FEATURED PODCAST

November 19, 2025

Coinbase's audit standard: Internal security so strong externals find no criticals| Shashank Agrawal

We spoke with Shashank Agrawal, Head of Security at Base, about Coinbase's audit standard. Their internal security is so thorough that external firms find zero highs or criticals. This protects over $7 billion in Base TVL across multiple validation rounds. Listen to the full episode for their complete audit methodology and hiring framework.

Coinbase's audit standard: internal security so thorough that external firms find zero highs or criticals. This protects over $7 billion in Base TVL across multiple validation rounds.

We spoke with Shashank Agrawal, Senior Engineering Manager, Protocol Security at Coinbase. Internal teams audit first, then external firms. Rounds continue until only lows and informationals surface. The Base bridge got independent OP Stack validation despite Optimism's audits. "There is basically no room for error there. Absolutely zero room for error," Shashank explained.

Off-chain infrastructure gets equal priority: key management receives the same rigor as smart contracts since recent Web3 exploits increasingly target keys over on-chain code. Tabletop exercises simulate attacks across security, legal, and compliance teams to identify incident response gaps.

Listen to the full episode for their complete audit methodology and hiring framework.

Next Podcasts

More Web3 Security Insights

November 19, 2025

Ethereum Foundation's path to 10,000 TPS and Bitcoin's 51% attack risk | Justin Drake

Jack Sanford speaks with Justin Drake from the Ethereum Foundation about the security economics driving L1 infrastructure over the next decade.

October 26, 2025

Cosmos Labs' 3 pivots in 6 months: Timeboxing experiments to find PMF | Barry Plunkett

This week Barry Plunkett, co-CEO of Cosmos Labs, joins our CEO Jack Sanford to discuss prioritizing security in development, Cosmos Hub deployment, and more!

November 6, 2025

Centrifuge's serial audits: 6 security reviews that reshaped RWA architecture | Jeroen Offerijns

In this episode, Jeroen walks through Centrifuge's controversial security methodology, their co-authorship of the ERC-7540 standard with competitor Maple Finance, and why they're building freely immutable infrastructure modeled on Maker's 6-year-old vat contract that has never needed an upgrade.

October 13, 2025

Validator sniping: How to harvest IP addresses to redirect MEV | Sebastian Bürgel (Gnosis)

This week, the VP of Technology at Gnosis, Sebastian Burgel, joins Jack Sanford to discuss network-layer security gaps, the early days of building on Ethereum, and more.

October 13, 2025

Safe's $60B security stack: Formal verification, audits, and $1M bounties | Richard Meissner

This week Richard Meissner, the Co-Founder of Safe joins Jack Sanford to discuss securing $60B in TVL, the future of Ethereum and more.

September 17, 2025

Securing $23 billion in restaked assets with Anto Joseph, Principal Security Engineer at Eigen Labs

Eigen Labs secures $23 billion in restaked assets with Anto Joseph, Principal Security Engineer.

September 11, 2025

How to secure $70 billion in DeFi: Aave's approach to Web3 security w/ Ernesto Boado

Ernesto Boado explains how Aave protected $70 billion in DeFi with a strategic security focus, upgrades, DAO coordination, and flawless documentation—showing the real wins and challenges of scaling and innovating in Web3 without losing resilience.

September 11, 2025

Step Multisig Process Protecting Billions | Chris von Hessert

Polygon protects billions through a rigorous 13-step multisig process. In this episode, Chris von Hessert breaks down the real challenges, ethical dilemmas, and strategic truths of Web3 security. Essential for anyone serious about moving beyond crypto hype.

October 22, 2025

Security Lessons from the oldest bug bounty program w/ Fredrik Svantes (Ethereum Foundation) Sherlock Podcast

Fredrik Svantes runs Ethereum's $2 million audit competitions and the world's oldest blockchain bug bounty program—here's how he filters AI spam from real vulnerabilities and secures trillion-dollar infrastructure. From World of Warcraft gold farming detection to protocol-level security at Ethereum Foundation, Fredrik reveals the systematic approaches that actually work at scale.