CertiK 블로그

AI smart contracts combine blockchain and AI to enable adaptive automation, real-time decision-making, and scalable Web3 applications.

AI Auditor was originally built as an internal tool for CertiK’s own auditors, but is now available to the public after more than six months of rigorous application. In evaluations against 35 real-world Web3 security incidents from 2026, AI Auditor achieved an 88.6% cumulative exact hit rate, all while being engineered specifically to deliver high detection with exceptionally low noise.

An overview of the transformative U.S. crypto regulatory developments in March 2026, featuring the SEC-CFTC peace treaty, the Token Taxonomy release, and a breakthrough in the Senate Banking "yield" debate.

AI Auditor was originally built as an internal tool for CertiK’s own auditors, but is now available to the public after more than six months of rigorous application. In evaluations against 35 real-world Web3 security incidents from 2026, AI Auditor achieved an 88.6% cumulative exact hit rate, all while being engineered specifically to deliver high detection with exceptionally low noise.

Gate's Web3 Wallet now displays CertiK Skynet Scores directly within its Earn product pages, giving users on-chain security intelligence at the point of investment decision-making.

CertiK has completed an independent Proof of Reserves (PoR) audit for Gate Technology FZE, the Dubai-based entity of the Gate Group. Gate Dubai exchange is licensed by the Virtual Assets Regulatory Authority (VARA). The audit verified that the platform's on-chain reserves fully back its user liabilities across all in-scope assets as of December 31, 2025.

AI smart contracts combine blockchain and AI to enable adaptive automation, real-time decision-making, and scalable Web3 applications.

An overview of the transformative U.S. crypto regulatory developments in March 2026, featuring the SEC-CFTC peace treaty, the Token Taxonomy release, and a breakthrough in the Senate Banking "yield" debate.

How Web3 penetration testing secures smart contracts, wallets, and infrastructure through real-world attack simulation, standardized methodologies, and actionable remediation.

On 22 March 2026, the Revolv protocol was exploited, resulting in a loss of ~$26.8M due to a compromise of the project's cloud infrastructure which gave access to Resolv’s AWS Key Management Service (KMS).

On 10 March 2026, the Movie Token (MT) contract was exploited for approximately $242,000 due to a critical flaw in its 'sell' logic. The vulnerability stemmed from a double-counting error: when a user sold MT tokens, the contract simultaneously transferred them to the liquidity pair for the swap and added that same balance to a pendingBurnAmount variable. When distributeDailyRewards() subsequently burned those pending tokens, it created an artificial supply shock, inflating the MT price and allowing the attacker to drain value from the pool.

OpenClaw is an open-source, self-hosted personal AI agent platform designed to run on a user’s local machine or server. It supports long-term memory, autonomous operation, integration with mainstream LLMs, and remote control through messaging platforms like Telegram.

AI smart contracts combine blockchain and AI to enable adaptive automation, real-time decision-making, and scalable Web3 applications.

AI Auditor was originally built as an internal tool for CertiK’s own auditors, but is now available to the public after more than six months of rigorous application. In evaluations against 35 real-world Web3 security incidents from 2026, AI Auditor achieved an 88.6% cumulative exact hit rate, all while being engineered specifically to deliver high detection with exceptionally low noise.

An overview of the transformative U.S. crypto regulatory developments in March 2026, featuring the SEC-CFTC peace treaty, the Token Taxonomy release, and a breakthrough in the Senate Banking "yield" debate.

In our previous video, we discussed Advanced Formal Verification of ZKP: Verifying a ZK Instruction. By formally verifying each zkWasm instruction, we were able to completely verify the technical security and correctness of the entire zkWasm circuit. In this video, we will focus on the bug discovery aspect, examining specific bugs encountered during the process and the lessons learned.

Skynet Quest is a brand new platform that unlocks Web3 security with engaging learning experiences and tools. By completing quests, users gain practical knowledge of Web3 security, earn rewards, and unlock valuable tools. Whether you're a novice or an expert, Skynet Quests has something to teach everyone.

In December 2023, we shared an Aptos-related bug report with the Wormhole Bug Bounty Program. We were impressed at Wormhole’s quick and effective resolution of the issue. A patch resolved the issue within 3.5 hours of the initial report.