Kauz Security Services

Hi there! I'm Dominik Muhs, and I spend my days helping teams build more secure systems. Over the past few years, I've had the opportunity to work with many different projects, from established protocols to early-stage teams just getting started. I enjoy the detective work that comes with security research, digging into code to understand how things work and where they might break. I work independently and as a founding member of Creed.

Services

Most of my time is spent doing manual code reviews of smart contracts written in Solidity. My background in backend development helps when I need to look at the Python, JavaScript, TypeScript, or Golang code that often sits alongside the contracts.

I also do penetration testing work, usually when teams want someone to look at both their smart contracts and the applications that interact with them. Sometimes, the interesting issues are in how these different pieces talk to each other.

I'm always happy to chat about security architecture or help think through threat models for teams that are still figuring things out. I've also worked with individuals and organizations on operational security - things like securing key management, improving security practices, and reducing risks for high-value targets. Whether you're building something new or have a security question you're mulling over, feel free to reach out.

Contact

If you'd like to discuss a project or just have a security question, drop me a line at hello@kauz.gmbh. I'm always happy to chat.

-----BEGIN PGP PUBLIC KEY BLOCK-----

xjMEZWd0JRYJKwYBBAHaRw8BAQdAFgKHo5g2+W+9F4LvGJTqF0sJPTE0EljD
HMMp8SJpiNDNIWhlbGxvQGthdXouZ21iaCA8aGVsbG9Aa2F1ei5nbWJoPsKM
BBAWCgA+BYJlZ3QlBAsJBwgJkMl06xkuDPvzAxUICgQWAAIBAhkBApsDAh4B
FiEEAC8frkSMoJYV8YfjyXTrGS4M+/MAAMWXAP927LMkpfiumuYNgjn1c7d3
toSrNu3lUEJypTNTCoszZgEAx3pMz1Oj5baDlpNvrnty17PfmrG4copB8dJF
+waAYgnOOARlZ3QlEgorBgEEAZdVAQUBAQdAk3/TBhf0DWYl7a/MIdaYAaby
ZnZaZRI2s8Z26OX4SicDAQgHwngEGBYIACoFgmVndCUJkMl06xkuDPvzApsM
FiEEAC8frkSMoJYV8YfjyXTrGS4M+/MAAGMUAQCYGpLud63r8R3ZIdlL3WMm
uMVOiZh90FcH8JsL+j0U3QD/R7muek+4F6pZiaYiuMafTUOkOScFqy2W3RrB
it2q5AA=
=UnIA
-----END PGP PUBLIC KEY BLOCK-----

Work

I have performed numerous code reviews, penetration tests, and general work to ensure operational security guidelines and incident response playbooks are followed. In this section, I list my most recent engagements. Publicly available reports are linked. Clients for which an NDA is in effect are omitted.

2025

• Web3Auth Code Review
  June 2025
• Web3Auth Code Review
  May 2025
• undisclosed ? Penetration Test

  March 2025

  State government office meeting and employee scheduling system
• Everclear Arbitrum Tokenomics Code Review
  February 2025
• Everclear v1.1 (Diablo) Code Review
  January 2025

2024

• LucidLabs Spot Check
  December 2024
• Everclear Tokenomics ↗ Code Review
  October 2024
• Across Protocol Code Review
  September 2024
• Puffer UniFi ↗ Code Review
  September 2024
• RAA Sachsen e.V. ? Threat Modeling

  September 2024

  The RAA is an NGO aid center for educational integration.
• Everclear v1.0 (Chimera) ↗ Code Review
  August 2024
• Request Finance Code Review
  August 2024
• undisclosed ? Code Review

  July 2024

  A liquid staking derivative product on Filecoin.
• TAFEL Dresden e.V. Threat Modeling, Penetration Test
  July 2024
• undisclosed ? Code Review

  June 2024

  An on-chain personal reputation protocol for verifiable talent sourcing.
• Hyperlane xERC20 Code Review
  June 2024
• Puffer xERC20/VT Pricer ↗ Code Review
  June 2024
• BakerFi ↗ Code Review
  May 2024
• Puffer ↗ Code Review
  April 2024
• Connext Vesting Wallet ↗ Code Review
  March 2024
• Bitsi ? Feasibility Analysis

