Sunny.
Audits

Smart Contract Security Audits

Private smart contract security audits across DeFi, cross-chain, escrow, vault, and settlement contracts. Line-by-line Solidity review plus runnable proof-of-concept tests and clear severity-graded reports.

Request an audit quote

What I audit

  • DeFi protocols (lending, vaults, DEX, derivatives)
  • Cross-chain intent settlement flows
  • Escrow and custody contracts
  • Bridge-backed and upgradeable contracts
  • zk-rollup L1 settlement logic

Methodology

  1. 1
    Intake
    Engagement scope, threat model, system map, prior audit history, and commit hash freeze.
  2. 2
    Architecture review
    Trust boundaries, roles, asset flows, invariants, upgrade paths.
  3. 3
    Manual review
    Line-by-line walkthrough — access control, signature/replay, accounting, upgrade risks, fund-stranding edge cases.
  4. 4
    Static analysis
    Slither, Aderyn, Semgrep — triage and false-positive filtering.
  5. 5
    Proof-of-concept exploits
    Foundry tests + fuzz + invariant suites that prove real exploit paths.
  6. 6
    Reporting
    Severity, impact, affected code, attack path, recommended fix, references.
  7. 7
    Re-audit
    Verify fixes, regression-test, confirm no new vectors introduced.

Tooling

FoundrySlitherAderynHalmosSemgrepFuzz testingInvariant testingFork testing

Notable engagements

Data Availability / Cross-chain
Avail

Settlement and escrow contracts within the Avail ecosystem (avail-escrow, ca-sc, Turbo-DA, Night Shade).

DeFi Vault
Nightshade Vault

Upgradeable vault contract review.

Credit / Lending
Arcana Credit

Lending and credit protocol contracts.

Confidential
Multiple private engagements

Available on request under NDA.

Have a protocol that needs eyes on it?

Send a short note with scope, commit hash, and timeline.

Request an audit quote