Biography
Auditor Profile
About
I am a smart contract security researcher with a strong focus on Solana / SVM Rust, Cairo / Starknet, and complex DeFi protocol security.
My core expertise is reviewing systems where correctness depends on protocol-specific logic rather than standard contract patterns. I have extensive experience with Solana programs, Rust-based blockchain code, Cairo/Starknet systems, AMMs, vaults, staking and rewards logic, governance systems, bridges, orderbooks, launchpads, smart wallets, and other DeFi protocols with non-trivial accounting and state transitions.
I have 5+ years of smart contract security experience, after studying Information Security / Cybersecurity and working as a penetration tester. In private audits, I have completed 38 Solana / Rust engagements totaling 197.5 audit days, including repeated work on Meteora, Jupiter, GMX Solana, Paladin, Ondo, Orderly, 1inch Solana, Ergonia, Dripster, Blendy, Token Mill, Bridge, Autonomous Finance, and other SVM / Rust protocols.
I am also highly experienced in Cairo / Starknet security, with 6 private Cairo audits totaling 67 audit days, including Ekubo, Vesu, Forge, Starknet Foundation Alexandria, and Starkware Cairo. My Cairo work includes AMM logic, Cairo libraries, Starknet protocol code, storage and serialization behavior, math-heavy code, and invariant-driven protocol review.
Across public contests, I have won six security contests, achieved four top-three placements, and placed top-10 four additional times. My Rust and non-EVM record includes 1st in Grass for Rust / Solana, 6th in Tensor for Rust / Solana, 7th in Solayer, 1st in Centrifuge for Rust / Substrate, 1st in HydraDx for Rust / Substrate, and 3rd in Andromeda for Rust / Cosmos.
I currently work as a Security Researcher with Spearbit, Zenith, and Blackthorn, and I also compete in contests on Code4rena, Cantina, and other audit platforms.
Core Expertise
Solana / SVM Rust
Solana / Rust is one of my strongest areas. I have reviewed a large number of production Solana protocols across AMMs, smart wallets, launchpads, vaults, bridges, staking systems, governance systems, payments, and token/accounting logic.
My Solana review work focuses on account validation, authority and signer checks, PDA derivation, initialization and reinitialization safety, CPI assumptions, token-account validation, protocol accounting, arithmetic precision, invariant preservation, and edge cases around user-controlled accounts and program state.
Representative Solana / Rust work includes Meteora, Jupiter, GMX Solana, Paladin, Ondo, Orderly, 1inch Solana, Ergonia, Dripster, Ego, Token Mill, Blendy, Bridge, Autonomous Finance, and multiple Accretion engagements.
Cairo / Starknet
I have strong Cairo / Starknet experience from both protocol and library audits. I have reviewed Cairo AMMs, Starknet protocol code, Cairo libraries, math-heavy components, storage and serialization behavior, and state-transition logic where small implementation errors can lead to broken accounting or invalid system states.
Representative Cairo / Starknet work includes Ekubo, Vesu, Forge, Starknet Foundation Alexandria, and Starkware Cairo.
DeFi Protocol Security
I have broad DeFi audit experience across AMMs, concentrated liquidity, bonding curves, orderbooks, vaults, staking, rewards, governance, lending, cross-chain systems, payment flows, and token standards.
My strongest reviews are usually on systems where the important bugs are not isolated to one function, but emerge from the interaction between accounting rules, user flows, state transitions, access control, and economic assumptions.
Rust-Based Blockchain Systems
Beyond Solana and Cairo, I have strong experience with Rust-based blockchain systems, including Rust / Substrate, Rust / Cosmos, and Rust backend protocol components. My public contest record includes first-place Rust/Substrate results and a top-three Rust/Cosmos result.
Solidity / EVM
Solidity / EVM remains a strong secondary area. I have audited and competed across ERC standards, lending, governance, staking, proxies, Gnosis Safe integrations, cross-chain protocols, and DeFi systems. My main edge in EVM work is on complex protocol logic rather than generic token or admin patterns.
Selected Experience Highlights
Solana / Rust Private Audits
38 private Solana / Rust audits, 197.5 audit days.
Representative work:
- Meteora: 17 engagements across AMM, CP-AMM, bonding curve, fee sharing, zap program, and related Solana/Rust components.
- Jupiter: 4 engagements across smart wallet and Solana/Rust protocol logic.
- GMX Solana: 18-day Solana/Rust AMM audit.
- Paladin: 18-day Solana/Rust staking / governance / rewards audit.
