Kalogerone

29 days ago

As promised. Today, we have a big announcement We're launching registration for SpecSiege. It's our double-check format for audits. First, an internal private audit went through the code with a full manual review. Then the community review follows. 10 days of open review on a fairly large codebase, we know, but the chance to work on an ERC-6909 European bond platform, an institutional project, doesn't come around every day. - €15K total pot (€13K community pool, €2K fixed for the lead researcher). - If only Lows are discovered, €5K is distributed instead. Simply find bugs after us and get rewarded. We value your participation. We're not here just to squeeze you. Link below ⬇️

CODESPECT's tweet photo. As promised. Today, we have a big announcement

We're launching registration for SpecSiege.

It's our double-check format for audits. First, an internal private audit went through the code with a full manual review. Then the community review follows. 10 days of open review on a fairly large codebase, we know, but the chance to work on an ERC-6909 European bond platform, an institutional project, doesn't come around every day.
- €15K total pot (€13K community pool, €2K fixed for the lead researcher).
- If only Lows are discovered, €5K is distributed instead.

Simply find bugs after us and get rewarded. We value your participation. We're not here just to squeeze you.

Link below ⬇️

5

69

16

20

5K

kalogerone retweeted

about 2 months ago

CODESPECT is proud to support @Solbuildersclub. We've agreed to provide special perks for community members. If you're part of SBC, you can reach out to us for discounted security services, security guidance, and a free initial consultation on the security behind your project. Supporting builder communities is core to what we do. @solana is a great example of how strong communities ship great products. Members can DM us or reach out through the club to get started.

CODESPECT's tweet photo. CODESPECT is proud to support @Solbuildersclub.

We've agreed to provide special perks for community members. If you're part of SBC, you can reach out to us for discounted security services, security guidance, and a free initial consultation on the security behind your project.

Supporting builder communities is core to what we do. @solana is a great example of how strong communities ship great products.

Members can DM us or reach out through the club to get started.

2

8

6

0

538

kalogerone retweeted

3 months ago

Audit completed ✅ CODESPECT has finalised a security review for @realmsdaos. The assessed plugin extends SPL Governance, enabling DAO members interactions based on NFT ownership, including weighted voting. The NFT plug-in codebase was strong, with only low-severity findings identified during this engagement. We wish Realms a smooth and successful launch. Full report below 👇

CODESPECT's tweet photo. Audit completed ✅

CODESPECT has finalised a security review for @realmsdaos.

The assessed plugin extends SPL Governance, enabling DAO members interactions based on NFT ownership, including weighted voting.

The NFT plug-in codebase was strong, with only low-severity findings identified during this engagement.

We wish Realms a smooth and successful launch.

Full report below 👇

3

13

4

3

1K

3 months ago

Such a fun audit! @talfao1 is sharing some insight how a simple bug went unnoticed by many top auditors that participated.

3 months ago

Lesson from the @yieldbasis @sherlockdefi contest. A stale balance accounting bug slipped through multiple audits due to scope isolation. The issue ultimately secured 4th place for @talfao1 and @kalogerone. Full breakdown: https://t.co/urYr6ZgABK

CODESPECT's tweet photo. Lesson from the @yieldbasis @sherlockdefi contest.

A stale balance accounting bug slipped through multiple audits due to scope isolation.

The issue ultimately secured 4th place for @talfao1 and @kalogerone.

Full breakdown:
https://t.co/urYr6ZgABK https://t.co/Y74rdTBzY6

1

16

1

6

976

0

3

1

0

158

kalogerone retweeted

4 months ago

🚨 CODESPECT is launching AI Red Teaming AI agents manage funds, execute transactions and store sensitive data. But is your agent actually secure? 🤔 We test for • Prompt injection • Tool abuse • Data exfiltration • Privilege escalation • Agent manipulation Using frameworks from OWASP, MITRE and Google SAIF. 🎯Whoever reaches out for this service within the next two months receives a discounted rate. Learn more https://t.co/uTCxExTRJO Or reach our founder directly https://t.co/GkIBMCgpZz 🔒

CODESPECT's tweet photo. 🚨 CODESPECT is launching AI Red Teaming

AI agents manage funds, execute transactions and store sensitive data.

But is your agent actually secure? 🤔

We test for
• Prompt injection
• Tool abuse
• Data exfiltration
• Privilege escalation
• Agent manipulation

Using frameworks from OWASP, MITRE and Google SAIF.
🎯Whoever reaches out for this service within the next two months receives a discounted rate.

