MoveBit

MoveBit

16,633 Twitter followers

Follow

MoveBit is a security company focused on the Move ecosystem and building the standard for secure Move applications.

Posts

Security first vIOTA passed the @MoveBit_ audit 0 Critical. 0 Major. All issues fixed Full report 👇 http:/movebit.xyz/reports/2026...… 3 days 👀 #IOTA

🔐 Stop guessing and start protecting. BitsLab Safe v1.0.5 brings a full enterprise-grade security dashboard directly to your browser. 🔗 Add to Chrome NOW: bit.ly/4bnyKa1 What can BitsLab Safe protect? Web3 Access Security: Real-time protection across DApps and DeFi protocols. Twitter Phishing Protection: Instantly identifies and blocks malicious links on X. AI Account Blocking: Automatically silences AI bot spam and social engineering traps. Security Insights: Track your "Detected" and "Blocked" threats in real-time. Try it now: bit.ly/4bnyKa1 twitter.com/MoveBit_/status/20...

A Tour of Invariant Testing is coming this week 🏃 We’re releasing a hands-on tutorial on invariant testing in Move, built on our research around Movy and real-world contract behavior (Sui flavor). The tutorial walks through how to test invariants across multiple transactions, instrument function execution with pre/post hooks, and catch real invariant violations during fuzzing — not just unit test failures. If you’re building with Move and want correctness guarantees beyond “type-safe by default,” stay tuned. Tutorial drops this week.

We’ve just released a new research work from MoveBit Belobog: A Real-World Attack-Oriented Fuzzing Framework for Move 📄 Read Paper (arXiv preprint): arxiv.org/abs/2512.02918 🌪️ Move is often seen as “safer by design.” But in real audits, the most serious issues rarely come from syntax or type errors — they emerge from system-level behavior: cross-module interactions, privilege assumptions, state-machine edges, and composable call sequences. Fuzzing Move is hard because inputs must be type-correct and semantically reachable. If transactions can’t execute, deep states — and real exploit paths — are never reached. Belobog treats Move’s type system as guidance, not a barrier: 💍 type-guided transaction generation 💍 concolic execution to break through heavy constraints 💍 evaluated on 109 real-world Move projects, detecting 100% of Critical and 79% of Major vulnerabilities confirmed by experts, and reproducing full exploits from real incidents 👉 Paper (arXiv preprint): arxiv.org/abs/2512.02918 (Submitted to PLDI’26 — we’ll share updates after peer review.)

Privacy isn’t a feature — it’s infrastructure. As agents, automation, and real-world data move on-chain, privacy primitives need to be designed in from day one, not patched later. Thoughtful insights from @a16zcrypto and the Sui team 👏 twitter.com/MoveBit_/status/19...

THANK YOU, INNOVATORS! 🌟 Last night’s AI x Web3 Meetup in Palo Alto with @StoryProtocol & @TechTrendsWeb3 was nothing short of epic! 🔥 👏 Highlights that blew our minds: ✨ Dr. Sandeep Chinchali’s @SPChinchali deep dive into Neuro-Symbolic AI + Crypto—where logic meets

BitsLab's New Research: Kasplex L2 - A Light-Weight Based Rollup Solution on Kaspa @KaspaCurrency 🧐 Our technical analysis explores Kasplex L2, a based rollup enabling smart contracts on Kaspa. Key insights: 1️⃣ Understanding Kaspa Layer 1: A High-Throughput UTXO Blockchain

🚨 Under BitsLab’s "Web3 Securing Plan", our security team discovered and assisted in patching an arbitrary notification spoofing vulnerability in a top wallet’s Android App. 🔍 Vulnerability Details: 🛑 Root Cause: A design flaw in the wallet’s code allowed attackers to

🚀 BitsLab is teaming up with @StoryProtocol & @TechTrendsWeb3 for an exclusive AI × Web3 Meetup! 🗓️ May 19 | 6‑8 PM PDT 📍 Story HQ — 248 Homer Ave, Palo Alto ⚡ Lightning talks you won’t want to miss: 🧠🤖Dr. Sandeep Chinchali (UT Austin) on Neuro‑Symbolic

Loading..