Smart Contract Auditor Portfolio
Dacian is a prolific smart contract security researcher & auditor at cyfrin.io whose published Deep Dive security research is routinely shared on Twitter & in high-profile blockchain security newsletters such as BlockThreat [1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11] & Week In Ethereum News [1, 2]. Some of Dacian's most notable security research publications include:
Dacian has earned a $28,000 USD bug bounty for discovering a vulnerability in a live smart contract that combined missing access control & unchecked state transition vulnerabilities to permanently brick the contract admin, future token inflation & staking rewards.
Dacian can identify a wide range of smart contract vulnerabilities; some of Dacian's publicly available findings include:
Polygon chain reorgs will change mystery box tiers which can be gamed by validators
Attacker can at anytime dramatically lower
ERC721Power::totalPower
voting power close to 0Attacker can bypass token sale
maxAllocationPerUser
restriction to buy out the entire tierDelegators incorrectly receive less rewards for longer proposals with multiple delegations
Attacker can mint free tokens by exploiting rounding down to zero precision loss
Lender can take borrower's collateral before first payment is due
Dacian can be contacted via DM's.