- Ondo: 10-day Solana/Rust audit.
- Orderly: Solana/Rust bridge audit.
- 1inch Solana: Solana/Rust orderbook AMM audit.
- Dripster, Ego, Token Mill: Solana/Rust launchpad audits.
- Blendy, Autonomous Finance: Solana/Rust vault audits.
- Ergonia: Solana/Rust AMM audit and vCISO/consulting engagement.
- Bridge: Solana/Rust payment audit.
- 4real: Solana/Rust staking audit.
- Accretion engagements: Multiple Solana/Rust private audits across late 2025 and early 2026.
Cairo / Starknet Private Audits
6 private Cairo audits, 67 audit days.
Representative work:
- Ekubo: 20-day Cairo AMM audit.
- Vesu: 20 total Cairo audit days across two engagements.
- Forge: Cairo audit.
- Starknet Foundation Alexandria: Cairo bytes library audit.
- Starkware Industries: 18-day Cairo language / Starkware codebase audit.
Selected Rust and Non-EVM Contest Results
- Centrifuge: 1st / 231, Rust / Substrate.
- HydraDx: 1st / 27, Rust / Substrate.
- Grass: 1st / 197, Rust / Solana.
- Tensor: 6th / 256, Rust / Solana.
- Solayer: 7th / 306, Solana.
- Andromeda: 3rd / 122, Rust / Cosmos.
- Metrom: 1st, Rust / Backend.
Ecosystems and Languages
| Area | Level | Experience |
|---|---|---|
| Solana / SVM Rust | Expert | 38 private audits, 197.5 audit days, multiple contest placements, and repeated production work across AMMs, smart wallets, launchpads, bridges, vaults, staking, governance, payments, and token/accounting systems. |
| Cairo / Starknet | Expert | 6 private Cairo audits, 67 audit days, including AMMs, Cairo libraries, Starknet protocol code, math-heavy logic, storage behavior, serialization, and state-transition review. |
| Rust blockchain systems | Expert | Experience across Solana / Rust, Rust / Substrate, Rust / Cosmos, Rust backend systems, and multiple high-ranking Rust contest results. |
| Solidity / EVM | Advanced | Private audits and contest results across ERC standards, lending, governance, staking, proxies, Gnosis Safe integrations, cross-chain systems, and DeFi protocol logic. |
| Node / Go blockchain systems | Experienced | Reviewed Berachain BeaconKit work involving blockchain node/protocol components. |
| Security background | Strong | Academic cybersecurity background, prior penetration-testing experience, and 3+ years of smart contract security work. |
Protocol and Security Experience
| Area | Experience |
|---|---|
| AMMs / DEXes / liquidity systems | Extensive experience across Meteora, GMX Solana, Ekubo, Ergonia, 1inch Solana, HydraDx, Morpho, Opal, Balancer-style systems, custom AMMs, bonding curves, orderbooks, and concentrated-liquidity designs. |
| Solana account and authority security | Extensive experience reviewing signer validation, account ownership, PDA derivation, initialization safety, authority checks, token-account validation, CPI assumptions, and user-controlled account edge cases. |
| DeFi accounting and invariants | Extensive experience with vault accounting, share accounting, fee accounting, reward accounting, staking logic, liquidity accounting, token accounting, precision issues, rounding behavior, and invariant violations. |
| Cairo / Starknet protocol logic | Strong experience with Cairo AMMs, Starknet protocol code, Cairo libraries, storage/state-transition review, serialization, and math-heavy logic. |
| Staking / governance / rewards | Experience across Paladin, 4real, Ethena, Salty.io, Redacted, ENS, governance systems, reward distribution, and admin/role logic. |
| Launchpads and token lifecycle systems | Experience across Dripster, Ego, Token Mill, and related Solana/Rust launchpad and token lifecycle flows. |
| Vaults and asset-management logic | Experience across Blendy, Autonomous Finance, Polystream, and other vault/accounting systems. |
| Bridges and cross-chain systems | Experience with Orderly, Wormhole, Axelar, Threshold tBTC bridge, Zetachain, and custom cross-chain implementations. |
| Smart wallets and account systems | Experience with Jupiter smart wallet work, Gnosis Safe integrations, reNFT, Redacted, and account/authorization-heavy systems. |
| Lending and collateral systems | Experience with Morpho, Wildcat Finance, Opal, Balancer-related systems, and lending/accounting logic. |
| ERC standards and token integrations | Experience with ERC20, ERC721, ERC4626, ERC4337, token accounting, token permissions, and integration assumptions. |
| Proxy and upgradeability patterns | Experience with Transparent proxies, UUPS proxies, Diamond patterns, upgrade risks, and admin-control boundaries. |
Full Track Record
The following tables contain the full contest, private audit, consulting, judging, and work-experience record.
