April 10, 2026
featured post

Polygon Labs' two-team security structure: where most Web3 breaches actually start | Mudit Gupta

ZK infrastructure carries more bugs than the smart contract layer — and the only thing preventing large-scale exploits is that the number of people capable of executing them is countable on two hands.

ZK infrastructure carries more bugs than the smart contract layer — and the only thing preventing large-scale exploits is that the number of people capable of executing them is countable on two hands. Mudit Gupta, CTO of Polygon Labs, makes the case for why that gap is the most underestimated risk in Web3 right now.He also breaks down the two-team security structure most protocols are missing, what a near 10x spike in bug bounty submissions since August reveals about how AI audits code differently than humans, and why his team had to build a counter-AI triaging agent just to keep up with volume.

More Web3 Security Insights

Step Multisig Process Protecting Billions | Chris von Hessert

Polygon protects billions through a rigorous 13-step multisig process. In this episode, Chris von Hessert breaks down the real challenges, ethical dilemmas, and strategic truths of Web3 security. Essential for anyone serious about moving beyond crypto hype.

Sep 10, 2025

Validator sniping: How to harvest IP addresses to redirect MEV | Sebastian Bürgel (Gnosis)

This week, the VP of Technology at Gnosis, Sebastian Burgel, joins Jack Sanford to discuss network-layer security gaps, the early days of building on Ethereum, and more.

Oct 10, 2025

Cosmos Labs' 3 pivots in 6 months: Timeboxing experiments to find PMF | Barry Plunkett

This week Barry Plunkett, co-CEO of Cosmos Labs, joins our CEO Jack Sanford to discuss prioritizing security in development, Cosmos Hub deployment, and more!

Oct 22, 2025

Secure Your Protocol with sherlock

Sherlock delivers complete lifecycle security, from early development to protection on live code. Tell us what stage you’re in and we’ll help you from there.
Contact Our Team

Products

Collaborative Audits

Audit Contests

Bug Bounties

Sherlock AI

Sherlock Shield

Live Security

Leaderboards

App

Live Audits

Live Bug Bounties

Resources

Blog

Docs

Brand Kit

Lifecycle eBook

Referral Program

Sherlock secures Web3 protocols across development, launch, and live operation through a unified lifecycle security model.

Sherlock’s services do not constitute a guarantee against all security incidents or losses. Responsibility for protocol operation and risk management remains with the protocol team.

Follow Us On

Copyright © Sherlock Protocol 2026. All Rights Reserved.