I am a passionate Web3 security researcher specializing in identifying vulnerabilities across decentralized protocols and smart contracts. With a deep commitment to ensuring the safety of user funds, I actively participate in public audit contests on prominent platforms such as Code4rena, Cantina, and Codehawks. I also collaborate with renowned audit firms to enhance the quality and accuracy of their reports for their private audits. My goal is always to provide the highest value to the protocols, using my current knowledge and expertise.
I am ranked 1st on the all-time leaderboard at Codehawks and 2nd as a judge, helping assess and guide other participants' contributions.
Over the course of almost 2 years of competing, I have been rewarded with over $300 000 from audit contests. Below, you can find a breakdown of all the security competitions I’ve participated in, including relevant information on each. Additionally, you can find my experience with bug bounties and private audits.
You can find me on Code4rena, Codehawks, Cantina, and Immunefi. If you would like to contact me, feel free to reach out via X.
| Contest | Description | Platform | Findings | Reward | Ranking | Report |
|---|---|---|---|---|---|---|
| NextGen | NextGen is a series of contracts whose purpose is to explore more experimental directions in generative art and other non-art use cases of 100% on-chain NFTs. | Code4rena | 2H, 2M | 780.17$ | 15 | Report |
| Stake.Link | A first-of-its-kind liquid delegated staking platform delivering DeFi composability for Chainlink Staking. | Codehawks | 1H, 1M | 1191.30$ | 4 | Report |
| Salty.IO | Salty.IO is a Decentralized Exchange on Ethereum which uses Automatic Atomic Arbitrage (AAA) to generate yield and provide Zero Fees on all swaps. | Code4rena | 2H, 4M | 988.03$ | 16 | Report |
| AI Arena | In AI Arena you train an AI character to battle in a platform fighting game. Imagine a cross between Pokémon and Super Smash Bros, but the characters are AIs, and you can train them to learn almost any skill in preparation for battle. | Code4rena | 7H, 4M | 178.73$ | 34 | Report |
| Wise Lending | Decentralized liquidity market that allows users to supply crypto assets and start earning a variable APY from borrowers. | Code4rena | 1H, 1M (1 solo) | 7970.35$ | 7 | Report |
| Beanstalk: The Finale | Beanstalk is a permissionless fiat stablecoin protocol built on Ethereum. Its primary objective is to incentivize independent market participants to regularly cross the price of 1 Bean over its dollar peg in a sustainable fashion. | Codehawks | 3H (1 solo), 5M (1 solo) | 19093.19$ | 3 | Report |
| Chainlink CCIP v1.5 | CCIP is the global standard for cross-chain interoperability. It enables developers to build secure, multi-chain applications and services, backed by Chainlink’s decentralized oracle network. | Codehawks | 1M | 10057.47$ | 8 | Private |
| Zaros | Zaros is a Perpetuals DEX powered by Boosted (Re)Staking Vaults. It seeks to maximize LPs yield generation, while offering a top-notch trading experience on Arbitrum (and Monad in the future). | Codehawks | 4H, 2M | 614.04$ | 13 | Report |
| ArkProject: NFT Bridge | The ArkProject NFT Bridge allows users to bridge NFTs (ERC-721) between Ethereum (L1) and Starknet (L2). | Codehawks | 2H 3M | 2855.87$ | 4 | Report |
| Chakra | The first modular settlement layer designed to unlock Bitcoin's liquidity across diverse blockchain ecosystems. | Code4rena | 4H 5M | 785.61$ | 13 | Report |
| Starknet Staking | As Starknet continues its decentralized journey, we present StarkWare’s proposal for the first stage of staking. This is an important step in building the staking community and technology, offering new opportunities for users and developers. This contest scope covers the staking mechanism for Starknet Improvement Proposal 18. | Codehawks | 2H | 2267.37$ | 8 | Private |
| Instadapp Fluid DEX | Fluid DEX protocol is a novel protocol that is built on top of the Liquidity Layer and introduces Smart Debt and Smart Collateral. | Cantina | 1M | 8950.27$ | 2 | Leaderboard |
| ZKsync | ZKsync Era is an EVM compatible layer 2 rollup that uses zero-knowledge proofs to scale Ethereum without compromising on security or decentralization. | Codehawks | Private | 236133.47$ | 1 | Private |
| QuantAMM | QuantAMM is a next generation DeFi protocol launching Blockchain Traded Funds (BTFs). LPs are no longer only chasing swap fees: the weights of the pool change to take advantage of current underlying price movements and therefore can overcome MEV and Impermanent Loss. QuantAMM does this in a continuous, responsive way with advanced, fully on-chain TradFi-style strategies. | Codehawks | 6H 2M | 1746.67 OP | 5 | Report |
| Daao | DAAO is a decentralized autonomous agentic organization protocol that enables automated fundraising and liquidity management through Uniswap V3. | Cantina | 6H 1M | 388.66$ | 6 | Leaderboard |
| Contest | Description | Platform | Ranking | Reward |
|---|---|---|---|---|
| Beanstalk: The Finale | Beanstalk is a permissionless fiat stablecoin protocol built on Ethereum. Its primary objective is to incentivize independent market participants to regularly cross the price of 1 Bean over its dollar peg in a sustainable fashion. | Codehawks | 4 | 4000$ |
| ArkProject: NFT Bridge | The ArkProject NFT Bridge allows users to bridge NFTs (ERC-721) between Ethereum (L1) and Starknet (L2). | Codehawks | 4 | 900$ |
| Protocol | Description | Platform | Severity | Reward | Report |
|---|---|---|---|---|---|
| Beanstalk | Beanstalk is a permissionless fiat stablecoin protocol built on Ethereum. Its primary objective is to incentivize independent market participants to regularly cross the price of 1 Bean over its dollar peg in a sustainable fashion. | Immunefi | Medium | 3000 BEAN | Report |
| Protocol | Topics | Firm | Findings | Report |
|---|---|---|---|---|
| Valkyrie | Uniswap V4, Staking, Incentives | Cyfrin | Private | Private |
| MetaMask | ERC4337, EIP7702 | Cyfrin | 4M, 2L | Report |
| Synthetix | Perpetuals, Stablecoin | Guardian Audits | Private | Private |
| BunniV2 | Uniswap V4 | Cyfrin | Private | Private (Found a live critical bug that allowed to drain all TVL worth 7.3 million dollars) Writeup |