Elite security assurance for Layer 1s, DeFi protocols, and Web3 infrastructure.
Joined January 2026
- Tweets 31
- Following 19
- Followers 90
- Likes 55
3 Photos and videos
Jun 10
~$36M drained from Humanity Protocol on June 8.
No contract bug. One employee's laptop held the keys: 3 of 6 on the Ethereum multisig, 3 of 5 on the BNB Chain multisig.
One machine cleared both. A proof-of-humanity project, undone by one
2
2
6
186
sigintzero retweeted
🥇 Tripwire: Built by @sigintzero_ is a 24/7 threat detection and response system that identifies exploit signals before execution, monitoring contract behaviour, fund flows, and attack patterns to protect deployed protocols in production.
Built by @alteredlad
Link: sigintzero.com
2
1
20
581
May 26
New blog released! Learn more about the Squid Router Module exploit here: sigintzero.com/blog/squidrou…
2
162
sigintzero retweeted
May 20
these things can literally happen to literally anyone, anywhere, check your deps & stay safe peeps 🧑💻
1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories.
Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.
1
3
203
May 4
We're just getting started!
May 4
Super stoked to share that we at @sigintzero_ have been awarded a $10k USDG grant from @SuperteamAU as we build toward Tripwire, our 24/7 on-chain monitoring and threat response system for Solana, focused on post-deployment security and real-time protection.
Awesome to see support going toward Australian builders pushing the ecosystem forward.
We’re now heads down for the final stretch of the @colosseum Frontier Hackathon, focused on delivering it in full and getting it into the hands of teams.
1
3
6
288
you can vibe code crypto stuff:
1. ideate with claude on web
2. spec it up with claude code
3. claude code it from spec
4. thoroughly test the lot
5. audit by @sigintzero_
gtm. get a response. pivot
you can do anything
4
2
18
746
Apr 23
🛡 Sentinel's first cohort is live with @koreabuidlweek
Free AI audits for their teams, fast turnaround.
You already built it. Now secure it.
4
5
193
Apr 22
Represent 🤘
Apr 22
AUS BUILDOOORS APR 2026
Our monthly Sydney meetup is back! Here's who's speaking:
- @ksaitor (founder of @CryptoJobsList)
- @SanLeo461 on wallet privacy
- @alteredlad on AI audits with @sigintzero_
Date: Wed 29th April
Time: 5:30PM - 8PM
Location: Redfern
RSVP Below 👇
105
Apr 3
Drift Protocol lost $270M on April 1. No smart contract bug. No stolen keys.
The attacker abused Solana's durable nonces to trick 2 of 5 Security Council multisig signers into approving what looked like routine transactions. Those approvals sat dormant for 9 days.
On April 1, one minute after a legitimate insurance fund withdrawal, the attacker submitted the pre-signed transactions. Two txns. Four Solana slots apart. Full admin control transferred. Vaults drained.
Elliptic suspects DPRK. Bybit lost $1.5B the same way 14 months ago.
The code was fine. The people were the attack surface.
Apr 2
Earlier today, a malicious actor gained unauthorized access to Drift Protocol through a novel attack involving durable nonces, resulting in a rapid takeover of Drift’s Security Council administrative powers.
This was a highly sophisticated operation that appears to have involved multi-week preparation and staged execution, including the use of durable nonce accounts to pre-sign transactions that delayed execution.
1
2
7
327
Apr 3
We wrote a full breakdown: how durable nonces work, why a 2-of-5 multisig with zero timelock made this possible, and what protocols need to change.
Audits tell you the code is safe. Tripwire tells you it still is, right now, in production.
sigintzero.com/blog/drift-pr…
1
4
123
Mar 6
Wrapped up an audit for @gami_vc.
Really enjoyed working with the Ethereans team to help get it across the line.
Report dropping soon. 🔍
2
5
18
8,591
Feb 25
We analyzed the 100 largest protocol hacks - $10.77 billion in total losses.
Only 20% were audited.
Audited protocols = just 10.8% of losses.
Audits work. But when audited protocols DO get exploited, the cause is always the same.
A thread on what the data actually shows:
2
2
5
403
Feb 25
We published a full comparison of 6 firms - SigIntZero, Trail of Bits, OpenZeppelin, CertiK, Consensys Diligence, Halborn.
Evaluated on business process comprehension, not just tooling.
Also covers:
- Competitive audits (Immunefi, Code4rena, Sherlock)
- Actual audit pricing ($5K–$200K )
- MiCA regulatory impact
1
1
168
Feb 25
Full report with verified data, source links, firm comparison, and evaluation framework:
sigintzero.com/blog/security…
1
1
143