Web3Exploit studies failures at the source level.
The site is built for individual builders and security-minded teams who need concise case research, not a hand-maintained incident archive.
Web3Exploit focuses on a small set of high-signal cases and explains how business impact maps back to trust boundaries, privileged code paths, signing flows, and operational controls. The goal is to make each case useful during real code review and protocol design work.
Each case is built from public incident reports, on-chain evidence, and security-firm technical analysis. When exact source code is not verified, code snippets are labeled as representative and confidence notes explain which claims are firm versus inferred.
Public reporting changes after incidents. Corrections are expected: if a source, transaction, or interpretation becomes stale, the case should be updated rather than treated as final.