Top Contest Performances
| Platform | Contest | Language | Position | Payout | Report |
|---|---|---|---|---|---|
| Cantina | Centrifuge | Rust / Substrate | 🥇/231 | $70,209.75 | Private |
| Cantina | Wormhole | Solidity | 🥇/13 | Redacted | Private |
| Hats Finance | Metrom | Rust / Backend | 🥇/X | $28,000.00 | Private |
| C4 | HydraDx | Rust / Substrate | 🥇/27 | $23,597.20 | Report |
| Cantina | Grass | Rust / Solana | 🥇/197 | $6,355.65 | Private |
| Cantina | Decent | Solidity | 🥇/193 | $1,250.00 | Private |
| Cantina | Morpho | Solidity | 🥉/22 | $17,919.95 | Private |
| Sherlock | Andromeda | Rust / Cosmos | 🥉/122 | $12,998.29 | Report |
| Cantina | YOLO Games | Solidity | 🥉/250 | $2,238.22 | Private |
| C4 | ENS | Solidity | 🥉/54 | $1,840.73 | Report |
| Cantina | Optimism | Solidity | 5/227 | $4,326.86 | Report |
| Cantina | Ronin | Solidity | 6/61 | $16,809.33 | Private |
| Cantina | Tensor | Rust / Solana | 6/256 | $9,529.84 | Private |
| C4 | Centrifuge | Solidity | 6/84 | $1,663.90 | Report |
| Cantina | Opal | Solidity | 6/42 | $1,780.65 | Private |
| Cantina | Solayer | Solana | 7/306 | $2,074.80 | Private |
Private Audits
| Date | Duration | Agency | Name | Language | Protocol type | Report |
|---|---|---|---|---|---|---|
| 04/2024 | 5 days | Thesis Defense | Acre | Solidity | Gnosis Safe | Report |
| 04/2024 | 12.5 days | Thesis Defense | Mezo | Solidity | * | Report |
| 05/2024 | 5 days | Thesis Defense | Stars Arena | Solidity | * | Private |
| 07/2024 | 3.5 days | Spearbit | Drips | Solidity | Reward distribution | Report |
| 09/2024 | 5 days | Spearbit | Berachain | Solidity | Balancer fork | Private |
| 10/2024 | 2 days | Zenith | Jupiter | Solana / Rust | Smart wallet | Private |
| 10/2024 | 4 days | Zenith | 4real | Solana / Rust | Staking | Report |
| 10/2024 | 1.5 days | Zenith | Jupiter #2 | Solana / Rust | Smart wallet | Private |
| 11/2024 | 18 days | Blackthorn | GMX | Solana / Rust | AMM | Report |
| 11/2024 | 1 days | Zenith | Jupiter #3 | Solana / Rust | Smart wallet | Private |
| 12/2024 | 3 days | Spearbit | Blendy | Solana / Rust | Vault | Private |
| 12/2024 | 3 days | Zenith | Autonomous Finance | Solana / Rust | Vault | Private |
| 12/2024 | 5 days | Spearbit | Blendy #2 | Solana / Rust | Vault | Private |
| 01/2025 | 20 days | Plainshift | Ekubo | Cairo | AMM | Private |
| 02/2025 | 18 days | Zenith | Paladin | Solana / Rust | Staking / Governance / Rewards | Private |
| 03/2025 | 5 days | Zenith | Dripster | Solana / Rust | Launchpad | Report |
| 03/2025 | 5 days | Zenith | Orderly | Solana / Rust | Bridge | Private |
| 03/2025 | 2 days | Zenith | 1Inch | Solana / Rust | Orderbook AMM | Report |
| 03/2025 | 10 days | Zenith | Meteora | Solana / Rust | Bonding Curve | Private |
| 04/2025 | 6 days | Zenith | Ego | Solana / Rust | Launchpad | Report |
| 04/2025 | 1 days | Zenith | Bridge | Solana / Rust | Payment | Private |
| 04/2025 | 3 days | Bail Security | Token Mill | Solana / Rust | Launchpad | Private |
| 04/2025 | 3 days | Zenith | Meteora #2 | Solana / Rust | Bonding Curve | Private |
| 04/2025 | 12.5 days | Spearbit | Berachain | Node / Go | Beaconkit | Private |
