Security Research &
Smart Contract Audits

I help DeFi teams prevent insolvency, withdrawal freezes, and permission bypasses — with reproducible PoCs and fix-ready guidance.

Invariant-driven audits (Foundry harnesses)
High-signal findings, minimal noise
Clear severity rationale + remediation
Get In Touch Send Scope

Responsible disclosure. Professional communication. Scoped engagements.

Services

Audit Sprint (7–14 days)

  • Threat model + trust boundaries
  • Manual review + targeted fuzzing
  • Reproducible PoCs + fix guidance
Deliverable: Full report + verification checklist

Rapid Review (48–72h)

  • Pre-launch critical path review
  • Solvency / withdrawability / permissions focus
  • Go/No-Go risk summary
Deliverable: Short report + prioritized fixes

Security Retainer (Monthly)

  • Review PRs/releases and high-risk diffs
  • Fast feedback loop on fixes
  • Priority response window
Deliverable: Ongoing risk notes + recurring reviews

Optional: I can implement patches and test harnesses alongside the audit.

Method

1

Threat Model

Identify assets, roles, trust boundaries, and failure modes.

2

Invariants

Define what must never break: solvency, withdrawability, and permission integrity.

3

Harness

Build minimal reproducible tests (Foundry), forks where needed, and targeted fuzzing.

4

Delivery

Clear severity justification, PoCs, and fix-ready recommendations with verification steps.

What You Get

  • Executive summary (non-technical)
  • Detailed findings with severity rationale
  • PoC tests / reproduction steps
  • Remediation guidance + verification checklist

Focus Areas

Solvency & accounting correctness (bad debt / invariants)
Withdrawability & freeze risk (dependency failures / queue deadlocks)
Access control & allowlisting correctness
Cross-contract interactions (routers, vaults, diamonds, adapters)
Economic abuse (where explicitly in-scope)

Proof of Work

High-signal security research, optimized for fast triage and reproducibility.

Multiple critical/high findings across DeFi architecture patterns
Reports structured for reviewer speed: impact → conditions → PoC → fix
Strong emphasis on reproducibility and verification

Permission Integrity Failure (Anonymized)

Identified a permissioning logic flaw that could expand allowed external calls beyond intended boundaries. Delivered a minimal PoC and a policy-aligned fix.

Withdrawability Freeze Risk (Anonymized)

Demonstrated a failure mode where a single dependency revert could block withdrawals under realistic conditions. Provided mitigation patterns and verification steps.

No sensitive targets or exploit details are disclosed publicly.

FAQ

Repo access (private is fine), scope list, deployed addresses/chains (if any), timeline, and any constraints.

By mapping impact and exploitability to program policy, including recoverability (e.g., funds frozen vs. quickly fixable).

Yes — reproducible tests or clear reproduction steps, plus verification guidance for the fix.

Yes — optional patch implementation and harness improvements, depending on timeline and scope.

Contact

For audit requests, include: scope, repos, chains, launch date, and preferred timeline.

Email: security@sabfab.dev
Response time: Usually within 24–48h
PGP Key: Available on request