{"id":28448492,"url":"https://github.com/tradmod/security-audits","last_synced_at":"2025-07-01T02:31:48.287Z","repository":{"id":293208673,"uuid":"983307021","full_name":"TradMod/Security-Audits","owner":"TradMod","description":"TradMod's Security Reviews Portfolio, Audits and Bug Report Findings","archived":false,"fork":false,"pushed_at":"2025-06-16T19:44:24.000Z","size":52,"stargazers_count":5,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-06-16T20:40:45.760Z","etag":null,"topics":["audits","blockchainsecurity","bugbounty","cybersecurity","securityresearch"],"latest_commit_sha":null,"homepage":"","language":null,"has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TradMod.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":"Audits/0xEquityAuditReport.md","citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-05-14T07:30:24.000Z","updated_at":"2025-06-16T19:44:27.000Z","dependencies_parsed_at":"2025-06-22T16:31:10.670Z","dependency_job_id":null,"html_url":"https://github.com/TradMod/Security-Audits","commit_stats":null,"previous_names":["tradmod/security-audits"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/TradMod/Security-Audits","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TradMod%2FSecurity-Audits","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TradMod%2FSecurity-Audits/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TradMod%2FSecurity-Audits/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TradMod%2FSecurity-Audits/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TradMod","download_url":"https://codeload.github.com/TradMod/Security-Audits/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TradMod%2FSecurity-Audits/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":262883649,"owners_count":23379235,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["audits","blockchainsecurity","bugbounty","cybersecurity","securityresearch"],"created_at":"2025-06-06T13:09:00.129Z","updated_at":"2025-07-01T02:31:48.279Z","avatar_url":"https://github.com/TradMod.png","language":null,"readme":"# TradMod Audit Portfolio\nI’m an independent security researcher with a focus on smart contracts security, specializing in logic-heavy protocols, cross-chain systems, bridges infrastructure, staking and restaking mechanisms, governance and DAO protocols, Vaults, AMM \u0026 CLOB DEXs, etc. I’ve reported 55+ high and medium severity vulnerabilities across Solidity, Golang, and Rust-variant Cairo audis, and uncovered bugs in live protocols via Immunefi. My experience spans both solo and team audits, underpinned by a strong foundation in smart contracts development. Prior to focusing on security, I led a development team to victory in two major hackathons, Chainlink and ETHGlobal. In a nutshell, I do Jihad against Code ⚔\n\n\u003e I am available for private smart contract security audits, testing, and collaborative team audits.\nFeel free to reach out via [Twitter/X](https://x.com/TheTradMod), [Telegram](https://t.me/tradmodsec), or email at [TradMod@proton.me](mailto:TradMod@proton.me).\n\n## Security Engagements \n### Team \u0026 Collaborative Audits\n| Project | Protocol Type | Company | Language | Report |\n|:-|:-|:-|:-|:-:|\n| RemusDex | DEX \u0026 CLOB | [Codespect](https://codespect.net/) | Cairo | [Link](https://github.com/CODESPECT-security/audit-reports/blob/main/004_CODESPECT_REMUSDEX_AUDIT.pdf) |\n| Toucan Aragon/LightLink | Cross-Chain Governance \u0026 LayerZero OFTs | [BlockApex](https://blockapex.io/) | Solidity | [Link](https://reports.blockapex.io/report?id=PEN-DOC-202506020916) |\n| TokenTable | Tokens Vesting \u0026 Distribution | [Codespect](https://codespect.net/) | Solidity | [Link](https://github.com/CODESPECT-security/audit-reports/blob/main/013_CODESPECT_TOKENTABLE_UNLOCKERV2_EVM.pdf) |\n| Mystic Finance | Liquid Staking \u0026 RWAfi | [KannAudits](https://kannaudits.com/) | Solidity | [Link](https://github.com/Kann-Audits/Kann-Audits/blob/main/reports/pdf-format/Mystic%20Finance.pdf) |\n| Verde MetaPool | Stablecoin, CDP Vault \u0026 Staking | [BlockApex](https://blockapex.io/) | Solidity | Private |\n\n### Solo Audits \u0026 Engagements\n| Project | Protocol | Type | Report |\n|:-|:-|:-|:-:|\n| 0xEquity | RWAs Marketplace | Audit | [Link](https://github.com/TradMod/Security-Audits/blob/main/Audits/0xEquityAuditReport.md) |\n| IDriss | Tokens Tipping/Payments | Audit | [Link](https://github.com/TradMod/Security-Audits/blob/main/Audits/IDrissAuditFindings.md) |\n| Possum Labs | DEX Adapter | Testing | [Link](https://github.com/TradMod/Security-Audits/blob/main/Testing/PossumLabsTestingReport.md) |\n\n## Bug Bounty Findings\n| Project | Bug Description | Protocol Type | Severity | Details |\n|:-|:-|:-|:-|:-:|\n| WardenSwap | Dangerous Payable Function | AMM DEX  | LOW | [Bug Report](https://github.com/TradMod/Security-Audits/blob/main/Bug%20Bounty/WardenSwapBugReport.md) |\n| Hourglass | Attacker can Overwrite User Order Data | CLOB DEX | CRITICAL | [Bug Report](https://github.com/TradMod/Security-Audits/blob/main/Bug%20Bounty/HourglassBugReport.md) |\n\n## Notable Audit Contests Achievements\n| Project | Protocol Type | Platform | Language | Result | Links |\n|:-|:-|:-|:-|:-|:-:|\n| Thorchain | Cross-chain | Code4rena | Solidity \u0026 Golang | Top-7 with a High and 2 Meds | [Bug](https://github.com/code-423n4/2024-06-thorchain-findings/issues/17) | \n| Catalyst | Cross-chain | Hats Finance | Solidity | Top-5 with a Uniquie Finding | [Bug](https://github.com/hats-finance/Catalyst-Exchange-0x3026c1ea29bf1280f99b41934b2cb65d053c9db4/issues/11) | \n| Unitas | Stablecoins | Sherlock | Solidity | Top-7 with a High Impact Finding | [Bug](https://github.com/sherlock-audit/2023-04-unitasprotocol-judging/issues/105) | \n| Party | Governance | Code4rena | Solidity | Critical Impact Finding | [Bug](https://github.com/code-423n4/2023-10-party-findings/issues/370) | \n| Chakra | Cross-chain | Code4rena | Cairo \u0026 Solidity | 3 High impact Findings and a Medium | [Bug](https://github.com/code-423n4/2024-08-chakra-findings/issues/84) | \n\n## Security Research \n- [Awesome-Audits-Checklists](https://github.com/TradMod/awesome-audits-checklists)\n- [AcrossV3 Secure Integration Guide](https://x.com/TheTradMod/status/1929886889940595143?t=29Ml30pWfJiemwt-Tf_r1w\u0026s=19) [\u0026](https://github.com/windhustler/Interoperability-Protocol-Security-Checklist/blob/main/audit-checklists/Across.md) [Research](https://gist.github.com/TradMod/e3947b23969b8eff56c6d3c92dbbd63a)\n- [Saving a User from a Nasty MEV Bot Scam](https://x.com/TheTradMod/status/1925686910594249177) \n- [Findings and Report Critical bug for free: Open-Source Contribution](https://x.com/TheTradMod/status/1743257299530203314)","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftradmod%2Fsecurity-audits","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftradmod%2Fsecurity-audits","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftradmod%2Fsecurity-audits/lists"}