| 05/2025 | 0.5 days | Zenith | Meteora #3 | Solana / Rust | AMM | Private |
| 05/2025 | 10 days | Zenith | Meteora #4 | Solana / Rust | AMM | Report |
| 06/2025 | 8 days | Spearbit | Ergonia | Solana / Rust | AMM | Private |
| 07/2025 | 22 days | Zenith | Meteora #5 | Solana / Rust | AMM | Private |
| 08/2025 | 1 days | Zenith | Meteora #6 | Solana / Rust | AMM | Private |
| 08/2025 | 15 days | Zenith | Vesu | Cairo | NA | Private |
| 08/2025 | 5 days | Zenith | Vesu #2 | Cairo | NA | Private |
| 09/2025 | 4 days | Zenith | Forge | Cairo | NA | Private |
| 09/2025 | 0.5 days | Zenith | Meteora #7 | Solana / Rust | AMM | Private |
| 09/2025 | 0.5 days | Zenith | Meteora #8 | Solana / Rust | AMM | Private |
| 09/2025 | 3 days | Zenith | Meteora #9 | Solana / Rust | AMM | Private |
| 10/2025 | 2 days | Zenith | Meteora #10 | Solana / Rust | Fee Sharing | Private |
| 10/2025 | 5 days | Zenith | Starknet Foundation | Cairo | Alexandria Bytes Library | Private |
| 10/2025 | 18 days | Zenith | Starkware Industries | Cairo | Cairo | Private |
| 11/2025 | 5 days | Spearbit | Polystream | EVM | Vault | Private |
| 11/2025 | 4 days | Zenith | Meteora #11 | Solana / Rust | Zap program | Private |
| 11/2025 | 10 days | Spearbit | Ondo | Solana / Rust | NA | Private |
| 12/2025 | 3.5 days | Accretion | Tessert | Solana / Rust | NA | Report |
| 12/2025 | 1.5 days | Accretion | NA | Solana / Rust | NA | Private |
| 01/2026 | 15 days | Accretion | NA | Solana / Rust | NA | Private |
| 02/2026 | 7 days | Zenith | Meteora #12 | Solana / Rust | NA | Private |
| 02/2026 | 3 days | Zenith | Meteora #13 | Solana / Rust | NA | Private |
| 03/2026 | 0.5 days | Zenith | Meteora #14 | Solana / Rust | NA | Private |
| 03/2026 | 3 days | Zenith | Meteora #15 | Solana / Rust | NA | Private |
| 05/2026 | 2 days | Zenith | Meteora #16 | Solana / Rust | NA | Private |
| 05/2026 | 4 days | Zenith | Jupiter #4 | Solana / Rust | NA | Private |
| 05/2026 | 6 days | Zenith | Meteora #17 | Solana / Rust | NA | Private |
vCISO/Consulting
| Date | Agency | Name | Language | Protocol type |
|---|---|---|---|---|
| 10/2024 | Spearbit | Zetachain | Solidity | Blockchain |
| 06/2025 | Spearbit | Ergonia | Solana / Rust | AMM |
Judging
| Date | Platform | Name | Language | Protocol type |
|---|---|---|---|---|
| 06/2024 | Cantina | Usual | Solidity | NA |
| 08/2024 | Cantina | Zetachain | Solana / Rust | NA |
| 01/2025 | Cantina | Inclusive Finance | Solana / Rust | NA |
| 03/2025 | Cantina | Reserve | Solana / Rust | NA |
Top competitions
View allContest | Position | Date | Payout |
|---|---|---|---|
Centrifuge | 1 / 14 | August 2024 | $70,210 |
metamorpho-and-periphery | 2 / 33 | November 2023 | $12,357 |
tensor-monorepo | 6 / 10 | October 2024 | $9,030 |
grass | 1 / 15 | June 2024 | $6,356 |
safe-extensions | 5 / 59 | May 2024 | $4,327 |
Private reviews
View allEngagement | Project title | Timeframe | Researchers |
|---|---|---|---|
Ondo Finance | Ondo: GM Solana | Nov 2025 - Dec 2025 | |
Polystream | Polystream Vault | Nov 2025 - Nov 2025 | |
Berachain | Bera Bex | Sep 2024 - Oct 2024 | |
Drips | drips-monorepo | Jul 2024 - Jul 2024 |