Not Your Crypto Podcast

Hosted by Justin and Michael

TechnologyInterviews guests

Website RSS feed YouTube

Episodes

Latest episode

May 2026

Language

About the show

You might call this a Web3 security podcast, and you’d be right. The transparency and culture of the scene makes it a vibrant canvas to study, and we break down the biggest and most technically intriguing attacks in the space. But we think there’s more. When things break, they show you something deeper about how they work, and what they are. Like it or not the internet is different than it was. Join us as we take a critical eye to how it’s changing, by looking at how it fractures. Ideas welcome at notyourcryptopodcast at gmail.com

Listen to episodes

31 recent

May 10, 2026Episode 31 hr 5 min

Lost in the (sea)weeds

Wow. This has been one of the biggest months ever for crypto hacks, so we’ve got a lot to work with.Let’s start here. On April 18th, a bridge used to transfer KelpDAOs liquidity token between chains got a message.The message said a user wanted to transfer tokens from unichain to ethereum, and that the tokens were already sent on the unichain side. So, the bridge did what it always does, and released tokens back to them on ethereum.The only problem was, the message wasn’t real.Bridges have often been the soft underbelly of crypto protocols. So how did it happen? We’ll dive into Kelp, the LayerZero protocol, and how attackers got onto two servers that turned out to be securing the whole thing.By the way, this episode starts with an explanation of KelpDAO, a “liquid restaking provider”. Don’t worry if you get lost in the seaweeds on that, we did as well. Just keep going. Now on to it.

April 12, 2026Episode 21 hr 1 min

You know nothing, John Snow

The jokes just write themselves with this one. In this episode, we bumble our way through an overview of Zero Knowledge Proofs, another entry in cryptography’s long line of mind benders.ZKPs come from one of the most consequential decades in history for nerds like us. Forget Classic Rock and the emergence of Hip Hop, the cryptographers were the ones really cooking from the mid 70s to the mid 80s, with incredible bangers like Public Key crypto, Diffie-Hellman key exchange, Cryptographic Hashing, and of course the beautiful Merkle Trees that gave us our blockchains.After that though, ZKPs were kinda shelved. But if there’s one thing crypto and Web3 have been good at, it’s inventing new abstract problems that need a nifty technical solution.So what are ZKPs, how do they work, and what do they unlock for the builders? We can’t promise you’ll come away from this episode knowing a lot, but hopefully it’s more than Zero. It’s worth a shot.

January 28, 2026Episode 158 min

Balancing Act

Building on top of a gnarly bug in some dex math, an attacker constructs a flashswap strategy that leaves a crypto protocol’s liquidity pools drained of over a hundred million dollars. Wait wait wait, haven’t we seen this before? Don’t worry, this isn’t Cetus Part 4. Instead, we’re talking about the November 2025 hack of Balancer. You see, when Balancer was doing its math on your transaction, there was one small step that would always round a number down. A small thing maybe, but when you’re a galaxy brain hacker with all the tools of defi at your disposal, you’ll find a way to lever that up into millions of dollars. Let’s find out how.

December 21, 2025Episode 131 hr 21 min

It's getting chilly outside

We continue to be mostly uninterested in the ebbs and flows of the crypto market, but if we’re not yet in a winter, crypto has at least had a significant frost.That, combined with the looming end of year, inclines one to reflection.In this episode, we look back at the big product developments this cycle, and cast our exacting judgement - are we any closer to a decentralised internet? And does that still mean anything?Call us idealists, but that vision is one old acquaintance that shall not be forgot. For anyone who listened this year, thank you, and see you in 2026, when we’ll see if this winter of our discontent is made glorious summer. At the least, we’ve got some hacks queued up to yap about.

