During this year’s Korea Blockchain Week (KBW), CertiK, the world’s largest Web3 security services provider, hosted “CertiK Espresso @KBW – Compliance Insights Workshop,” a gathering that brought together industry experts, executives, and investors from Korea and abroad. The workshop focused on stablecoins, regulatory frameworks, and the future of Web3, offering in-depth discussions on how compliance and security intersect with innovation.

CertiK showcased its commitment to Korea at XRP SEOUL 2025, with CBO Jason Jiang discussing stablecoins and RWAs from a security perspective. The company also released the 2025 Skynet Korea Report, highlighting market opportunities and key security challenges in the Korean Web3 ecosystem. During Korea Blockchain Week (KBW), CertiK announced localized initiatives, including strengthened partnerships and expanded regional operations, to support long-term ecosystem growth.

Every autumn, Seoul hosts one of the blockchain industry’s most prominent events: Korea Blockchain Week (KBW). The event attracts developers, investors, policymakers, and project teams from around the world, and has become a key platform for dialogue and collaboration in the Web3 space.

This in-depth analysis will illuminate how the judicious separation of concerns between these layers can engender enhanced scalability, flexibility, and interoperability within the blockchain domain, ultimately shaping the future trajectory of decentralized applications and networks.

In this post, we analyze the specific ZKP constructions implemented in Binance’s tss-lib [1]. These proofs address previously identified weaknesses in the Multiplicative-to-Additive (MtA) protocol, Paillier encryption parameters, and auxiliary RSA modulus generation. Our discussion is grounded in the improvements formalized by the specifications in CGGMP21 [4], which strengthen the robustness of threshold ECDSA against known attacks.

In our 2025 RWA Security Report, we look at the evolving security landscape of RWAs, outlines how CertiK’s Skynet RWA Framework provides structured criteria for assessing protocol risks, and highlights the performance of leading platforms such as Ondo Finance, Paxos, and Tether.

In this article, we delve into the concept of cross-contract calls and examine the distinctions between Solidity and Move contracts in this area. We will assess the mechanisms and security of executing cross-contract calls in Move, aiding developers in better comprehending how to manage contract interactions within the Move environment.

Professor Gu recently sat down with Forbes China to discuss his journey from academia to Web3 security, and how mathematical rigor continues to shape his approach to innovation. In this blog, we’ll look at highlights from his interview, including his academic background, how he founded CertiK, and how CertiK is influencing blockchain security.

On 10 August 2025 Numa protocol was exploited for ~$313k. A malicious actor acquired additional Numa tokens by liquidating victim accounts after manipulating the NumaVault by minting nuBTC. Minting the nuBTC inflated the total synth value and in turn, reduced the collateral value of cNuma according to the Numa VaultManager logic.

This post details two security incidents involving the Lottie animation format and its ecosystem, highlighting the persistent and evolving nature of third-party dependency and supply chain risks in the modern web landscape.

In this post, we provide a detailed examination of the MtA protocol, which utilizes the additively homomorphic properties of the Paillier encryption scheme to facilitate the exchange of encrypted secret shares among the participating parties.

In our 2025 Stablecoin Report, we look at the current stablecoin landscape, vulnerabilities that affect stablecoins, and how CertiK’s Skynet Security Score can help evaluate stablecoin security.

As Web3 adoption continues to accelerate, many central banks and institutions are developing digital asset products, such as stablecoins, to support the stability of existing blockchain ecosystems while offering transparency, speed, and flexibility. However, such stablecoin innovations must win user trust, meet regulatory requirements, and integrate with existing Web3 systems in order to acquire mainstream adoption. In the context of rigorous compliance frameworks, formal verification is a promising methodology to help build reliable stablecoin contracts by verifying essential compliance requirements.

Binance Wallet is enhancing user security by integrating Skynet Token Scan, a powerful tool developed by CertiK’s security researchers. This new feature puts on-demand security intelligence directly into the hands of Binance Wallet users, empowering them to make safer, more informed decisions.

On 9 July 2025 GMX V1 vault was exploited by a white-hat for ~$42M due to a reentrancy issue. The funds were later returned to GMX who awarded the white-hat a 10% bounty. The whitehat had minted and then staked GLP before creating a short position directly from the vault contract through reentrancy. Executing in this order bypassed the ShortsTracker, and prevented the average short position price from being updated. This occurs when the market price exceeds the tracked average price, resulting in the protocol overestimating unrealized losses. As a result, the Assets Under Management (AUM) calculation was manipulated to inflate the apparent value of GLP.

On 15 July 2025, a malicious actor took advantage of a lack of input validation in Arcadia Finance’s Rebalancer contract to obtain assets by paying off a portion of a user’s debt and withdrawing the underlying assets for a net gain of ~$3.6M.

This third post in the Threshold Cryptography series provides a bird’s-eye view of the 9-round threshold ECDSA protocol implemented in tss-lib [1]. Detailed exposition of the underlying MtA secret share conversion protocol and zero-knowledge proofs will follow in the next two posts.

Stablecoins are a type of crypto-asset designed to maintain a stable price by linking each token to an external reference asset, most often a national currency like the U.S. dollar, but sometimes commodities like gold. In theory, every coin in circulation should be redeemable for an equal amount of that reference asset, protecting holders from the sharp price fluctuations typical of unpegged digital currencies.