slowfi

🔐 Smart Contract & Protocol Security Researcher

I specialize in Web3 security and smart contract auditing, with extensive experience across DEXs (Uniswap v2, v3, v4), lending and borrowing markets, liquid staking, stablecoins, bridges, account abstraction (ERC-4337), and rollup architectures. My work is focused on uncovering vulnerabilities that matter most to protocol safety, scalability, and economics.

🎓 Technical Foundation With a Computer Science degree and Master’s in Cybersecurity, I bring over 7 years of offensive security expertise — spanning from Web3 smart contract research to Web2 penetration testing and red team operations. This dual background gives me both the adversarial mindset and deep technical grounding needed to secure complex decentralized systems.

💼 Web3 Experience

• DEX Expertise: Audited Uniswap v2, v3, and v4 forks, concentrated liquidity AMMs, and custom swap/bridge integrations.
• Lending & Borrowing: Reviewed lending protocols, liquidation engines, and credit markets.
• Liquid Staking: Secured staking derivatives, validator reward flows, and LST economic models.
• Cross-Ecosystem: Worked on rollup infrastructure (ZK & optimistic), bridges, DAOs, and stablecoins.
• Notable Engagements: Contributed to reviews of Morpho SDKs, Clearpool, TaoFi, Lorenzo Protocol, InfiniFi, Layer N, Size Credit, and Trugly Labs as part of my research with Cantina and Spearbit .
• Halborn: Served as Lead Offensive Security Engineer, auditing large-scale EVM and cross-chain protocols, including public work such as the BubbleSwap Concentrated Liquidity Pool AMM audit.
• AuditOne: As Head of Security, I refined audit methodologies, guided triage and escalation processes, and supported client onboarding.

🌍 Prior Security Work Before Web3, I worked as a red teamer and penetration tester at CyberProof and SIA, leading engagements in banking and telecom industries, where I specialized in high-impact vulnerability discovery, exploitation, and adversarial simulation.

⚙️ Methodology My approach combines manual analysis with advanced techniques:

• Foundry-based fuzzing to surface hidden state machine behaviors.
• Invariant checks and symbolic execution for protocol consistency.
• Impact-driven adversarial reasoning, ensuring every finding is actionable and grounded in the protocol’s economics.

🏆 Highlights

• Resident researcher with Cantina.
• Contributor to audits securing billions in TVL across DeFi.
• Known for a PoC-or-GTFO mindset: every issue is backed by reproducible, technical proof.

📈 Mission My mission is to help protocols scale securely, by reducing systemic risks, strengthening economic mechanisms, and ensuring trust in decentralized finance.