Protocols · vaults · bridges
Smart contract systems
EVM, Move, Solana, CosmWasm, and Cairo systems with complex asset and state transitions.
Taichi is a competition-tested research group auditing smart contracts, ZK systems, exchanges, wallets, and the integration boundaries where critical bugs tend to hide.
Invariant map
70+
Competitive audits
14
First places
170+
H/M findings
Selected first-place results
The highest-impact failures often live between components: a callback that breaks accounting, a proof assumption that is not enforced on-chain, or an API boundary that changes who can sign. That is where our reviews begin.
Discuss your attack surfaceProtocols · vaults · bridges
EVM, Move, Solana, CosmWasm, and Cairo systems with complex asset and state transitions.
Proofs · verifiers · circuits
Verifier wiring, proof-dependent state transitions, circuit assumptions, and trusted boundaries.
Wallets · exchanges · APIs
Exchange backends, wallets, APIs, signing flows, and off-chain systems touching user assets.
Accounting · callbacks · oracles
Adapters, callbacks, wrappers, share accounting, cross-protocol assumptions, and liquidity edges.
Tools widen coverage. Researchers decide what matters. Every engagement turns a protocol model into explicit paths to challenge.
Map assets, actors, trust boundaries, user flows, and the invariants the protocol must preserve.
Follow accounting changes, callbacks, liquidation branches, oracle reads, CPI boundaries, and admin operations.
Two or more researchers attack the design from separate subsystems and vulnerability classes.
Re-review patched code against root causes and adjacent edge cases. Fix review is included by default.

05-part internals series
A source-level journey through Morpho Blue, IRMs, oracles, MetaMorpho, and the assumptions integrators inherit.
Read the work
04-part security series
Account creation, Anchor initialization, stale CPI state, and Token2022 semantics.
Read the work
Incident analysis
The Solv callback path reconstructed from source to exploit.
Read the work
Cryptography
The group theory and implementation mistakes behind key-recovery attacks.
Read the workSecurity marketing is easy to write. Public placements, reproducible research, and findings that survive judging are harder to fake.
70+
Competitive audits
14
First places
24
Top 3 finishes
170+
H/M findings
Contest record
0114 first-place results across high-complexity protocol reviews.
Adversarial practice
02Ongoing CTF work keeps exploit construction—not just issue classification—in the review loop.
Published reasoning
03Source walkthroughs and incident analyses expose the depth and clarity of our reasoning.
Every audit includes two or more researchers and a focused fix review by default.
No add-on feePublic portfolio data · verified Jul 2026
Share the repository scope, target chain, key integrations, and launch window. We typically reply with availability and next steps within 24–48 hours.
Open audit requestDirect channels
Critical disclosure involving a protocol we reviewed? Use Telegram or email for the fastest response.