Smart contract security between audits.
Fixed-scope security engineering for Web3 teams preparing for an audit, shipping after one, or trying to keep production changes from drifting beyond reviewed assumptions.
Recent DeFi exploits like Balancer V2, Yearn, Cork, and Abracadabra all happened in audited code. The gap is what ships afterward: PRs that re-open assumptions, integrations that drift, monitoring nobody triages, invariants that live only in someone’s head. This is the work that lives there.
Protocol Threat Model & Audit Readiness Sprint
Go into your audit with the obvious gaps already handled. I review the protocol design, trust assumptions, privileged roles, integrations, tests, and static-analysis output so your formal audit starts from a cleaner baseline.
- Threat model one-pager
- Trust-boundary and integration map
- Privilege, signer, and upgradeability matrix
- Slither / Aderyn / static-analysis triage (AI-accelerated, human-validated)
- 10–20 prioritized invariants (AI-assisted brainstorming, human-validated)
- Test-suite and documentation gap report
- Audit-readiness memo
- 60-minute readout call
Audit Drift & PR Risk Guard
Your audit covered a snapshot. Your repo kept moving. I map reviewed assumptions to current code and install a lightweight PR-risk workflow so security-sensitive changes are caught before they merge.
- Prior audit assumptions mapped to current HEAD (AI-accelerated diff analysis)
- PR-risk rubric for high-risk protocol changes
- Security-sensitive PR template wired into GitHub
- Release checklist for risky upgrades
- Guardrails for privileged roles, oracle changes, external calls, integrations, and upgrade paths
- Two sample high-risk PR reviews
- Engineering handoff session
Invariant & Fuzzing Sprint
Turn protocol assumptions into executable tests that run on every commit. For one critical subsystem — vault math, lending, liquidation, oracles, staking, governance, or bridge messaging.
- Scoped subsystem threat model
- 15–40 documented invariants (AI-assisted brainstorming, harness-confirmed)
- Foundry invariant harness
- Optional Echidna or Medusa harness where stateful properties demand it
- Regression tests for discovered edge cases
- CI workflow (GitHub Actions)
- Mutation testing where useful to validate suite coverage
- Walkthrough video and handoff
- Two-week tuning window
Monitoring & Incident Readiness Setup
Buying Hypernative, Forta, or Defender doesn't tell you what to alert on, who responds, or when to pause. This sprint translates "we bought a tool" into actual production controls.
- Monitoring threat model
- Alert taxonomy and severity rules
- Detection-rule design for one platform (Hypernative, Forta, Tenderly, or OZ Defender)
- Routing to Slack / PagerDuty / Telegram
- Pause vs. no-pause decision tree
- Emergency contact and escalation path
- Written incident-response runbook including SEAL 911 escalation
- 90-minute tabletop exercise
- 30-day alert tuning window
Continuous Security Partner
Most exploits ship in PRs that landed after the audit. For teams that need ongoing coverage — high-risk PR review, drift checks, invariant maintenance, alert triage — this is the embedded engineering layer that closes that gap. Available after a completed sprint, or for teams I’ve already worked with.
Starter tier
- Up to 10 high-risk PR reviews per month, 1 business day target
- 5 advisory hours per month
- Monthly security summary
- Release checklist review
- Lightweight audit-drift review
3-month minimum · 60-day exit clause
Pro tier
- Up to 25 high-risk PR reviews per month, 4-hour target for high-priority (AI-accelerated triage, human-validated findings)
- 10 advisory hours per month
- Monthly audit-drift review
- Quarterly invariant-suite maintenance
- Monitoring-rule review
- One tabletop or incident-readiness exercise per quarter
3-month minimum · 60-day exit clause
Advanced engagements
For teams with mature specs, novel math, unusual architecture, or full pre-launch reviews.
- Critical Module Assurance — Scoped formal verification (Halmos / Certora) and mutation testing campaigns for AMM curves, interest-rate models, oracles, bonding curves, and bridge math. From $20,000.
- Full smart-contract audits — Solo audits for protocols that need senior review without the price point or lead time of Cantina, Spearbit, or Trail of Bits. $9,000/week, typical scope 2–4 weeks. For multi-month or multi-engineer scope, I'll refer to a firm.
- AI-Assisted Security Workflow Setup — Repo-aware Claude Code or Codex skills, audit-drift detection, PR-time scanning, MCP integration, and team training. From $9,000.
- LLM / Agent Security Review — For teams shipping AI wallets, trading agents, protocol copilots, or coding agents with repo permissions. From $7,500.
Common questions
Ready to talk?
Book a 30-minute scoping call. No commitment, no sales pitch — just a conversation about where security risk lives in your protocol today and which sprint would actually move the needle.