Zenith assembles auditors with proven track records to secure your project. We find the critical bugs now—freeing you to launch this week—not next month.
Joined January 2025
- Tweets 403
- Following 7
- Followers 2,279
- Likes 178
130 Photos and videos
Pinned Tweet
23 Dec 2025
As 2025 comes to a close, here's a look back at what our team accomplished this year at Zenith.
1.) Nearly half of our 243 audits found High's and Crit's. In total, we found 292 High and 96 Critical-severity vulnerabilities.
2.) Starting audits under 24 hours' notice. Clients raved about this. Thank you to every Zenith auditor who made this possible. Your dedication, expertise, and clear communication were the key.
3.) We worked with leading protocols including Bridge, Zama, and Jupiter. We spanned 21 ecosystems, including Ethereum, Monad, Base, Solana, Move, and Starknet.
2025 was Zenith’s inaugural year, and we’re excited for what’s ahead in 2026. A huge thanks goes to our clients, partners, and team for making this possible.
Interested in a Zenith audit in 2026? Link in bio!
3
5
70
23,192
Jun 15
Arcade[.]xyz: Governance Vote Manipulation via Inter-Block Loans.
While flash loans within a single block were blocked, an attacker could still exploit the snapshot by acquiring a highly leveraged, undercollateralized normal loan that wrapped cleanly across that single block boundary.
Because voting power only evaluated that single snapshot block, an attacker could temporarily amplify their governance weight drastically to forcefully pass and execute arbitrary system proposals at minimal economic risk.
1
2
163
Jun 15
We are very lucky to have a researcher like @DadeKuma on the Zenith roster.
If you want an audit from the industry's top security researchers, handpicked for your specific codebase and security needs, we'd love to talk: zenith.security/
3
130
Jun 15
Superposition: Pool Price Manipulation via Inverted Ticks.
An attacker could construct invalid positions with inverted tick ranges.
This would break the core mathematical assumptions of the constant product engine, allowing an attacker to perpetually trigger a specific price-calculation branch.
From there, an attacker could unilaterally inject assets to artificially inflate and unbalance the pool, manipulating asset prices to their advantage.
1
2
153
Jun 15
Phala Network: Zero-Cost Cluster Denial of Service.
By passing an HTTP request with a maximum threshold u64 value, an attacker could intentionally trigger a numeric overflow panic.
Because sending this malicious request costs an attacker virtually nothing, they could repeatedly crash network workers, causing a complete denial of service of the cluster system.
1
2
155
Jun 15
But 2024 is when things got serious.
Three 1st-place finishes. $42,610 in total earnings. A top 20 ranking on the Code4rena Leaderboard.
That’s when @bytes032, the Head of Zenith, came calling.
The invite wasn’t complicated. DadeKuma has a proven track record of finding bugs.
Here are some of the bugs that got him noticed.
1
6
190
Jun 15
Lavarage: Collateral Theft via Decoupled Instruction Validation.
A malicious borrower could invoke a loan repayment instruction while spoofing the underlying position being validated.
The result? An attacker could claim back valuable collateral tied to a highly funded position while executing the actual repayment transaction against a completely separate position containing nothing but dust, draining the protocol's backing.
1
4
167
Jun 15
3 first-place finishes. $70,000 in total earnings. All in under 3 years.
Meet Zenith auditor: @DadeKuma.
He started his security journey in 2023; only three years later, he’s one of the industry’s best researchers.
Let’s see how he went from zero to Zenith.
2
1
70
2,436
Jun 15
DadeKuma didn’t ease into security research.
His first contest was in January 2023. Three valid medium findings right out the gate.
A top 15 finish the next month. A top 10 that summer. His first 1st-place finish a month after that.
1
2
299
Jun 15
DadeKuma loves adversarial logic, getting inside an attacker's head and spotting broken edge cases before anyone else does.
So it made sense when he left his job as a Big Data/ML engineer, recognizing Web3 as the future of finance.
He spent his first year building smart contracts, but to him, the security side always felt more interesting.
In smart contracts, code = money, so the stakes were always high.
1
6
340
Jun 12
Understand code deeply. Embrace complexity. Explore different fields.
These habits helped these Zenith auditors find hundreds of crits and place top 5 in many competitions.
But they had more to share.
So we asked them: “What do you wish you’d known when you first started?”
1
3
19
1,033
Jun 12
From @DadeKuma:
Push until the end.
Most interesting or unique bugs are usually found in the final days of an audit, so stay focused and keep trying until the end.
1
1
8
294
Jun 12
From @shaflow01:
- Keep continuous learning, stay updated on industry trends and technology stack updates.
- Always reflect on failures by reviewing issues you missed and continuously learning from experience.
- Explore different fields.
5
149
Zenith retweeted
Jun 10
While everyone was watching the countdown to TGE, there was a lot of less-visible work happening behind the scenes.
One of those was a security audit with Zenith.
Thanks to the team for helping us ship with greater confidence.
Details below👇
Jun 10
Zenith Auditors recently completed an audit for Dabba Network, decentralizing connectivity for the next billion.
All issues have been resolved or acknowledged.
Huge shoutout to the @DabbaNetwork team for their dedication to ensuring the highest security standards!
3
8
33
1,040
Jun 10
Zenith Auditors recently completed an audit for Dabba Network, decentralizing connectivity for the next billion.
All issues have been resolved or acknowledged.
Huge shoutout to the @DabbaNetwork team for their dedication to ensuring the highest security standards!
3
20
1,978
Zenith retweeted
Jun 4
Me and my buddy @sin1st3r__ on tv! 😎 Thank you zenith!
Jun 3
100 private audits. 7 1st place contest finishes. Thousands of hours of experience.
These three Zenith Security Researchers are among the industry’s best, but they didn’t start that way.
Here's their advice for those of you who are starting out (or just looking to level up):
5
2
47
3,285
Jun 3
100 private audits. 7 1st place contest finishes. Thousands of hours of experience.
These three Zenith Security Researchers are among the industry’s best, but they didn’t start that way.
Here's their advice for those of you who are starting out (or just looking to level up):
1
4
57
5,855
Jun 3
From @sin1st3r__:
If you're starting out, get your hands dirty auditing as soon as possible and try not to fall into tutorial hell.
Read the codebase until you can memorize every single line of code. Only at this point does your brain have the bandwidth and capacity to reason at a very high level and find more complex bugs.
1
9
522
Jun 3
From @ret2basic:
When a new promising technology comes out, don't delay your research until it flourishes. You have to start early to get an advantage.
Also, don't forget to talk about your research in public, so that people think of your name when they need an audit in this specific technology.
14
370