My portfolio

Audit contests

• 1st place – Certora Gho Token formal verification

• 2nd place – Code4rena Paladin

• 1st place – Code4rena Badger Citadel

• 2nd place – Code4rena Amun

Private audits

• member of Certora's team (auditor + formal verification help) in:

  • the Uniswap v4 audit – June 2024 (Final report pending)

  • the Zeebu audit – July 2024 (Final report pending)

Bug Bounties

• DoT Oracle - $35k

• Livepeer - $15k

• Buttonwood - $14.5k

• Vulnerability found in Livepeer was within Openzellelin signature validation, turned out to be also an OpenZepplin contracts vulnerability, reported a few months later by another whitehat. It is one of the very few High Severity vulnerabilities ever discovered in OpenZeppelin contracts.

• OpenZeppelin vulnerability which allowed for a bypass of an ERC20 total supply cap in ERC20Capped. It could happen if the _beforeTokenTransfer hook was reentrant. OpenZeppelin considered this out of scope for their bug bounty, despite _beforeTokenTransfer is considered a black box.

• Balancer's bug in BaseSplitCodeFactory potentially causing code corruption of newly created contracts.

Other

• I'm a laureate of 3 Polish Olympiads: in Mathematics, Informatics and Physics!

• I was the Head of Judging at Sherlock in Nov 2023 - Apr 2024.

• Got 3 out of a total of 5 prizes in the Certora's Borda specification challange.