Request an Audit

If you're building a blockchain, a cross-chain, or smart contract protocol and need it reviewed by someone who actually finds critical bugs — you're in the right place.

I specialize in end-to-end security audits: from off-chain infrastructure and node software all the way down to your on-chain contracts. Most auditors stop at Solidity. I don't.

What I Audit

Blockchain Infrastructure & Nodes Cosmos SDK app chains, L1 nodes, L2 nodes and sequencers (EVM and non-EVM). I've reviewed Go and Rust node implementations for Cosmos, Aptos, MegaETH, IOTA, and others.

Smart Contracts EVM (Solidity/Yul), Solana (Rust/Anchor), CosmWasm (Rust), and Move (Aptos). DeFi protocols, AMMs, DEXs, lending markets, liquid staking, yield aggregators, cross-chain bridges, stablecoin systems, vesting and staking contracts, NFT AMMs, and more.

Cross-Chain Protocols Bridges, messaging layers, oracles, and multi-chain governance systems spanning EVM, Solana, TON, Bitcoin, and Cosmos ecosystems.

End-to-End Reviews The most valuable audits I do cover the full stack — observer/relayer services, off-chain automation, and on-chain contracts reviewed together. Cross-layer bugs are the most commonly missed and the most dangerous.

Track Record

7 Solo High-severity findings
45 High-severity findings total
6× First place in competitive audit contests
18× Total payouts across public contests
32× Private audits - many multi-week audits
~40,000 to ~100,000 sLOC audits - comfortable with large and complex codebases

Notable contest wins

Protocol	Ecosystem	Payout	Rank
ZetaChain Cross-Chain	Go, Rust, Solidity, Move, FunC	$93,611	#1
SEDA Protocol	Go, Rust (Cosmos SDK)	$47,011	#1
WOOFi Swap on Solana	Rust	$21,503	#1
Orderly Solana Vault	Rust	$20,967	#1
Andromeda Staking & Vesting	Rust (CosmWasm)	$9,200	#1
Kwenta Staking Rewards	Solidity	$6,500	#1

Selected solo and private audits

ODTE (Solana Prediction Market) — 3 Critical, 2H, 2M: decimal precision mismatch enabling vault drainage, unbounded price manipulation, round duration gaming
Optimism (EVM L2) — 1H: reentrancy enabling double withdrawal via CrossDomainMessenger
Reserve Protocol (Full Codebase) — 2H, ~4M: misconfigured price feed pricing wBTC at ~$1; missed reward tokens in Curve Gauge
Vaultcraft Pendle Vault — 3H, 5M: slippage issues, incorrect conversions, denomination mismatches
Dinero apxETH — 1H (solo): share↔asset conversion discrepancy leading to insolvency

Private audit clients include Sherlock, Spearbit, Trust Security, and Blackthorn.

View the full portfolio → github.com/gjaldon/web3_security_portfolio

How It Works

Submit your request using the form below
Scoping call — I'll review the repo and we'll agree on scope, timeline, and pricing
Audit — I work through the codebase systematically, focusing on logic errors, economic exploits, and cross-layer attack vectors
Report delivery — You receive a detailed report with severity ratings, PoCs where applicable, and remediation guidance
Mitigation review — Optional follow-up to verify fixes are sound

Submit Your Request

Your Name

Email Address

Telegram Handle Preferred for quick back-and-forth during scoping

Project Repository GitHub, GitLab, or other URL — private repos are fine

Files In Scope List the specific files or directories you want audited

Features In Scope Describe the functionality you want reviewed — e.g. deposit/withdraw flows, liquidation logic, cross-chain messaging

Total nSLOC (optional) Normalized source lines of code — helps with scoping and pricing

Anything else (optional) Timeline requirements, known areas of concern, prior audits, etc.

✅ Request received — I'll be in touch within 1–2 business days.