Audits
Public disclosures, competitive audit work, and selected private technical reviews.
Security work across smart contracts, blockchain infrastructure, zero-knowledge systems, MPC, FHE, and applied cryptography.
If you’re evaluating fit for an audit, this page is the fastest summary of the types of systems I review, the classes of bugs I find, and the public/private track record behind that work.
What this work covers
- zkVMs and proof-system components
- Layer 2 infrastructure and validator logic
- smart contracts and high-value protocol code
- Rust cryptography and verifier implementations
- architecture review for systems with adversarial trust assumptions
Selected public disclosures
[redacted] (zkVM)
- Date: Jan 2026
- Finding: 1 Critical
- Summary: Soundness-impacting issue identified in core proof verification logic.
GOAT Network
- Date: Jan 2026
- Finding: 1 High
- Summary: Incorrect slash fraction validation allowed negative slashing, validator inflation, and token siphoning.
- Public writeup: /blog/goat-slash-fraction-bypass/
LeanEthereum / leanMultisig (zkVM)
- Date: Feb–Mar 2026
- Finding: 1 High, 2 Medium
- Summary: Transcript collisions from zero-padded scalar absorption in a Fiat–Shamir backend.
LeanEthereum / leanSig
- Date: Feb 2026
- Finding: 1 High
- Summary: Lack of completeness in signature scheme or proof verification logic.
[redacted] (FHE)
- Date: Jan 2026
- Finding: 1 High, 2 Medium
- Summary: Ciphertext rotation flaw and predictable on-chain randomness.
Competitive audit record
| Project | Area | Date | Result |
|---|---|---|---|
| Citrea | Infrastructure | Aug 2025 | 11 findings |
| Geneius Contracts | Solana | Jul 2025 | 6th Rank — DoS in Solana via order_hash collision |
| Genius Foundation | Infrastructure | Jul 2025 | 4 findings |
| Succinct | Infrastructure | Jul 2025 | 1 finding |
| Sorella Angstrom | Patrol / AMM | Jun 2025 | 4th Rank — Fees stolen by changing initialized ticks |
| Telcoin Network | Infrastructure | Jun 2025 | 2 findings |
| Nitro Labs / Solaxy | Infrastructure | Jun 2025 | 8th Rank — Stale owner index ghost programs |
| Space and Time | Infrastructure | May 2025 | 2 findings |
| Alchemix v3 | DeFi | May 2025 | 1 finding |
| DefiApp | DeFi | Feb 2025 | 1 finding |
| FarcasterAttestation | Protocol | Jan 2025 | 16th Rank — Lack of ERC-165 compliance leads to failures |
| Daao | Protocol | Jan 2025 | 6 findings |
| Chorus One | Infrastructure | Jan 2025 | 6 findings |
| StakeUp | Protocol | Oct 2024 | 1 finding |
| InfinityPools | AMM | Oct 2024 | 1 High |
| Symbiotic | Infrastructure | Sep 2024 | 1 finding |
| ZeroLend One | Lending | Aug 2024 | 1 High, 1 Medium |
| Winnables Raffles | NFT | Aug 2024 | 1 finding |
| Tadle | Protocol | Aug 2024 | 1 finding |
| LoopFi | Lending | Jul 2024 | 1 finding |
| Napier | DeFi | Jun 2024 | 9th Rank — Loss of funds due to not collecting fees |
| RadicalxChange | Auctions | Mar 2024 | 3rd Rank — Highest bidder can withdraw collateral |
| Napier | DeFi | Feb 2024 | 1 Medium |
Selected private technical reviews
| System | Stack | Date | Summary |
|---|---|---|---|
| Infrastructure Verifier | Rust / ZK | Oct 2025 | Private (1C, 2H, 3M, 11L) |
| Privacy-focused Dark Pool AMM | Solidity | Oct 2025 | Private (5H, 5M, 27L) |
| ZK-Infrastructure Component | Rust / ZK | Nov 2025 | Private (1H, 3M, 6L) |
| Payment Protocol Core | Solidity | Oct 2025 | Private (1M, 9L) |
| Rust Cryptography Libraries | BLS / crypto | Sep 2025 | Private (2M, 7L/I) |
| Privacy-preserving Payment System | Solana | Sep 2025 | Private |
| Infrastructure ZK Verifier | Rust | Jun 2025 | Private |
| L1/L2 Infrastructure Review | ZK / Rust | May 2025 | Private |
| Core ZK-Infrastructure Audit | Rust | Apr 2025 | Private |
Public profiles
Need a review?
If you’re preparing for launch, evaluating a design, or want a focused review of a complex system, you can request an audit or book a call.