Skip to content

danySSG/security-research

Repository files navigation

security-research

Independent smart-contract security research — execution-verified.

I audit DeFi protocols (EVM / Solidity) with one rule: no finding ships without a fork-PoC against the deployed bytecode. Plausible-and-graded ≠ verified. Most "criticals" die between the model and the fork — this repo publishes both the confirmations and the refutations, because the refutations are what make the confirmations trustworthy.

  • Handle: danySSG (same handle across Sherlock and here — one track record).
  • Focus: stablecoin / CDP, ERC4626 vaults & yield, lending, LST / LRT, AMM / DEX, perps, HyperEVM.
  • Method: deployed-source (Sourcify / Blockscout exact-match) + Foundry fork-PoC on real mainnet state — never a mock that begs the question, never a model of a third-party protocol's internals I haven't run.

Featured write-up

Two worked examples of the discipline killing my own findings — including a textbook Twyne (Aave V3 integration) "rounding-freeze → unfair-liquidation" High that a fork-PoC refuted: the live Aave aTokens round up, so the one-wei undershoot the finding depended on never happens. The runnable proof is in poc/twyne-aave-rounding-refutation — 200 real rebalances against the deployed wrapper + Aave pool, 0 undershoots.

Repo map

Path What
writeups/ Research write-ups.
poc/ Runnable Foundry proof-of-concepts (mainnet fork tests).
tools/ Reusable security-testing tooling — incl. a HyperCore Foundry mock for unit-testing HyperEVM contracts.

License

MIT. PoCs are for defensive research and responsible disclosure only.

About

Independent smart-contract security research — execution-verified (fork-PoC discipline).

Resources

License

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors