Decentralised networks still fail at the protocol boundary.
NullRabbit investigates how hostile or malformed network inputs become computation, memory pressure, bandwidth consumption, validator downtime and economic loss.
We reproduce the mechanisms, preserve the evidence, and build defences that can act before a node absorbs the full cost.
Between the contract and the server, there is a boundary no one watches.
Most security systems monitor what happens above the node, or after the node begins to fail. NullRabbit studies the hostile input and the mechanism that produced the failure: the point where a small or inexpensive network message forces a validator into disproportionate work.
Start with the error, not the theory.
Paste what you're seeing. Each entry routes onward to whatever exists: the mechanism, an advisory, an NRDAX technique, a research post, or the incident intake. Where there is no explanation yet, it says so.
Published self-falsification is what makes the rest of the advisories worth reading. When a finding does not survive re-verification, NullRabbit pulls it and says why.
Research that stops at a blog post decays. NullRabbit gives every mechanism it finds a permanent identity and a live view.
NullRabbit assigns stable identities, evidence and machine-readable classification to the mechanisms it investigates. Maintained as a public technical registry with stable terminology.
NullRabbit tracks validator behaviour, incidents and stake associated with validators currently meeting specified risk conditions, across decentralised networks, updated continuously.
What every finding is expected to carry.
NullRabbit is led by an independent researcher focused on transport-layer attacks, validator failure and autonomous defence for decentralised networks.
Authorship is visible on every advisory and research page. The company reads as institutional while the expertise accumulates around a clearly identifiable investigator.
Something happened that does not fit the dashboard?
Send NullRabbit the artefacts. Real incident intake, not a sales-lead form. If there is nothing to explain it yet, it becomes an open question, not a padded page.

