Biography
Biography
Hey there! My name is Bernd and I've been in tech as both a startup founder and software developer for ~15 years.
3 years ago, I completely transitioned into BlocSec.
My ability to quickly grasp new concepts, attention to detail, and my natural curiosity and perseverance, have helped me score top leaderboard rankings in Code4rena, Sherlock, and CodeHawks, with roughly 25 top-5 placements in competitive audits. To date, I have conducted almost 100 audits and have identified numerous vulnerabilities across a wide range of DeFi protocols, wallets, bridges, VMs, and Cosmos SDK based chains.
Currently, I'm
- Lead security auditor at Oak Security (and Solidified)
- Senior auditor at trust-security.xyz
- Security Researcher at Spearbit and Zenith
- Top warden (Ranking ~35 all-time) & judge at Code4rena
My complete audit portfolio is available at github.com/berndartmueller/audits.
If you want to get in touch, feel free to reach out to me.
My Expertise
Languages, Frameworks, Chains
- Solidity & EVM âš¡âš¡âš¡âš¡âš¡
- CosmWasm (Rust) âš¡âš¡âš¡âš¡
- Cosmos SDK (Go) âš¡âš¡âš¡âš¡
- NEAR Contracts (Rust) âš¡âš¡âš¡
- Move (Sui) âš¡âš¡âš¡
Protocol Categories
- Collateralized Debt Positions (CDP)
- Lending & Borrowing
- Wallets
- Bridges
- Options
- Order Books
- DeFi in general
Clients
Excerpt of clients I've worked with on private engagements:
- Filecoin
- Badger
- Nym
- Evmos
- Wormhole
- Noble
- Router
Audit Contest Achievements
- Judge and all-time #35 on Code4rena (@berndartmueller)
- Senior Watson and #18 on Sherlock (@berndartmueller)
- #1 on CodeHawks (@berndartmueller)
Certifications
Crypto Currency Security Standard Auditor (CCSSA) - Expired Nov-2023
Top competitions
View allContest | Position | Date | Payout |
|---|---|---|---|
curvance | 3 / 224 | February 2024 | $37,642 |
Private reviews
View allEngagement | Project title | Timeframe | Researchers |
|---|---|---|---|
Lombard Finance | Lombard-approver | Nov 2024 - Dec 2024 |
Security portfolio
Title | Description |
|---|---|
| ZetaChain (Cosmos SDK) - Code4rena Contest | Placed 🥇 #1. The Blockchain for Cross-Chain Apps. |
| MilkyWay TIA Liquid Staking (CosmWasm) | MilkyWay offers a liquid staking solution for the Celestia ecosystem, initially deployed and operated on Osmosis. |
| Calculated Finance (CosmWasm) | The Calculated Finance protocol allows users to utilize dollar cost averaging (DCA) strategies by creating vaults that automatically swap tokens at a specified frequency on the Osmosis DEX. |
| Nym Wallet | Nym wallet is a non-custodial multi-platform (Windows, macOS, Linux) desktop wallet for the Nym mixnet. It is written in Rust and TypeScript and uses the Tauri framework |
| eBTC Review | eBTC is a collateralized crypto asset soft pegged to the price of Bitcoin and built on the Ethereum network. It is backed exclusively by Lido's stETH and powered by immutable smart contracts with minimized counterparty reliance. |
| Evmos EVM Extensions Review | EVM extensions allow for the creation of custom precompiled smart contracts in the Evmos EVM. |
| Membrane (CosmWasm) | Membrane is a cross-collateral debt protocol built on Cosmos, utilizing the floating-peg stablecoin $CDT and collateralized debt positions. |
| Cypher Wallet Review | Cypher Wallet is a non-custodial multi-platform (iOS, Android) mobile wallet supporting multiple EVM and Cosmos chains. It uses the React Native framework. |
| Filecoin EVM (FEVM) Review | The Filecoin EVM (FEVM) is an Ethereum Virtual Machine (EVM) compatible, virtualized runtime on top of the Filecoin Virtual Machine (FVM). |
| Solo Engagements | Excerpt of my solo security reviews. |
| Beedle - CodeHawks Contest | Placed 🥇 #1. Oracle free peer to peer perpetual lending. |
| Bond Options - Sherlock Contest | Placed 🥈 #2. Acquire assets, own liquidity, and diversify treasuries on the permissionless Bond Marketplace. |
| Blueberry - Sherlock Contest | Placed 🥉 #3. Blueberry unifies the DeFi experience: Aggregating, Automating, and Boosting Capital Efficiency for top DeFi Strategies. |
| Drips Protocol - C4 Contest | Placed 🥉 #3.An Ethereum protocol for streaming and splitting funds. |
| Ajna - Sherlock Contest | Placed 🥉 #3. Ajna is a peer to peer, oracleless, permissionless lending protocol with no governance, accepting both fungible and non fungible tokens as collateral. |
| Mover - Sherlock Contest | Placed 🥈 #2. Mover is a permissionless protocol exploring metaverse savings. It is a suite of products in NFT, web3, and DeFi space to create a new open savings experience. |
| Astaria - Sherlock Contest | Placed 🥇 #1 together with Rajeev. Astaria’s mission is to build a highly functional on-chain lending protocol, with instant highly liquid NFT lending. |
| Fraxlend (Frax Finance) - C4 Contest | Ranked 🥉 #3. A permissionless lending platform and the final piece of the Frax Finance Defi Trinity. |
| Juicebox V2 - C4 Contest | Ranked 🥇 #1. The decentralized fundraising and treasury protocol. |
| Tokemak - Sherlock Contest | Ranked #5 out of 477 participants. Supply ETH and let Tokemak dynamically optimize your yield across different DEXs and Liquid Staking Tokens. |
| DittoETH - CodeHawks Contest | Ranked 🥉 3rd - The system mints pegged assets (stablecoins) using an orderbook, using over-collateralized staked ETH. |