Kauz Security Services

Hi there! I'm Dominik Muhs, and I spend my days helping teams build more secure systems. Over the past few years, I've had the opportunity to work with many different projects, from established protocols to early-stage teams just getting started. I enjoy the detective work that comes with security research, digging into code to understand how things work and where they might break. I work independently and as a founding member of Creed.

Services

Most of my time is spent doing manual code reviews of smart contracts written in Solidity. My background in backend development helps when I need to look at the Python, JavaScript, TypeScript, or Golang code that often sits alongside the contracts.

I also do penetration testing work, usually when teams want someone to look at both their smart contracts and the applications that interact with them. Sometimes, the interesting issues are in how these different pieces talk to each other.

I'm always happy to chat about security architecture or help think through threat models for teams that are still figuring things out. I've also worked with individuals and organizations on operational security - things like securing key management, improving security practices, and reducing risks for high-value targets. Whether you're building something new or have a security question you're mulling over, feel free to reach out.

Contact

If you'd like to discuss a project or just have a security question, drop me a line at hello@kauz.gmbh. I'm always happy to chat.

-----BEGIN PGP PUBLIC KEY BLOCK-----

xjMEZWd0JRYJKwYBBAHaRw8BAQdAFgKHo5g2+W+9F4LvGJTqF0sJPTE0EljD
HMMp8SJpiNDNIWhlbGxvQGthdXouZ21iaCA8aGVsbG9Aa2F1ei5nbWJoPsKM
BBAWCgA+BYJlZ3QlBAsJBwgJkMl06xkuDPvzAxUICgQWAAIBAhkBApsDAh4B
FiEEAC8frkSMoJYV8YfjyXTrGS4M+/MAAMWXAP927LMkpfiumuYNgjn1c7d3
toSrNu3lUEJypTNTCoszZgEAx3pMz1Oj5baDlpNvrnty17PfmrG4copB8dJF
+waAYgnOOARlZ3QlEgorBgEEAZdVAQUBAQdAk3/TBhf0DWYl7a/MIdaYAaby
ZnZaZRI2s8Z26OX4SicDAQgHwngEGBYIACoFgmVndCUJkMl06xkuDPvzApsM
FiEEAC8frkSMoJYV8YfjyXTrGS4M+/MAAGMUAQCYGpLud63r8R3ZIdlL3WMm
uMVOiZh90FcH8JsL+j0U3QD/R7muek+4F6pZiaYiuMafTUOkOScFqy2W3RrB
it2q5AA=
=UnIA
-----END PGP PUBLIC KEY BLOCK-----

Work

I have performed numerous code reviews, penetration tests, and general work to ensure operational security guidelines and incident response playbooks are followed. In this section, I list my most recent engagements. Publicly available reports are linked. Clients for which an NDA is in effect are omitted.