Findings & field notes
from bytecode to proven exploit

How the Trilocore team finds and proves smart-contract vulnerabilities — with the BEVM workbench and the Janus AI analyst. Retrospectives on real hacks, methodology deep-dives, and the story of how we got here.

Story June 15, 2026 · 8 min read

From a fuzzer experiment to a security platform: the Trilocore story

How a GPU-accelerated EVM fuzzer grew into BEVM — a Burp Suite for the EVM — and Janus, an attacker-minded AI analyst. History to present, honestly told.

Read the story →
BEVM Janus June 15, 2026 · 9 min read

The exploit hiding in dead code: orphan-block DELEGATECALL

A class of bug most tools never see — a dangerous opcode in a “dead” block reachable only via a computed jump. How BEVM’s CFG + GPU fuzz surface it and Janus explains the kill chain.

Read the walkthrough →
BEVM Janus June 15, 2026 · 10 min read

Re-auditing the Euler attack: what BEVM + Janus surface from bytecode alone

A retrospective on the $197M Euler Finance exploit (March 2023). We walk the public, documented attack through our pipeline — donation, self-liquidation, and the missing health check.

Read the retrospective →