We provide top-class security services.
We use the specialist knowledge acquired over the years to secure our clients’ assets and technology.
Smart contracts, blockchain, wallets and related
Web applications, external security assessments, OSINT, infrastructure
Cloud, SDLC, infrastructure configuration review
We are very pleased to be able to publicly share our cooperation with companies that have entrusted their security to us.
Here are some of them:
What we do
We are ready to
your product or service.
Regardless of whether you are a startup or a mature organization, we are ready to thoroughly analyze smart contracts, applications or infrastructure, and help improve it from the perspective of security, financial (DeFi) and architectural vectors.
Since 2021 we are helping our clients to stay one step ahead of hackers. Technologies we've worked with:
The main branches of our specialization
Created by security researchers.
Each project is carried out by a team with many years of experience in offensive security, as well as extensive knowledge of DeFi and cryptography aspects.
CEO & Co-founder
- BCS in Computer Science – Security of IT Systems,
- Security Researcher and Penetration Tester since 2016,
- Holder of OSCE, OSCP and Lead ISO27001 certificates,
- Specializing in Rust language and Chains & Smart Contracts based on it,
- Extensive experience in CosmWasm, Substrate, ink!, Ethereum and Scrypto,
- Audited more than 40 DeFi projects.
CTO & Co-founder
- Conducting Penetration Tests and Red Teaming assessments since 2015,
- Holds 15+ CVEs in Web Applications,
- Author of popular cybersecurity trainings: eJPT, eWPTXv2, and the most challenging eCXD,
- Smart Contract Auditor, specialized in EVM, with experience in CosmWasm and MOVE,
- Holder of OSCE, OSCP, eWPT and eWPTX certificates.
- Responsible for translating engineering ideas into human language,
- Manages the creation of marketing stuff and online content, keeping a consistent brand look,
- Takes care about client relationship.
What characterizes us?
Your securityis our priority.
As a specialized company, we have extensive experience in the industry.
Article, News & Post
Recent Blog & Post
We want to work to increase knowledge and awareness in the field of web3 security. We regularly publish articles describing niche topics, issues and solutions.
The reentrancy vulnerability is one of most serious ones that can be found in solidity smart contracts. Apart from the “classic” reentrancy like the one from the infamous DAO hack, there are other types of this vulnerability. In this article, we describe them along with some popular strategies on how
In real world you can sign documents using your personal signature, which is assumed to be unique and proves that you support, acknowledge or commit something. The same can be done on ethereum blockchain and in solidity smart contracts – but using cryptography. In this article, we will briefly explain
In the previous part, we explained some of typical proxy issues related to initialization, lack of state update or frontrunning. In this part, we would like to talk a bit about function and storage conflicts and also about decentralization. Proxy function clashing This vulnerability is unlikely to be found unless
Introduction Creating a project or solution from scratch is a difficult and time-consuming process. A business concept must first be developed, then it must be translated into a high-level solution architecture, and finally the software development stage takes place. Because we will be focusing on hypothetical smart contracts in this
Proxies are used to implement upgradeability in Solidity smart contracts. They serve as a middleman between a contract and its users. They are employed to change a contract’s logic without altering its address. A master copy contract and a proxy contract that refers to the master copy are how proxies
What is Echidna? In this part, we will cover the very basics of Echidna usage. Echidna is an animal, but it is also the name of a Solidity fuzzer. This tool is really worth mastering since a skilled user can be able to test a smart contract with it in