Cutting-Edge
Cybersecurity Services

We provide top-class security services.
We use the specialist knowledge acquired over the years to secure our clients’ assets and technology.

Web3

Smart contracts, blockchain, wallets and related

Web2

Web applications, external security assessments, OSINT, infrastructure

Architecture

Cloud, SDLC, infrastructure configuration review

Our clients

We are very pleased to be able to publicly share our cooperation with companies that have entrusted their security to us.
Here are some of them:

Checkd Group

Orderly Network
Piwik PRO
TrapTech

EcoWay
Cascadia Foundation
Wolf Game
Magic Beans


Chromia

Razor DEX

What we do

We are ready to evaluate verify audit   protect
your product or service.

Regardless of whether you are a startup or a mature organization, we are ready to thoroughly analyze smart contracts, applications or infrastructure, and help improve it from the perspective of security, financial (DeFi) and architectural vectors.

Supported ecosystems

Since 2021 we are helping our clients to stay one step ahead of hackers. Technologies we've worked with:

The main branches of our specialization

Smart contracts

Smart contracts

Source code audit for security and best practices

DeFi Applications

DeFi Applications

Application, interface between web2 and web3 and customer protection verification

Architecture and SDLC

Architecture and SDLC

Analysis of product architecture in order to avoid fundamental flaws at the high-level solution planning stage

Applications

Applications

Application penetration testing with a white/grey/black box approach

Infrastructure

Infrastructure

web2 infrastructure, including servers, networks, and cloud environments.

Security Assessments

Security Assessments

Cloud, OSINT and collecting recommendations for improvement of your overall security posture.

Created by security researchers.

Each project is carried out by a team with many years of experience in offensive security, as well as extensive knowledge of DeFi and cryptography aspects.


Jakub Heba

CEO & Co-founder
  • BCS in Computer Science – Security of IT Systems,
  • Security Researcher and Penetration Tester since 2016,
  • Holder of OSCE, OSCP and Lead ISO27001 certificates,
  • Specializing in Rust language and Chains & Smart Contracts based on it,
  • Extensive experience in CosmWasm, Substrate, ink!, Ethereum and Scrypto,
  • Audited more than 40 DeFi projects.

 


Łukasz Mikuła

CTO & Co-founder
  • Conducting Penetration Tests and Red Teaming assessments since 2015,
  • Holds 15+ CVEs in Web Applications,
  • Author of popular cybersecurity trainings: eJPT, eWPTXv2, and the most challenging eCXD,
  • Smart Contract Auditor, specialized in EVM, with experience in CosmWasm and MOVE,
  • Holder of OSCE, OSCP, eWPT and eWPTX certificates.


Luiza Zdżalik

Marketing Manager
  • Responsible for translating engineering ideas into human language,
  • Manages the creation of marketing stuff and online content, keeping a consistent brand look,
  • Takes care about client relationship.

 

What characterizes us?

Your security
is our priority.

As a specialized company, we have extensive experience in the industry.

Dozens of analyzed contracts and dApps

Experience with multiple blockchain technologies

Extensive knowledge of the security of decentralized finance

Many years of experience in traditional penetration tests and security research

Article, News & Post

Recent Blog & Post

We want to work to increase knowledge and awareness in the field of web3 security. We regularly publish articles describing niche topics, issues and solutions.

Ethereum signatures for hackers and auditors 101

In real world you can sign documents using your personal signature, which is assumed to be unique and proves that you support, acknowledge or commit something. The same can be done on ethereum blockchain and in solidity smart contracts – but using cryptography. In this article, we will briefly explain

Open Article »

Common proxy vulnerabilities in Solidity – part 2

In the previous part, we explained some of typical proxy issues related to initialization, lack of state update or frontrunning. In this part, we would like to talk a bit about function and storage conflicts and also about decentralization. Proxy function clashing This vulnerability is unlikely to be found unless

Open Article »

Automated auditing part 2 – usage of AI for Smart Contracts testing

Introduction Creating a project or solution from scratch is a difficult and time-consuming process. A business concept must first be developed, then it must be translated into a high-level solution architecture, and finally the software development stage takes place. Because we will be focusing on hypothetical smart contracts in this

Open Article »

Common proxy vulnerabilities in Solidity part 1

Proxies are used to implement upgradeability in Solidity smart contracts. They serve as a middleman between a contract and its users. They are employed to change a contract’s logic without altering its address. A master copy contract and a proxy contract that refers to the master copy are how proxies

Open Article »