slowfi

slowfi

PoC || GTFO

@slowfi

68

Spearbit

sr

resident

Public earnings

$4,982.16

313th


Public findings

0


Achievements


Worked with

TaoFi
Clearpool
Facet
Hyperware
Lorenzo Protocol
Morpho
Sujith S
Gerard Persoon
m4rio
Jonatas Martins
carrotsmuggler
r0bert

Biography

🔐 Smart Contract & Protocol Security Researcher

I specialize in Web3 security and smart contract auditing, with extensive experience across DEXs (Uniswap v2, v3, v4), lending and borrowing markets, liquid staking, stablecoins, bridges, account abstraction (ERC-4337), and rollup architectures. My work is focused on uncovering vulnerabilities that matter most to protocol safety, scalability, and economics.

🎓 Technical Foundation With a Computer Science degree and Master’s in Cybersecurity, I bring over 7 years of offensive security expertise — spanning from Web3 smart contract research to Web2 penetration testing and red team operations. This dual background gives me both the adversarial mindset and deep technical grounding needed to secure complex decentralized systems.

💼 Web3 Experience

  • DEX Expertise: Audited Uniswap v2, v3, and v4 forks, concentrated liquidity AMMs, and custom swap/bridge integrations.
  • Lending & Borrowing: Reviewed lending protocols, liquidation engines, and credit markets.
  • Liquid Staking: Secured staking derivatives, validator reward flows, and LST economic models.
  • Cross-Ecosystem: Worked on rollup infrastructure (ZK & optimistic), bridges, DAOs, and stablecoins.
  • Notable Engagements: Contributed to reviews of Morpho SDKs, Clearpool, TaoFi, Lorenzo Protocol, InfiniFi, Layer N, Size Credit, and Trugly Labs as part of my research with Cantina and Spearbit .
  • Halborn: Served as Lead Offensive Security Engineer, auditing large-scale EVM and cross-chain protocols, including public work such as the BubbleSwap Concentrated Liquidity Pool AMM audit.
  • AuditOne: As Head of Security, I refined audit methodologies, guided triage and escalation processes, and supported client onboarding.

🌍 Prior Security Work Before Web3, I worked as a red teamer and penetration tester at CyberProof and SIA, leading engagements in banking and telecom industries, where I specialized in high-impact vulnerability discovery, exploitation, and adversarial simulation.

⚙️ Methodology My approach combines manual analysis with advanced techniques:

  • Foundry-based fuzzing to surface hidden state machine behaviors.
  • Invariant checks and symbolic execution for protocol consistency.
  • Impact-driven adversarial reasoning, ensuring every finding is actionable and grounded in the protocol’s economics.

🏆 Highlights

  • Resident researcher with Cantina.
  • Contributor to audits securing billions in TVL across DeFi.
  • Known for a PoC-or-GTFO mindset: every issue is backed by reproducible, technical proof.

📈 Mission My mission is to help protocols scale securely, by reducing systemic risks, strengthening economic mechanisms, and ensuring trust in decentralized finance.

Private reviews

View all
Engagement
Project title
Timeframe
Researchers
Clearpool

Clearpool

Clearpool

Aug 2025 - Aug 2025

slowfi
high byte
Facet

Facet

Facet ZK Fault Proof Rollup

Jul 2025 - Jul 2025

slowfi
Hyperware

Hyperware

Hyperware DAO

Jul 2025 - Jul 2025

slowfi
Gerard Persoon
TaoFi

TaoFi

TaoFi

Jul 2025 - Jul 2025

slowfi
phaze
Size Credit

Size Credit

Size v1

Apr 2024 - May 2024

+1
slowfi
Liam Eastwood
hyh