  March 2024

  A permissionless L2 aiming to connect Ethereum and Bitcoin.
• BakerFi ↗ Code Review
  February 2024
• Moonwell MIP-M23 ↗ Code Review
  January 2024
• xERC20 Standard ↗ Code Review
  January 2024
• Stadt.Land.Netz MyVIA Penetration Test
  January 2024

2023

• Rocket Pool (Houston) ↗ Code Review
  December 2023
• undisclosed ? Code Review

  August 2023

  Backend API and contract factory for an L1 specialized on NFTs.
• Protocol Labs FilSnap ↗ Code Review
  August 2023
• undisclosed ? Code Review

  June 2023

  A WASM module to filter malicious transactions in a large browser wallet.
• undisclosed ? Code Review

  April 2023

  Ethereum L2 rollup using multi-party computation. Exhaustive review of all contracts, nodes, and infrastructure.
• EigenLayer ↗ Code Review
  March 2023
• undisclosed ? Code Review

  March 2023

  NFT ticketing and presale platform.
• Rocket Pool (Atlas) ↗ Code Review
  January 2023

2022

• undisclosed ? Code Review

  October 2022

  A large UTXO-based proof-of-stake blockchain.
• undisclosed ? Code Review

  September 2022

  Smart contracts of a global investment firm and a cooperative consisting of several national banks.
• undisclosed ? Code Review

  September 2022

  Contracts and libraries of one of the leading Ethereum SSO providers.
• undisclosed ? Code Review

  August 2022

  Meta-transactions framework by a large game studio, based on ERC-7221.
• Rocket Pool v1.1 Code Review
  July 2022
• Arbitrum Nitro ↗ Code Review
  May 2022
• Fuji Finance ↗ Code Review
  February 2022
• undisclosed ? Code Review

  January 2022

  DeFi project to provide humanitarian aid and UBI to emerging nations.
• undisclosed ? Code Review

  January 2022

  NFT Coldie auction marketplace and royalty reward distribution platform.

2021

• undisclosed ? Code Review

  December 2021

  Governance and vesting contracts on an L1 specialized on NFTs.
• undisclosed ? Code Review

  November 2021

  One of the largest custodial wallet providers and staking services (again).
• Arbitrum ↗ Code Review
  November 2021
• Gluwacoin ↗ Code Review
  October 2021
• 1inch Protocol v2 ↗ Code Review
  September 2021
• undisclosed ? Code Review

  August 2021

  One of the largest custodial wallet providers and staking services.
• undisclosed ? Code Review

  August 2021

  A Gnosis Safe module for distributed, dynamic DAO governance structures.
• undisclosed ? Code Review

  July 2021

  Decentralized insurance market for DeFi liquidity crises.
• undisclosed ? Code Review

  July 2021

  Cross-chain token standard reference implementation.
• GrowthDeFi WHEAT ↗ Code Review
  June 2021
• undisclosed ? Code Review

  May 2021

  Options marketplace based on Kelly criterion bonding curves.
• undisclosed ? Code Review

  May 2021

  A collateral distribution module in a large algorithmic stablecoin.
• undisclosed ? Penetration Test

  April 2021

  An traditional finance investment fund distribution platform.
• Rocket Pool ↗ Code Review
  March 2021
• undisclosed ? Penetration Test

  March 2021

  Chain abstraction layer for a cross-chain atomic swap platform.
• undisclosed ? Penetration Test

  February 2021

  Oracle integration and marketplace of a large algorithmic stablecoin.
• undisclosed ? Penetration Test

  January 2021

  Global logistics provider management systems and website.

2020

• undisclosed ? Code Review

  December 2020

  Application to generate hierarchical deterministic validator BLS keys.
• undisclosed ? Penetration Test

  November 2020

  Custodial staking provider key generation ceremony systems.
• undisclosed ? Penetration Test

  October 2020

  Global logistics provider management systems and website.