I'm a full-stack Web3 developer who takes security seriously. I offer professional security reviews for DeFi protocols and smart contracts, at prices that won't drain your runway.
Traditional smart contract audits cost $50,000–$500,000 and take weeks to schedule. Most early-stage projects either:
You shouldn't have to choose between security and shipping.
I got serious about security after a bug I missed cost a client nearly $10,000.
It was a webhook replay attack. Attackers discovered they could replay payment notifications multiple times before my system could check for duplicates. A single real deposit credited the wallet 2, 3, sometimes 6 times. Classic race condition, and I didn't catch it until money was gone.
That failure changed how I approach code. I stopped trusting "it looks fine" and started building systems to catch what human eyes miss. I developed a structured methodology using Claude AI to perform comprehensive, systematic reviews.
When I later audited my own smart contracts using this methodology, I found a critical vulnerability: signatures that could be replayed across chains. The exact same class of bug, replay attacks, at the smart contract level.
Now I make sure other builders don't learn this lesson the expensive way.
I combine systematic AI-assisted analysis with hands-on expert review to deliver thorough audits at startup-friendly prices.
The simple version: I use Claude AI to systematically analyze every line of your code against known vulnerability patterns, reentrancy, access control issues, signature flaws, and more. AI doesn't get tired on line 400. It doesn't skip the "boring" parts. It checks everything.
But AI alone isn't enough. It generates findings, some real, some noise. My job is to review every finding, filter out false positives, analyze your specific business logic, and catch the contextual issues that tools miss.
Think of it this way: AI handles breadth (checking everything systematically). I handle depth (understanding what matters for your project).
I've architected production DeFi systems, deposit flows, signature-based withdrawals, batch operations. I know where bugs hide.
7-dimension security framework covering access control, reentrancy, signatures, upgrades, business logic, and more.
Found 1 critical, 3 high, and 4 medium-severity bugs in my own project, before launch, not after a hack.
I use AI (Claude) as part of my process. I'll never pretend otherwise. You deserve to know exactly how your audit is conducted.
Every audit covers these security dimensions:
| Dimension | What I Check |
|---|---|
| Access Control | Who can call what, role assignments, privilege escalation |
| Reentrancy | State changes, external calls, cross-function vulnerabilities |
| Signature Verification | Replay attacks, malleability, domain separation |
| Upgrade Safety | Storage gaps, initializer protection, proxy patterns |
| Token Handling | Fee-on-transfer, rebasing tokens, approval patterns |
| Business Logic | Fund flows match intent, edge cases, economic assumptions |
| External Dependencies | OpenZeppelin usage, supply chain, version pinning |
Best for: Pre-launch sanity checks, hackathon projects, simple contracts
Best for: Typical DeFi projects, token launches, projects preparing for mainnet
Best for: Complex protocols, significant TVL, projects needing ongoing support
Here's a real critical vulnerability I found when auditing a DeFi deposit/withdrawal system:
The withdrawal signature did not include chainId in the signed message. An attacker who obtained a valid signature on BSC could replay it on any other EVM chain where the contract was deployed, potentially draining funds.
Vulnerable:
bytes32 hash = keccak256(abi.encodePacked(to, amount, nonce));
Fixed:
bytes32 hash = keccak256(abi.encodePacked(block.chainid, to, amount, nonce));
Impact: Complete fund drainage on secondary deployments.
15–30 min to understand your project, scope the audit, answer questions
Clear scope, timeline, pricing, no surprises
50% upfront to begin, 50% on delivery
Systematic review using my 7-dimension framework
Complete deliverables within agreed timeline
Available to discuss findings and clarify fixes
Fair question. You're paying for: (1) The methodology, systematic, targeted analysis that "find bugs in this code" doesn't achieve. (2) The interpretation, AI generates findings, many are noise. Knowing which ones matter is the human expertise. (3) The accountability, AI doesn't stand behind its work. I do.
No, it's more thorough. AI helps me systematically check every line without fatigue. I then apply human judgment to interpret results, check business logic, and identify issues that tools miss.
No auditor can guarantee that. What I guarantee is a systematic, thorough review using proven methodology. Smart contract security is an ongoing practice, not a one-time checkbox.
I'll flag it immediately (before the final report) so you can start fixing it. For Comprehensive tier, I'll re-review your fixes.
Yes, I'm based in Lagos, Nigeria. I understand tighter budgets and the need for speed. We can discuss Naira pricing if easier.
Not sure if you need an audit? Let's talk. I'm happy to look at your project and give you an honest assessment, even if the answer is "you're fine for now."
I usually respond within 24 hours.
This security review is provided "as-is" and does not guarantee the absence of vulnerabilities. This review uses AI-assisted analysis tools combined with manual expert review. The auditor assumes no liability for any financial losses resulting from the use of audited contracts.