Web3 security audits.

Auditor × Tooling .

1st place Ronin. Top-10 on four more Code4rena contests. 23 published QA reports.

Get in touch See the record
AUDITED 40+ engagements and audit contests · Jul 2024 → present
Ronin Reserve Morpheus Blackhole Flex Perp Axelar Phi Virtuals Monad Swafe Megapot Hybra Finance Flare Olas
./about

Auditor × Tooling.

Blue Eyes Security was built around two things: an auditor who knows what to investigate, and proprietary in-house tooling that makes the investigation scale.

After two years in the contest space, the edge has proven to be the combination of both.

Founded by Auditor_Nate, who has been hunting bugs full-time since July 2024. Body of work includes five top-10 Code4rena contest finishes and 23 published QA reports — produced through Team PolarizedLight, a contest-focused auditing team.

Blue Eyes Security extends that practice into private engagements. Solidity, Rust, and Move smart contract audits are the core offering, with coverage reaching beyond contracts into Web2 attack surfaces and infrastructure on request.

./track_record

Code4rena contest platform
results.

Credited with securing Phi, Reserve, Ronin, Axelar Network, Chakra, Morpheus, Flex Perpetuals, Virtuals Protocol, Blackhole, Megapot, Concrete, Lambo.win — plus many more across multiple other contest platforms. Every finish is produced by Team PolarizedLight.

FIG.01 Contest ranks · Code4rena jul 2024 → present
#1 #3 #5 #7 #10
#01 Ronin
#04 Blackhole
#04 Flex Perp
#06 Morpheus
#07 Reserve
peak finish · 1st place top-10 finishes bar height = (11 − rank) / 10
FIG.02 QA report distribution 23 published · C4
0 A-grade
0 B-grade
A-grade 0 reports · 30.4%
B-grade 0 reports · 69.6%
total 0 reports · 100%
PROFILE verifiable
@PolarizedLight

Full contest history, rank pages, and QA report links available on Code4rena’s public leaderboard.

View profile
./services

Private smart contract audit.

Primary offering

Smart contract audit

Fixed-scope review of a protocol’s on-chain surface — Solidity, Rust, Move; other languages on request. The Blue Eyes Security pipeline pairs a proven human auditor with custom tooling: the auditor manually reviews the code, verifies exploitability with executable PoCs, calibrates severity against real-world impact, and delivers a professional report with remediation guidance.

  • ScopeProtocol-specific
  • TimelineSet at kickoff
  • DeliverableReport + remediation review
On request

Full-spectrum security review

Smart contract plus Web2 attack surface and infrastructure. A wider sweep of the places a protocol can break — beyond the contracts themselves. Discuss scope on a discovery call.

./process

Four core steps.

We embrace a hybrid auditing approach — pairing a proven human auditor with cutting-edge tooling.

  1. 01 /04

    Scope + kickoff

    Discovery call — meet both the team and the code. Repository access, documentation review, protocol walkthrough, and communications channels set up between the auditor and protocol team.

  2. 02 /04

    Audit pipeline

    Auditing begins — tooling and auditor go to work on the code. The auditor manually reviews the code, triages tooling outputs, investigates leads, and follows threads until the deepest findings surface.

  3. 03 /04

    Findings review + severity calibration

    Findings are finalized and executable proof-of-concepts built. Severity is calibrated against real-world impact, and the report is drafted.

  4. 04 /04

    Final report + remediation support

    Professional audit report with finding write-ups, reproducible PoCs, and remediation guidance. Post-engagement review of fixes included.

./availability

Engagement calendar.

Current booking state. Private audits are scheduled in fixed windows; discovery calls are open continuously.

sys.status accepting-inquiries
window state capacity
apr — may 2026 booked
jun — jul 2026 1 slot open
aug — sep 2026 open
oct 2026+ open
Reserve a window discovery call · 30 min · no commit
./contact

Start a conversation.

Send a message with the protocol, target scope, and any deadline you’re working toward. A direct reply follows within two business days.

Email contact@blueeyessec.com
Telegram @Auditor_Nate
X / Twitter @auditor_nate