Public findings
59
Achievements
Skillset
Self-reported
Admin verified
Account Abstraction & Wallets
Blockchain Platforms (L1 + VM)
Consensus & Node Infra
Cross-Chain & Interoperability
Biography
I’m Jonatas Martins, a Security Researcher at Spearbit since 2022 and Cantina Fellow focused on DeFi protocol security. I came from Web2 web/mobile engineering, which helps me audit systems from a builder’s perspective: understanding intended behavior, modeling how integrations fail, and identifying practical issues that matter in production.
My strongest areas are Solidity/EVM DeFi, lending markets, ERC4626/vault systems, AMMs/DEXs, cross-chain and token bridge flows, governance upgrades, protocol accounting, and integrations. Recently, I have also been expanding into Rust and AI security. My security work includes reviews for Uniswap, MakerDAO/Sky, Coinbase, Maple, Centrifuge, Morpho, Velodrome, and other DeFi protocols.
In 2024, I worked as a judge and triaged bug bounty programs in Cantina. Outside direct audits, I contributed to the 2023 Rewind, spoke at TrustX 2023 and DSS 2024, and worked on Certora Prover tooling through the Aave Grant Program.
I enjoy reviews where I can dig into how a protocol is supposed to work, think through how it can break, and focus on issues that would actually matter in production.
Core Expertise
- Solidity/EVM protocol security
- DeFi protocol design and implementation review
- Lending markets and collateralized debt systems
- ERC4626 vaults, yield vaults, and accounting edge cases
- AMMs, DEXs, swap logic, and routing/integration risk
- Cross-chain bridges, token bridge flows, and cross-chain oracles
- Governance, upgrade scripts, and deployment/configuration review
- Protocol accounting, rounding, precision loss, and invariant breaks
- Rust/Solana security
Public Contributions
- Contributor to 2023 Rewind, ranked #2 in the incident writing contest.
- Speaker at TrustX 2023 on Ethereum Smart Contract Auditor’s 2023 Rewind
- Speaker at DSS 2024 on Leveraging knowledge to trasition between blockcain stacks.
- Contributor to Certora Prover Tools — Aave Grant Program, including work related to Aave Starknet Bridge and Aave Token V3 verification tooling.
- Cantina judge and bug bounty triager in 2024/25.
Top competitions
View allContest | Position | Date | Payout |
|---|---|---|---|
velvet-v4 | 4 / 33 | February 2025 | $5,202 |
genius-contracts | 3 / 18 | July 2025 | $2,131 |
grass | 3 / 15 | June 2024 | $1,882 |
Blast | 43 / 97 | January 2024 | $1,098 |
inclusive-monorepo | 4 / 15 | January 2025 | $1,096 |
Private reviews
View allEngagement | Project title | Timeframe | Researchers |
|---|---|---|---|
Solo Labs | Aegis DFM: Fix Review | Mar 2026 - Mar 2026 | |
Clove | Clove | Feb 2026 - Feb 2026 | |
Morpho | Morpho Vault v2 & Blue IRM | Nov 2025 - Dec 2025 | |
Steakhouse | Steakhouse: Leveraged Lending ERC4626 Yield Vault | Nov 2025 - Nov 2025 | |
Solo Labs | Solo Labs: AEGIS_DFM | Sep 2025 - Sep 2025 |
Security portfolio
Title | Description |
|---|---|
| 2023 Rewind | Contributed to the creation of 2023 Rewind and ranked #2 in incident writing contest |
| Certora Prover Tools - Aave Grant Program | The Aave Grant Program was a program to verify with Certora Prover the Aave Starknet Bridge and Aave Token V3. I was able to identify an issue during the Aave Starknet Bridge security review. |