BurraSec (@burraSec) / X

BurraSec

44 posts

BurraSec

@burraSec

Securing Cross-Chain Protocols. DM for security review @windhustler. About: burrasec.com

github.com/burrasec/Secur…

Joined March 2025

Following

460

Followers

BurraSec
@burraSec
Jun 11, 2025
We’re thrilled to announce our crosschain security audit for @PancakeSwap, the leading multichain decentralized exchange. We’ve reviewed their @AcrossProtocol crosschain integration contracts to make them secure for Defi users.
00:25
PancakeSwap
@PancakeSwap
Jun 11, 2025
⚡️Introducing Crosschain Swaps, powered by @AcrossProtocol Swap tokens across @BNBCHAIN, @arbitrum & @base in one click. No bridges, no app switching. Start swapping → pancakeswap.finance/swap Full announcement → blog.pancakeswap.finance/articles/cross…
17K
BurraSec
@burraSec
Apr 8, 2025
Thrilled to announce our security partnership with @centrifuge! We’re securing their cross-chain integrations ahead of their V3 launch.
9.6K
BurraSec
@burraSec
Apr 9, 2025
Smaller security firms not getting enough deals is mostly a marketing/business problem. That’s why our first hire at @BurraSec is a BD. We have the technical expertise but not enough projects are aware of our offering. Time to get the word out!
932
BurraSec
@burraSec
Mar 24, 2025
💡LayerZeroV2 Security Tip💡 Don't rely on the gas limit and msg.value 🫱🏻‍🫲🏼 All the metadata passed as options to the `Endpoint::send` function is simply an off-chain agreement with the Executor. The `lzReceive` function on the destination chain can be executed by anyone with
2.1K
BurraSec
@burraSec
May 6, 2025
The report for the 1st security review for the @centrifuge team can be found: github.com/burrasec/Secur… There are a few interesting issues around refunds.
6.9K
BurraSec
@burraSec
May 7, 2025
Our webpage is live! In just 1 month, we’ve partnered with Centrifuge & Brahma to deliver top-tier security services. More partnerships coming soon! Check out burrasec.com & tell us what you think!
burrasec.com
BurraSec
Security Audits Done Right.
1.8K
BurraSec
@burraSec
Apr 21, 2025
Partnership announcement with @BrahmaFi. We're going to be reviewing their NFTs based on LayerZero's ONFT721 standard.
3.2K
BurraSec
@burraSec
Apr 22, 2025
Starting the week with another security review of @centrifuge's cross-chain integration contracts!
1.8K
BurraSec
@burraSec
May 8, 2025
The report for the 2nd @centrifuge security review can be found: github.com/burrasec/Secur… It includes a critical re-entrancy vulnerability that was introduced during code refactoring after the first review. The team succesfully resolved all the issues!
BurraSec
@burraSec
May 6, 2025
The report for the 1st security review for the @centrifuge team can be found: github.com/burrasec/Secur… There are a few interesting issues around refunds.
2.4K
BurraSec
@burraSec
May 22, 2025
We're in the process of reviewing the last changes from the Centrifuge team in our 3rd audit.
BurraSec
@burraSec
Apr 22, 2025
Starting the week with another security review of @centrifuge's cross-chain integration contracts!
1.9K
BurraSec
@burraSec
Jun 11, 2025
The security review report for @BrahmaFi is available at: github.com/burrasec/Secur…. Only Low & Info issues were found, and congratulations to the Brahma team for their product launch!
BurraSec
@burraSec
Apr 21, 2025
Partnership announcement with @BrahmaFi. We're going to be reviewing their NFTs based on LayerZero's ONFT721 standard.
988
BurraSec
@burraSec
Mar 24, 2025
Replying to @burraSec
❤️ If you find the tip useful, visit github.com/windhustler/In… for other integration advice for LayerZeroV2, Arbitrum, and Chainlink CCIP. If your protocol is integrating with LayerZero, contact our chief of security @windhustler to get your code secured!
BurraSec
@burraSec
Mar 24, 2025
💡LayerZeroV2 Security Tip💡 Don't rely on the gas limit and msg.value 🫱🏻‍🫲🏼 All the metadata passed as options to the `Endpoint::send` function is simply an off-chain agreement with the Executor. The `lzReceive` function on the destination chain can be executed by anyone with
GitHub - windhustler/Interoperability-Protocol-Security-Checklist
From github.com
487
BurraSec
@burraSec
Mar 24, 2025
Replying to @burraSec
3⃣ Enforcing certain gas limit in the `lzReceive` function, e.g. `SafeCallMinGas.sol` contract from Liquity — github.com/liquity/V2-gov….
359
BurraSec
@burraSec
Mar 24, 2025
Replying to @burraSec
Bug example:
Smart Contract Vulnerability Dataset - Cyfrin Solodit
From solodit.cyfrin.io
595