Zenith

436 posts

Zenith banner
Zenith

Zenith

@zenith256

Zenith assembles auditors with proven track records to secure your project. We find the critical bugs now—freeing you to launch this week—not next month.

Katılım Ocak 2025
7 Takip Edilen2.3K Takipçiler
Sabitlenmiş Tweet
Zenith
Zenith@zenith256·
As 2025 comes to a close, here's a look back at what our team accomplished this year at Zenith. 1.) Nearly half of our 243 audits found High's and Crit's. In total, we found 292 High and 96 Critical-severity vulnerabilities. 2.) Starting audits under 24 hours' notice. Clients raved about this. Thank you to every Zenith auditor who made this possible. Your dedication, expertise, and clear communication were the key. 3.) We worked with leading protocols including Bridge, Zama, and Jupiter. We spanned 21 ecosystems, including Ethereum, Monad, Base, Solana, Move, and Starknet. 2025 was Zenith’s inaugural year, and we’re excited for what’s ahead in 2026. A huge thanks goes to our clients, partners, and team for making this possible. Interested in a Zenith audit in 2026? Link in bio!
Zenith tweet mediaZenith tweet mediaZenith tweet media
English
3
5
71
23.7K
Melee
Melee@meleemarkets·
🏇
QME
74
68
153
15.9K
Zenith
Zenith@zenith256·
From @dreyand_: A security audit is not just the final deliverable - it's also the relationship we build with the team. Every client wants to leave an audit with confidence that what they're building is safe - it's our responsibility as auditors to prove it through: - deep understanding of the business model, - noticing of the right gaps, - finding the right attack vectors and approaching the target from angles that are unexpected (it's not only whitehats that are looking at these products!) - and most importantly communicating it all in a way that gives the client a real image of their security posture.
Zenith tweet media
English
0
0
5
784
Zenith
Zenith@zenith256·
From @christianvari_: You should never assume that “non-sensitive” or “admin-only” code is safe to ignore. Many critical exploits originate from auxiliary modules, upgrade paths, or operational tooling rather than the main core logic.
Zenith tweet media
English
1
0
9
287
Zenith
Zenith@zenith256·
We asked a Cybersecurity Olympiad gold medalist, a key contributor to Awesome Solana Security, and a patent author, a simple question. And oh yeah, they’re all Zenith auditors. “What do you wish you’d known when you first started in security research?” Here’s what they said.
English
1
1
23
1.8K
Zenith
Zenith@zenith256·
Zenith Auditors recently completed an audit for City Protocol, an open infrastructure for neofinance, starting from structured products. All findings were resolved/acknowledged. Shoutout to the @cityprotocolHQ team for committing themselves to the highest security standards!
City Protocol@cityprotocolHQ

City Protocol is building the Issuance & Operation Layer (I&OL) for onchain structured products. @zenith256 has completed its audit of the smart contract suite spanning I&OL, Tokenization as a Service (TaaS), and Vault as a Service (VaaS). I&OL gives strategy providers and product issuers the infrastructure to launch and operate structured products throughout their lifecycle. TaaS and VaaS provide the underlying tokenization and vault infrastructure for lending, market-neutral, RWA, and other yield strategies. Zenith’s previous audit work includes Virtuals, Meteora, GMX, 1inch, Mantle, and Jupiter. The audit provides an independent security review of the core infrastructure behind City Protocol’s structured-product stack.

English
1
0
6
776
Zenith
Zenith@zenith256·
Zenith Auditors recently completed an audit for The Interfold, an open-source protocol that coordinates Encrypted Execution Environments (E3s). No significant issues were found. Shoutout to the @theInterfold team for committing themselves to the highest security standards!
Zenith tweet media
English
2
1
13
3.3K
Zenith
Zenith@zenith256·
Stay tuned for more tips, tricks, and advice from Zenith Security Researchers dropping next week. Want an audit from the industry’s top security researchers selected for your specific codebase, security needs, and budget? Visit: zenith.security
English
0
0
1
130
Zenith
Zenith@zenith256·
From @krikoeth: Do not assume you have found everything until you can't rewrite the codebase from memory. The code always has bugs, you just need to find them.
Zenith tweet media
English
1
0
5
160
Zenith
Zenith@zenith256·
From @MarioPoneder: I've spent a whole year trying to find clients for my smart contract development services. Bottom line: You need to build your reputation in public to get the necessary visibility and therefore get clients. The auditing experience comes along the way.
Zenith tweet media
English
1
1
9
355
Zenith
Zenith@zenith256·
These three researchers have: - 300,000+ in total contest earnings - backgrounds in cybersecurity, technical physics, and informatics Now help Zenith clients stay secure every day. So we asked them: What do you wish you knew when you started auditing? Here’s what they said.
English
1
0
20
1.3K
Zenith
Zenith@zenith256·
We are very lucky to have an esteemed researcher like @christianvari_ on the Zenith roster. If you want an audit from the industry's top security researchers, handpicked for your specific codebase and security needs, we'd love to talk: zenith.security
English
0
0
1
135
Zenith
Zenith@zenith256·
Tellor Cosmos SDK Chain: 21 critical, 16 major, 24 minor, and 2 informational findings. FeefromReporterStake Function Incorrectly Calculates The feeTracker's TokenOriginInfo.Amount (critical severity). The FeefromReporterStake allows a reporter to use part of its stake to pay the fee for a dispute. However, in the else branch, this TokenOriginInfo is provided with incorrect data. In fact, the Amount is set to unbondAmt, but since this value has already been subtracted in line 125, this is not the actual amount paid with this delegation but the leftover. For example, consider the following scenario: unbondAmt = 100 and there are [10, 40, 50] delegations. The created feeTracker would be equal to [90, 50, 0], which will rebond 140 tokens instead of 100.
Zenith tweet media
English
1
0
1
147
Zenith
Zenith@zenith256·
250+ audits, 900+ vulnerabilities, €3,000 in scholarships given back into the community. Meet Zenith auditor: @christianvari_ A former software engineer turned full-time security researcher, Christian’s been at this since 2022. This is the @christianvari_ story.
English
1
1
21
1.4K