November 9, 2025Episode 1253 min

Governance Comes at you Fast

Our brains may have finally recovered from researching liquidity pool formulae for the Cetus episodes, so let’s pop another defi hack off the stack and see what we got.In April of 2022 (ancient history I know), an algorithmically backed stablecoin protocol called Beanstalk was drained to the tune of 181 million dollars. But that's not even close to the biggest number you’ll hear in this episode.What was the vulnerability? I’ll bet there was a juicy one in that smart contact. Well... not really? You see, the attacker flashloaned themselves 1 billion (!!!) dollars, then staked that in the beanstalk contract and minted a supermajority of the governance token supply.With that control they could immediately force through emergency proposals, including two of which they had prepped a day earlier to drain the funds.Bueller? Bueller?? Maybe dont take that day off, cause governance comes at you fast.Notes:Windwaker Speed Run: youtube.com/watch?v=FTry_ZJnUIg

October 26, 2025Episode 1155 min

Bringing Crypto to the Laundromat

When stuff gets hacked, there’s a lot of focus, rightfully, on the exploit. How did it happen? Which smart contract had a vulnerability? How’s it get fixed?The exploit, though, is just a small part of the story. By and large, attackers don’t want to degen with a massive bag of tokens. They want something more useful - no offense to the crypto heads.That means they need to cash out. But you can’t just roll up to a centralized exchange and click a few buttons. They’ll ask too many questions, and will freeze your funds before they give you the cash.So, what’s a hacker to do? In this episode, we return to the ByBit hack, still the largest on the books. The attacker wants to exchange and move their crypto in a way that’s difficult for observers to trace. That’s not a simple task on a public ledger. So what do they reach for?Let’s find out.

September 21, 2025Episode 1042 min

Are DAO's DOA?

Betteridge’s law aside, DAOs have been around for nearly as long as you could code on the blockchain (which, I guess, hasn’t been that long). In fact one just called “The DAO”, and its associated hack, was one of the defining events of early crypto.DAOs are decentralized organizations that you participate in by voting with a governance token that you own and stake.But, this is crypto, and everything is an asset. That includes not just your token, but also your vote. So, what if you sold it?In this episode, we explore the consequences of the vote delegation market, where voting power in DAO governance is bought and sold.Board positions. Community fund disbursements. Protocol updates. All for sale - but what’s the price?A wise man once said show me the incentive, and I'll show you the outcome. It’s not always quite that simple, but crypto sure gets close.

September 7, 2025Episode 942 min

Selfish Mining: All You Need is a Bit of Luck

51% attacks have always been an animating theme in blockchain security. Since the integrity guarantees come from distribution, how do they break when one player gets the majority of the hashrate?Well, that was the question facing the Monero community in August after an actor entered the game, rained hashpower from the sky, and (very) publicly pulled off a six block reorg of the chain.But immediately after the announcement of a successful 51% attack hit the TL, another narrative emerged, claiming the numbers didn’t add up. No one saw the hashrate pass 50% of the network. And, you see, reorgs can happen at significantly less than 50%.In this episode, we cover selfish mining, the events around Monero in mid August, and the unique approach to Proof-of-Work that let it all come together.Sometimes, all you need is a bit of luck.

August 24, 2025Episode 849 min

Cetus, Part III - I’ll take that crypto back, please

So, just over 200 million dollars is gone from Cetus’ liquidity pools. Damn. Time to call the insurance broker and make a claim. Just play it cool on the phone. Right?Wrong, of course. In crypto, the exploit is just the first shot fired. The ambush that takes you off guard. Keep your head up, and you’ll find that the attacker still has a long road ahead of them to navigate their massive bag through the ecosystem and cash out.And that ecosystem, well, it isn’t inclined to make things easy. When every validator, and every stake holder is against you, every second counts to get your bag out before you get frozen, or worse.This is the story of an ecosystem coordinating to recover the funds it lost. But how does that happen? And what does it mean when, acting together, it can seize tokens from an address?We’re glad to be back and philosophizing. Just don’t ask us how liquidity pools work again.

July 13, 2025Episode 734 min

Cetus, Part II: Integer overflows triumphant return

If we can be sentimental for a second, some things in life remind you of simpler times. Maybe it’s a well loved book, or a familiar place. For us, nothing dials up the nostalgia like the return of a vintage vulnerability.In this episode, we continue our discussion of the Cetus hack. With the defi side covered in Part I, we now turn to the central mystery - how did the attacker manage to add a massive amount of liquidity with a single token?Well, there is one bug that will make a big number, small. And this one was perfectly placed to turn the key and unlock hundreds of millions of dollars.Integer overflows are back. And they’ve still got a few tricks to play