can be trusted

What Is an Audit Trail?An audit trail is the difference between 'something happened' and 'we can reconstruct what happened, who did it, and whether the record can be trusted.' In security, that distinction matters during incidents, internal investigations, compliance reviews, and everyday operations where accountability has to survive mistakes and attacks.Mar 21, 202626 min read

What Is a ZK Rollup?ZK rollups solve a strange problem: how can a blockchain trust computation it did not perform itself? Their answer is to execute transactions offchain, publish the data needed to reconstruct state, and attach a succinct proof that the new state is correct

What Is a ZK Rollup?ZK rollups solve a strange problem: how can a blockchain trust computation it did not perform itself? Their answer is to execute transactions offchain, publish the data needed to reconstruct state, and attach a succinct proof that the new state is correct.Mar 21, 202623 min read

What Is Address Poisoning?Address poisoning looks trivial at first: a scammer sends you a worthless transfer

What Is Address Poisoning?Address poisoning looks trivial at first: a scammer sends you a worthless transfer. The danger is not the transfer itself, but the false memory it plants in your wallet history, where a lookalike address can later be mistaken for a trusted recipient and turn a routine payment into an irreversible loss.Mar 21, 202622 min read

What is Validium?Validium is an unusual scaling design: it keeps the strongest part of a ZK rollup — cryptographic proof that state updates are valid — while moving the heaviest part, transaction data, off-chain

What is Validium?Validium is an unusual scaling design: it keeps the strongest part of a ZK rollup — cryptographic proof that state updates are valid — while moving the heaviest part, transaction data, off-chain. That trade changes fees, throughput, privacy, and trust assumptions all at once.Mar 21, 202624 min read

What is Volition?Volition exists because data availability is where many rollup costs and trust assumptions actually live

What is Volition?Volition exists because data availability is where many rollup costs and trust assumptions actually live. It gives users or applications a choice: pay for on-chain data when you want stronger recovery guarantees, or keep data off-chain when lower cost or confidentiality matters more.Mar 21, 202624 min read

What is Restaking for L2 Security?Restaking for L2 security tries to answer a hard question: how can a rollup or related service get meaningful security before it has its own large validator economy? The idea is to reuse already-staked assets as collateral for additional duties, but the details matter because shared security is never the same as native security

What is Restaking for L2 Security?Restaking for L2 security tries to answer a hard question: how can a rollup or related service get meaningful security before it has its own large validator economy? The idea is to reuse already-staked assets as collateral for additional duties, but the details matter because shared security is never the same as native security.Mar 21, 202625 min read