DeFi Security | Tier-1 Security Audit Firm | Top-2 in @Paradigm and @OpenZeppelin CTF | Public audits: github.com/Decurity/audits
Joined October 2011
- Tweets 346
- Following 73
- Followers 3,534
- Likes 105
96 Photos and videos
Jun 13
We’ve lost count at this point. 😅 @dan_fronts back at #1, maybe @HackenProof should just reserve the top spot for him. Proud of you. 🥇🔥
Jun 12
Top 3 researchers this week:
🥇 @dan_fronts
🥈 Holl0w
🥉 @GladKing0x01
Keep it up! 🔥
Want your handle here? Join active programs: hackenproof.com/programs
2
299
Decurity retweeted
Jun 10
ℹ️ We've launched a WebSockets subscription to the onchain attack alerts.
DeFi teams can wire our streams into their agents for an automatic incident response:
`/ws/attacks` - a raw stream of zero-delay alerts with minimal false positives
`/ws/confirmed_attacks` - LLM reviewed alerts with confirmed attacks
Docs: defimon.xyz/docs/websocket_a…
Get access: @DecurityHQ
1
1
4
1,253
Jun 2
We warned about @dxsale rug pull risk 3 years ago: blog.decurity.io/dx-protocol…
A 2021 @dxsale locker, an unprotected admin key, $7.3 million gone. @DecurityHQ flagged the risk in 2023 for $500. Two compromised contracts holding $15.5 million remain untouched, for now.
rekt.news/dxsale-rekt
2
2
9
3,407
Decurity retweeted
May 12
⛑️ Defimon caught a live CPIMP-style backdoor on a production protocol, alerted the team, and the funds were locked down before the attacker could fire.
Previously the exploiters who front-run initialize() call set several known implementation slots automatically. After @etherscan added ">1 implementation" label, such attempts were easily exposed.
The exploiters are more stealthy now. They overwrite impl slot precisely, emit fake "Upgraded" events and even verify a copy of the real impl with their backdoor. In this case the backdoor was hidden inside what looks like a stock OpenZeppelin file: Initializable.sol.
The exploiter was definitely waiting for more funds to drain, so our timely alert helped to neutralize the threat before they could activate the backdoor.
2
2
32
2,975
May 12
1/ Many DeFi hacks aren't atomic.
We reconstructed per-tx timelines for 10 exploits where the drain ran for minutes to hours to ask one question: how much could have been saved after the first malicious tx?
🧵
2
7
29
3,703
May 12
4/ Balancer V2 reached 54% of funds-at-risk in minute one, 93% by minute five.
Even at that speed, @BitFinding's whitehat bot intercepted the attacker in the very next block - 12 seconds after the first malicious tx. ~$1M returned to Balancer DAO.
2
2
1,031
May 12
Full research: per-tx timelines, recovery breakdowns and more.
rescue-window.decurity.io
@DefimonAlerts - real-time detection and incident response for DeFi protocols. $2.5M rescued to date.
defimon.xyz
1
424
Decurity retweeted
May 10
Real-time DeFi monitoring is how anomalies get caught early. @DefimonAlerts is building not only an alert system, but also a white hat rescue bot that can protect defi in real time.
Learn more: youtube.com/watch?v=ioGtupYR…
Support: qf.giveth.io/project/defimon…
1
3
7
1,968
Apr 27
Bug Machine firmware v2.0 dropping soon. Patch notes: even more bugs found. 🤖 Congrats to our own @dan_fronts!
Apr 27
Meet our Bug Machine @dan_fronts - 20 paid reports in under 2 months 🔥
@dan_fronts joined HackenProof in February and didn't wait to warm up: he delivered 20 validated, paid reports.
Thank you for your work - this is only the beginning. The community sees you. Keep going!
2
692
Decurity retweeted
Apr 24
⛑️ Defimon is live in the Ethereum Security QF round on @Giveth!
Our incident response & white-hat defense has saved $2M so far.
Thanks to quadratic funding (500 ETH matching pool by @thedaofund), a $10 donation can be worth $5K . Round ends May 15.
qf.giveth.io/project/defimon…
1
8
3,562
Apr 23
How we cut block latency 4x and scaled exploit detection to 8 chains: our CTO @theRaz0r shares insights on how @DefimonAlerts works under the hood on the @Quicknode blog 👇
Apr 23
New on the Quicknode blog: @DecurityHQ's CTO on how Streams let them rebuild Defimon from polling to push, cut block latency from 2s to under 0.5s, and scale exploit detection across 8 chains with one engineer running the pipeline.
blog.quicknode.com/real-time…
2
3
12
2,208
Apr 10
1/ Since inception, Decurity has focused on real-time threat prevention. Our flagship product @DefimonAlerts has prevented hacks with direct impact exceeding $20M.
But in 2025-2026, the world changed. AI is disrupting cybersecurity - and we had to adapt.
🧵
Apr 7
Introducing Project Glasswing: an urgent initiative to help secure the world’s most critical software.
It’s powered by our newest frontier model, Claude Mythos Preview, which can find software vulnerabilities better than all but the most skilled humans.
anthropic.com/glasswing
2
2
19
3,059
Apr 10
5/ And other smaller rescues are documented on our @Giveth project page.
giveth.io/project/defimon-re…
2
2
484
Apr 10
6/ Detection alone isn't enough anymore. In an AI-accelerated threat landscape, only AI defenders can keep pace with AI-powered attackers.
That's why we're doubling down on automated AI incident response - turning Defimon from a watchtower into a first responder.
More to come soon. 🛡️
5
418
Apr 9
⚡ Every second matters when a DeFi exploit hits onchain.
That's why we moved @DefimonAlerts from self-managed pipelines to @QuickNode Streams and went from 3 chains to 8, cut latency 4x, and freed us to focus on what actually matters - detection.
Apr 9
DeFi exploits don't wait. Neither does @DefimonAlerts, built by @DecurityHQ.
8 chains. Sub-second alerts. $48K/year in infra costs gone.
Powered by Quicknode Streams.
Full story: quicknode.com/case-studies/d…
1
6
21
2,971