What we audit
We secure protocol code, infrastructure, and ecosystem integrations across the chains and platforms where risk moves fastest.
We’ve worked extensively with the Solana Foundation on auditing the Solana Core code, along with Account Compression.
Our experience doesn’t end there: we’ve taken this deep knowledge and applied it to our audits on a number of well-known protocols building within the ecosystem, including Marginfi, Parcl, Jupiter, Mayan, Jito, Ellipsis Phoenix, Raydium, Tensor, Squads, Kamino, GooseFX, Pyth, and more.
We offer both white-box and black-box testing, depending on each project’s individual needs. We’ve analyzed the relationship between Web 3 applications and the large, unexplored Web 2 attack surfaces still present within them, which you can read about here.
We’ve also done extensive research into MetaMask’s Snaps sandboxing environment. You can learn more about this research and other work we’ve done on our blog.
We’ve built out our own tooling, and developed a novel verification framework for Solana. We’ve also worked with the Aptos core team to formally verify their standard library.
We’re fuzzing experts. We’ve worked on differential compiler fuzzers for Vyper, novel differential transactional fuzzers for Solana validators, which led to the discovery of multiple critical denial of service issues, rBPF JIT fuzzers resulting in multiple denial of service and integrity issues, and Move VM bytecode fuzzers resulting in over half a dozen crashes.
How we audit
Different systems call for different techniques. We pick the mix that fits yours.
Our auditing process
We keep the work focused and the communication clear, from the first scoping call to the final report.
Get secured now.
We work with leading teams across multiple blockchains. Put the same collaborative approach to work on your protocol.
Get secured now