All Blogs

This post focuses on security areas that matter the most in real Lightning dApps. It is written from an audit perspective: what consistently causes loss of funds and stuck funds, common attack surfaces, and how developers can prevent them.

In 2025, wrench attacks unfortunately crossed a critical threshold. What was once treated as an edge-case risk has become a structural threat to digital asset ownership. Attackers are no longer acting opportunistically; they are operating as organized, transnational groups that combine OSINT-driven targeting, social engineering, and extreme physical violence to extract private keys.

Learn more about Decentralized Physical Infrastructure Networks (DePIN) and how they are helping merge Web3 and physical infrastructure to create new possibilities.

As conversations at the 2026 World Economic Forum at Davos-Klosters, Switzerland continue to influence how global leaders engage with emerging technologies, one message is becoming increasingly clear: Web3 is entering a new phase defined by institutional participation, regulatory engagement, and long-term infrastructure.

The Top 20 PayFi projects on BNB Chain board showcases the top projects based on their Skynet Scores. This leaderboard identifies PayFi protocols combining payments and finance on BNB Chain with high security and performance metrics from CertiK Skynet. It highlights real-time risk intelligence to empower users and developers with data-driven insights.

On 20 January 2026, DeFi protocol MakinaFi suffered an exploit resulting in the theft of 1,299 ETH, valued at approximately $4.13 million.

What are the key differences between KYC and AML? We also discuss workflows and best practices to help businesses reduce financial crime and streamline compliance across jurisdictions.

This article examines CIP-56’s technical design and explains how it addresses limitations that have historically prevented regulated institutions from adopting traditional token standards. It also offers a practical lens for builders.

KYC services for banking: workflows, providers, AML checks, and automation tips to streamline onboarding without sacrificing risk management.

On 08 January 2026 Truebit was exploited for ~$26.6M due to an overflow issue. A malicious actor minted tokens for zero ETH that they then sold for ~$26.4M in the same transaction. The exploit was followed up by a second attacker who was able to extract a further ~$224k.

The recent Ledger data breach serves as a stark reminder that security extends far beyond the blockchain itself. Indeed, the exposure of personal details, including contact information and postal addresses, has opened a new front for sophisticated cyberattacks targeting ledger customers.

CertiK is excited to announce its formal strategic partnership with YZi Labs (formerly Binance Labs), which aims to improve the security architecture of participants in the “EASY Residency Global Startup Incubation Program.”