Smart Contract Auditing and Security Services 🛡️
Joined October 2021
- Tweets 323
- Following 419
- Followers 4,045
- Likes 32,458
22 Photos and videos
OShield 🛡️ retweeted
Jun 8
Governments are moving to mandate online age verification
We think this is the wrong decision, and we said so in our response to the United Kingdom's consultation
But if these mandates proceed, the way these systems are built will have consequences far beyond child safety
👇
1
14
101
12,967
OShield 🛡️ retweeted
Apr 1
UPDATE: Following earlier concerns by @oshield_io tied to the exploit, SolanaFloor has confirmed from its sources that the @DriftProtocol team is safe and not in any physical danger.
Apr 1
🚨BREAKING: @oshield_io says two Drift multisig keys appear to have been compromised, raising concerns the team’s physical security could be at risk, as the ongoing Drift exploit has now reached $285M.
8
2
149
11,286
Apr 1
Update — @DriftProtocol uses two different multisig wallets both with the same set of members.
1 ) Risk Council —
2-of-5 multisig that two of the keys were compromised to upgrade the program’s admin key and setup the vault for the scam token CVT
app.squads.so/squads/AiLGdNi…
1) Program Upgrade —
3-of-5 multisig that around an hour ago signed a transaction to upgrade the program. It was approved by the other 3 members apart from the confirmed 2 compromised members.
app.squads.so/squads/Ad21qwC…
Attacker most likely did not compromise all wallets as the program upgrade seems to be benevolent.
This is CRAZY!
15
8
115
41,191
Apr 1
Summary of the @DriftProtocol Exploit thus far:
1) Someone on Drift multisig has updated the drift state account to change the admin here.
solscan.io/tx/4BKBmAJn6TdsEN…
2) This member on the multisig approved the change
solscan.io/account/6UJbu9ut5…
3) And the current admin and attacker is this account.
solscan.io/account/H7PiGqqUa…
4) The attacker used this key to initialize spot market vault for a CVT ( scam propped up token) with high oracle price here.
solscan.io/tx/4a5962Rdqd9pkX…
5) Deposits CVT and withdraws actual tokens using the cross-margin and swap functionality on Drift.
6) Program upgrades is happening to regain back the admin as per our latest analysis.
11
21
135
36,932
Apr 1
Update —
Apr 1
The main issue is that two keys from the multisig has been compromised,
solscan.io/account/39JyWr…
And
solscan.io/account/6UJbu9…
Concerning that the physical security of the team might be in danger.
7
3,927
Apr 1
The main issue is that two keys from the multisig has been compromised,
solscan.io/account/39JyWr…
And
solscan.io/account/6UJbu9…
Concerning that the physical security of the team might be in danger.
Apr 1
Summary of the @DriftProtocol Exploit thus far:
1) Someone on Drift multisig has updated the drift state account to change the admin here.
solscan.io/tx/4BKBmAJn6TdsEN…
2) This member on the multisig approved the change
solscan.io/account/6UJbu9ut5…
3) And the current admin and attacker is this account.
solscan.io/account/H7PiGqqUa…
4) The attacker used this key to initialize spot market vault for a CVT ( scam propped up token) with high oracle price here.
solscan.io/tx/4a5962Rdqd9pkX…
5) Deposits CVT and withdraws actual tokens using the cross-margin and swap functionality on Drift.
6) Program upgrades is happening to regain back the admin as per our latest analysis.
4
1
43
10,886
Feb 3
Oshield is proud to partner with @solflare on security.
We audited Solflare Shield (hardware wallet) and Solflare Card (crypto debit card), confirming strong protections for users.
All critical and high-severity issues were patched before launch.
Security first. 🛡
21
3
39
4,224
10 Sep 2025
We completed an audit of @DeFiTuna ‘s leveraged product. 2 critical vulnerabilities were identified alongside a number of high and medium severity level issues.
All bugs have been patched and fixes are implemented. Tuna is safely deployed on top of @FusionAMM markets and @orca_so whirlpools.
Read the full report on our publications page 👇
15
6
80
15,602
OShield 🛡️ retweeted
28 Jul 2025
1/
guest lecture 10:
@solana security audits: what to do & what not to do
w/ David from @oshield_io (seasoned solana auditors)
🗓 wed, july 30
🕑 2:00–3:30pm cest
📍 meet.google.com/mik-dkfe-dwa
open to all.
JOIN
4
9
63
4,268
28 Jul 2025
The audit of @FusionAMM, a hybrid orderbook AMM DEX by DefiTuna is now complete.
We identified and resolved 2 critical vulnerabilities to strengthen protocol security.
Read the full report on our Publications page! 🔗
26 Jul 2025
Fusion AMM is proud to announce its readiness to move out of BETA, supported by two successful audit reports conducted by industry-leading auditors.
3
2
29
1,797
12 Jun 2025
✅ The audit of XDEX, involving staking, and farming smart contracts is now complete.
We reviewed the entire protocol suite to ensure security and reliability.
🔗 Read the full report here: github.com/oshieldio/Publica…
3
4
27
8,758
4 Jun 2025
Congratulations to @thevaultfinance on launching the Liquid Unstaker!
OShield audited this program pre-launch, you can unstake with confidence!
Read the full report below 👇
4 Jun 2025
Introducing the Unstake Pool - Instant Liquidity for Your Staked Assets
We are excited to launch Unstake Pool, a powerful new way to unstake your LSTs instantly - no delays, no cooldowns.
Whether you are reacting to fast-moving markets or just want liquidity now, Unstake Pool gives you immediate access to SOL in exchange for a small, dynamic fee.
1/5
2
4
19
1,937
9 May 2025
We are happy to see the return of all the funds in the recent @loopscale incident to their customers and treasury.
We highlight that the incident was part of a code that was deployed after our audit and was out of our audit scope.
We command the team on their response and communication during this experience.
@oshield_io is looking forward to continue our support for @loopscale and our other partners on their security needs for a more safe robust DeFi ecosystem.
8 May 2025
Vault withdrawals are now re-enabled following code review by @sec3dev.
We’ve also published the incident post-mortem detailing the vulnerability, how we fixed it, and our commitment to strengthening security.
blog.loopscale.com/posts/pos…
More details below.
1
7
890
OShield 🛡️ retweeted
28 Feb 2025
Hiring! 📣
We are looking for a COO to handle our daily operations from announcements to inter and intra team communications with our partners and internal members.
Please shoot us a message with your portfolio and experience.
4
3
9
2,192
7 Apr 2025
Everclear is ready to weather any storm. We audited their smart contracts to ensure absolute protocol security.
We found 2 critical bugs, you can read the full detailed report here:
github.com/oshieldio/Publica…
1
6
24
2,714
2 Apr 2025
This Week In OShield 🛡️
There were two interesting incidents that caught our eyes the past couple of weeks!
- Hyperliquid almost went broke and had to interfere manually liquidate a position
- Some security researcher with the public name of Nick Franklin turned out to be a DPRK agent!
Read more 👇
1
2
5
19,793
2 Apr 2025
Post-exposure on March 26, he pivoted—Telegram name switched to “John,” bio scrubbed, DMs ignored. By March 28, poof—X and Telegram accounts gone eventually.
Props to @tanuki42_ for leading the charge. Community’s urged to report sketchy moves to trusted crews like SEAL-911. Crypto’s a battlefield—stay sharp.
1
5
404