Learn more https://t.co/uTCxExTRJO
Or reach our founder directly https://t.co/GkIBMCgpZz 🔒

4

27

4

1

1K

kalogerone retweeted

Talfao

@talfao1

8 months ago

Back in early September, we dived deep with @kalogerone into the @yieldbasis contest on @sherlockdefi and placed 4th under the talfao account. I love Python, so the Vyper code was easy for me to read. Huge thanks, @kalogerone, for the amazing team contest experience! 🚀

talfao1's tweet photo. Back in early September, we dived deep with @kalogerone into the @yieldbasis contest on @sherlockdefi and placed 4th under the talfao account.

I love Python, so the Vyper code was easy for me to read. Huge thanks, @kalogerone, for the amazing team contest experience! 🚀 https://t.co/vW8Gm04TjF

9

55

2

3

3K

kalogerone retweeted

Talfao

@talfao1

9 months ago

It was a pleasure to collaborate with @sherlockdefi on this. It was a great codebase to review, where we could show our Cairo auditing skills with my colleagues: @kalogerone, @shaflow01

0

10

2

0

1K

10 months ago

An incredible article! So much free alpha for developers and auditors! Great job @talfao1

Talfao

@talfao1

10 months ago

After months of deep diving into HyperLiquid and several audits, my team at @CODESPECT put together a blog post explaining HyperEVM <> HyperCore interactions and key security pitfalls when building LST protocols on @HyperliquidX. https://t.co/bbBELwYE1a

2

28

2

22

4K

0

5

0

278

about 1 year ago

@carlos__alegre I'm a BBQ master! Hope this will happen and I'll be there to cook for you

1

0

91

about 1 year ago

@carlos__alegre Contests are not dying, they are getting killed

0

5

0

317

kalogerone retweeted

about 1 year ago

✅ 2 Audits Completed for @TokenTable ✅ CODESPECT has successfully completed two in-depth security reviews: 🔹 Solana Merkle Token Distributor 🔹 SellNow – a new Escrow Contract for trading token allocations 🧐We found 16 issues in total, including 1 critical in SellNow. All were thoroughly addressed by the TokenTable team.✅ Excellent collaboration between our teams led to stronger security and a more robust protocol. 💪 You can check the full reports below: https://t.co/891Agesaps https://t.co/tQszpVNzW2

CODESPECT's tweet photo. ✅ 2 Audits Completed for @TokenTable ✅

CODESPECT has successfully completed two in-depth security reviews:
🔹 Solana Merkle Token Distributor
🔹 SellNow – a new Escrow Contract for trading token allocations

🧐We found 16 issues in total, including 1 critical in SellNow. All were thoroughly addressed by the TokenTable team.✅

Excellent collaboration between our teams led to stronger security and a more robust protocol. 💪

You can check the full reports below:
https://t.co/891Agesaps
https://t.co/tQszpVNzW2

1

17

5

0

916

about 1 year ago

Such a privilege to audit such a widely used and known protocol like @tokentable. Hope everyone in the space took security as seriously as them 👏👏

about 1 year ago

We’re wrapping up another round of audits for @tokentable.🫡💪 Here’s what @headcpx from @ethsign had to say about working with us:🙌 "Working with CODESPECT was an outstanding experience from start to finish. Their TokenTable audit was timely, comprehensive, and incredibly well-structured. What stood out most was the clear communication, prompt support, and insistence on having a complete understanding of the codebase. We now feel confident in the security and reliability of our contracts. We highly recommend CODESPECT to any project seeking a top-tier audit partner." Want to improve the security of your contracts and protocol infrastructure?🧐 Reach out via DMs or ping @talfao1 on Telegram.🤝

1

13

2

0

2K

0

8

0

503

about 1 year ago

@0xaudron This is the way to go man, so many great issues that are public and get ideas, keep it up! 🔥

1

2

0

117

about 1 year ago

@carlos__alegre Damn you doing interviews now, that means I should too 😂👏👏

1

3

0

134

over 1 year ago

@tpiliposian @cantardixyz @cantinaxyz Now make them add a "change email" setting. Challenge impossible

0

1

0

70

over 1 year ago

4️⃣ Collaboration overload - in a good way! All the calls with the audit team create this constant flow of ideas that often lead to new findings. It's basically a brainstorming party where everyone's insights build on each other. And I love it.

0

1

0

228

over 1 year ago

Just finished my 3rd audit with @CODESPECT . After doing contests for almost a year, here are the main differences (a thread):

1

5

0

3

417