Kauz Security Services

Dominik Muhs
November 2024

Abstract

Hi there! My name is Dominik Muhs, and I'm the person behind Kauz Security Services. I have a deep passion for smart contract security, penetration tests, and software development in general. I perform security services independently and through Creed, which I'm a founding member of.

What I can do

I can perform code reviews on smart contracts written in Solidity. Thanks to my background in backend engineering, I am confident reviewing code written in Python, JavaScript, TypeScript, and Golang.

I have performed numerous black box and grey box penetration tests as a security engineer. Clients often combine a smart contract code review with a black box penetration test of their off-chain infrastructure.

Lastly, I have helped a handful of clients with threat models around their existing infrastructure. Beyond that, I have also helped them create individualized operational security guidelines to minimize the risks they face as high-net-worth individuals.

How to contact me

If you are looking to get in touch, feel free to contact me at [email protected]. Myself, or my assistant will get in touch with you as soon as possible.

Previous work of mine

I have performed numerous code reviews, penetration tests, and general work around operational security guidelines and incident response playbooks. In this section, I list my most recent engagements. Publicly available reports are linked. Clients for which an NDA is in effect are omitted.

2024 Name Type Via
2024/10 Everclear Tokenomics (EGP 22) Code Review Creed
2024/09 Across Protocol Code Review Creed
2024/09 Puffer Finance UniFi Code Review Creed
2024/09 RAA Sachsen e.V. aid center for educational integration Threat Modeling Independent
2024/08 Everclear Chimera Code Review Creed
2024/08 Request Finance Code Review Creed
2024/07 A liquid staking derivative product on Filecoin Threat Modeling Creed
2024/07 TAFEL Dresden e.V. food bank management portal Threat Modeling & Penetration Test Independent
2024/06 On-chain personal reputation protocol Code Review Creed
2024/06 Hyperlane xERC20 integration Code Review Creed
2024/06 Puffer Finance xERC20/VT Pricer Code Review Creed
2024/05 BakerFi Recursive Staking Code Review Creed
2024/04 Puffer Finance Code Review Creed
2024/03 Connext Vesting Wallet and Dependencies (Forum) Code Review Creed
2024/03 Bitsi: A permissionless L2 connecting Ethereum and Bitcoin Feasibility Analysis Independent
2024/02 BakerFi Recursive Staking Code Review Creed
2024/01 Moonwell MIP-M23: Multichain Governor Migration Code Review Independent
2024/01 Connext xTokens Reference Implementation Code Review Creed
2024/01 Stadt.Land.Netz MyVIA Penetration Test Independent

2023 Name Type Via
2023/12 Rocket Pool Houston Code Review Consensys Diligence
2023/08 Backend API and contract factory for an L1 specialized on NFTs Code Review Consensys Diligence
2023/08 Protocol Labs FilSnap Code Review Consensys Diligence
2023/06 A WASM module to filter malicious transactions in a large browser wallet Code Review Consensys Diligence
2023/04 Ethereum L2 multi-party computation rollup contracts and node Code Review Consensys Diligence
2023/03 EigenLabs EigenLayer Code Review Consensys Diligence
2023/03 NFT ticketing and presale platform Code Review Consensys Diligence
2023/01 Rocket Pool Atlas Code Review Consensys Diligence

2022 Name Type Via
2022/10 A large UTXO-based proof-of-stake blockchain Code Review Consensys Diligence
2022/09 Contracts from a global investment firm and several national banks Code Review Consensys Diligence
2022/09 Contracts and libraries of one of the leading Ethereum SSO providers Code Review Consensys Diligence
2022/08 Meta-transactions framework by a large game studio, based on ERC-7221 Code Review Consensys Diligence
2022/07 Rocket Pool v1.1 Code Review Consensys Diligence
2022/05 Arbitrum Nitro Code Review Consensys Diligence
2022/02 Fuji Finance Code Review Consensys Diligence
2022/01 DeFi project to provide humanitarian aid and UBI to emerging nations Code Review Consensys Diligence
2022/01 NFT Coldie auction marketplace and royalty reward distribution platform Code Review Consensys Diligence

2021 Name Type Via
2021/12 Governance and vesting contracts on an L1 specialized on NFTs Code Review Consensys Diligence
2021/11 One of the largest custodial wallet providers and staking services (again) Code Review Consensys Diligence
2021/11 OffchainLabs Arbitrum Code Review Consensys Diligence
2021/10 Gluwacoin Code Review Consensys Diligence
2021/09 1inch Aggregation Protocol V2 Code Review Consensys Diligence
2021/08 One of the largest custodial wallet providers and staking services Code Review Consensys Diligence
2021/08 A Gnosis Safe module for distributed, dynamic DAO governance structures Code Review Consensys Diligence
2021/07 Decentralized insurance market for DeFi liquidity crises Code Review Consensys Diligence
2021/07 Cross-chain token standard reference implementation Code Review Consensys Diligence
2021/06 GrowthDeFi WHEAT Code Review Consensys Diligence
2021/05 Options marketplace based on Kelly criterion bonding curves Code Review Consensys Diligence
2021/05 A collateral distribution module in a large algorithmic stablecoin Code Review Consensys Diligence
2021/04 An traditional finance investment fund distribution platform Penetration Test Consensys Diligence
2021/03 Rocket Pool Code Review Consensys Diligence
2021/03 Chain abstraction layer for a cross-chain atomic swap platform Code Review Consensys Diligence
2021/02 Oracle integration and marketplace of a large algorithmic stablecoin Code Review Consensys Diligence
2021/01 Global logistics provider management systems and website Penetration Test Consensys Diligence

2020 Name Type Via
2020/12 Application to generate hierarchical deterministic validator BLS keys Code Review Consensys Diligence
2020/11 Custodial staking provider key generation ceremony systems Penetration Test Consensys Diligence
2020/10 Global logistics provider management systems and website Penetration Test Consensys Diligence

Top  Imprint