BREAKING
KELP DAO $292M drained via forged LayerZero DVN messages — Lazarus Group 19 APR 2026
QuiverCrypto
LIVE Subscribe
Glossary

Security lexicon.

Key terms in DeFi security — from vulnerability classes to threat actors to protocol architecture patterns.

DVN Bridge
Decentralised Verifier Network — a set of independent nodes that attest cross-chain messages in protocols like LayerZero. A compromised or forged DVN threshold can allow attackers to mint arbitrary tokens on the destination chain.
Flash Loan Attack Vector
An uncollateralised loan that must be borrowed and repaid within a single atomic transaction. Enables attackers to temporarily control large capital positions at zero cost to manipulate prices, governance votes, or protocol state.
Reentrancy Vulnerability
A contract vulnerability where an external call is made before state is updated. The called contract re-enters the original function, reading stale state (e.g. an unchanged balance) to drain funds before the update occurs.
MEV Concept
Maximal Extractable Value — profit extracted by block producers or searchers by reordering, inserting, or censoring transactions within a block. Includes sandwich attacks, arbitrage, and liquidation frontrunning.
Oracle Manipulation Attack Vector
Inflating or deflating an on-chain price feed — typically a spot DEX price — to trigger favourable protocol behaviour: over-borrowing, under-collateralised positions, or inflated payouts.
Proxy Pattern Architecture
A smart contract architecture where a proxy contract delegates execution to an implementation contract. Upgrade vulnerabilities arise when the upgrade function is unprotected or storage layouts clash between versions.
Durable Nonce Solana
A Solana mechanism allowing transactions to be signed offline and submitted later without expiring. Abused by Lazarus Group in the Drift Protocol attack to stage pre-signed withdrawal transactions during credential exfiltration.
Access Control Vulnerability
The set of permissions governing who can call privileged contract functions. Missing modifiers, broken ownership transfers, or uninitialised proxies allow attackers to call admin functions without authorisation.
Invariant Concept
A property that must always hold true in a protocol — e.g. total minted tokens ≤ total locked collateral. Bridge exploits typically violate this invariant by minting on the destination chain without locking on the source.
Delegatecall EVM
An EVM opcode that executes code from another contract in the caller's storage context. Misused delegatecall is a common attack vector in proxy patterns and module systems.
TWAP Oracle
Time-Weighted Average Price — an oracle design that averages price over a time window to reduce manipulation cost. Attackers must sustain a manipulated price for the full window, increasing the capital required.
Lazarus Group Threat Actor
A North Korean state-sponsored threat actor (DPRK) attributed to over $3B in crypto theft since 2016. Specialises in long-term social engineering infiltrations of DeFi teams and exchange custody systems.
Post-mortem Research
A forensic analysis of a security incident published after the fact. QuiverCrypto post-mortems are built from on-chain evidence and published independently of protocol communications.
TVL Metric
Total Value Locked — the sum of all assets deposited in a protocol's smart contracts. High TVL makes a protocol a high-value target. TVL figures are often cited as the scale denominator for exploit losses.
Slippage DeFi
The difference between expected and actual execution price of a trade. Protocols without slippage protection can be exploited via sandwich attacks or price manipulation during large trades.
Weekly digest · Free

Get the post-mortem
before the protocol does.

Confirmed exploits, attack vector breakdowns, and recovered-funds updates delivered every week. Independent — no protocol sponsorships, no advertising.

No ads · No spam · Unsubscribe anytime