request a security review at spearbit.com
In order to request a security review, please fill out our short request form.
For a brief overview of what Spearbit is and what we have to offer click here or reach out to us via Twitter.
If you have any urgent needs or would prefer a direct contact, please reach out to our COO - miike@spearbit.com
Spearbit is a decentralized network of expert security engineers offering reviews and other security related services to Web3 projects with the goal of creating a stronger ecosystem. Our network has experience on every part of the blockchain technology stack, including but not limited to protocol design, smart contracts and the Solidity compiler. Spearbit brings in untapped security talent by enabling expert freelance auditors seeking flexibility to work on interesting projects together.
- Content Overview
- Spearbit Tips
- Report and Findings Breakdowns
- Researcher Spotlights
- Seminars and Breakdowns
- Core Team
This section contains all externally available educational material from Spearbit. The goal of publicizing and creating content like this is to provide security researchers with material beyond the current saturated baseline of beginner security material.
We believe in elevating the standard for security research, thus our content will reflect the same.
Spearbit Tips is a weekly initiative to introduce alpha for security researchers and developers in order to support knowledge sharing across the web3 security ecosystem and continue raising the bar in our industry.
# | Title | Written Breakdown |
---|---|---|
1 | Reviewing Optimized Yul | Write-up |
2 | Proper Code Specification | Write-up |
3 | Clearly Defined Natspec | Write-up |
4 | Verification Patterns | Write-up |
These breakdowns are concise and guided write-ups of findings from some of Spearbit’s top researchers. Study them intently in order to extract the process and perspective of some of the best researchers in the game.
Title | Risk | Protocol(s) | Written Breakdown | Full Report Link |
---|---|---|---|---|
Aave v3 Dependency | Critical | Morpho Labs and Aave | Breakdown | Full Report |
Balancer Dependency | Critical | Aera Finance and Balancer | Breakdown | Full Report |
“Clones-with-immutable-args” and improper Bytes Validation | Critical | Sudoswap | Breakdown | Full Report |
These spotlights serve to highlight the gems of the web3 security company working over at Spearbit. We have titans of the blockchains security community on our team that have a treasure trove of information to gain from studying their respective journeys.
Name | Spotlight |
---|---|
@cmichelio | Breakdown |
@NoahMarconi | Breakdown |
@0xLeastwood | Breakdown |
@0xRajeev | Breakdown |