farismln/audit-portfolio
GitHub: farismln/audit-portfolio
资深 Web3 安全研究员的智能合约审计作品集,收录了在 Sherlock、Code4rena、Immunefi 等主流审计平台上针对数十个 DeFi 协议发现的漏洞及详细报告。
Stars: 14 | Forks: 1
# 审计作品集
## 关于我
### Faris Maulana | 安全研究员
独立的 Web3 安全研究员,专注于 DeFi、跨链基础设施和代币标准的安全领域。
Sherlock、Code4rena、Immunefi、Codehawk 和 Cantina 的顶尖贡献者,多次获得领奖台名次和前 10 名排名。
KASTURI 创始人:领导印度尼西亚安全研究员社区,培养 Web3 安全领域的本土人才。[加入我们的 Discord](https://discord.kasturisec.xyz)
🔗 联系方式
[🐦 Twitter (@0xfrsmln)](https://x.com/0xfrsmln) | 💬 Discord (@dot_cloud) | [✈️ Telegram (@oxfrsmln)](https://t.me/oxfrsmln)
🛠️ 技术专长
- 语言:Solidity, Rust (基础), Move (基础)
- 专注领域:AMM (CLMM), 跨链消息传递, 流动性质押/归属, 账户抽象
### 🌐 简介
- [Sherlock (@farismaulana)](https://audits.sherlock.xyz/watson/farismaulana)
- [Immunefi (@farismaulana)](https://immunefi.com/profile/farismaulana/)
- [Code4rena (@farismaulana)](https://code4rena.com/@farismaulana)
- [Cantina (@farismaulana)](https://cantina.xyz/u/farismaulana)
- [CodeHawks (@farismaulana)](https://profiles.cyfrin.io/u/farismaulana)
## 精选亮点
| 协议 | 描述 | 发现 | 排名 | 报告 |
| --- | --- | --- | --- | --- |
| [Alchemix-v3](https://immunefi.com/audit-competition/alchemix-v3-audit-competition/information/#top) | Synthetic | 4C 6H 5M | 🥇 | [📄](https://reports.immunefi.com/alchemix-v3/58544-sc-critical-it-is-possible-to-underflow-on-sync-making-positions-bricked-forever) |
| [SukukFi](https://code4rena.com/audits/2025-11-sukukfi) | RWA | 2M | 🥈 | [📄](https://code4rena.com/reports/2025-11-sukukfi) |
| [Rova](https://audits.sherlock.xyz/contests/498) | Launchpad | 1M | 🥈 | [📄](https://github.com/sherlock-audit/2025-02-rova-judging/issues/301) |
| [Dodo Cross-chain DEX](https://audits.sherlock.xyz/contests/991) | Cross-chain DEX | 1H 4M | 🥉 | [📄](https://github.com/sherlock-audit/2025-05-dodo-cross-chain-dex-judging/issues/63) |
| [Summer.fi - governance v2](https://audits.sherlock.xyz/contests/1176) | Cross-chain Governance | 3M | 🥉 | [📄](https://audits.sherlock.xyz/contests/1176/voting/1) |
| [Symmio Staking Vesting](https://audits.sherlock.xyz/contests/838) | Staking, Vesting | 1H 2M | Top 10 | [📄](https://github.com/sherlock-audit/2025-03-symm-io-stacking-judging/issues/100) |
| [Cap](https://audits.sherlock.xyz/contests/990) | Stablecoin | 3M | Top 10 | [📄](https://audits.sherlock.xyz/contests/990/voting/194) |
## 🔒 私有委托
| 日期 | 团队 | 协议 | 类别 | 报告 |
| --- | --- | --- | --- | --- |
| Feb 2026 | Pashov Audit Group | Ample Earn | Yield Aggregator | *pending* |
| Feb 2026 | Pashov Audit Group | RAAC | RWA | *pending* |
### 公开竞赛历史
2025 公开竞赛
| 协议 | 描述 | 发现 | 排名 | 报告 | | --- | --- | --- | --- | --- | | [SukukFi](https://code4rena.com/audits/2025-11-sukukfi) | RWA | 2M | 🥈 | [📄](https://code4rena.com/reports/2025-11-sukukfi) | | [Alchemix-v3](https://immunefi.com/audit-competition/alchemix-v3-audit-competition/information/#top) | Synthetic | 4C 6H 5M | 🥇 | [📄](https://reports.immunefi.com/alchemix-v3/58544-sc-critical-it-is-possible-to-underflow-on-sync-making-positions-bricked-forever) | | [stNXM by EaseDeFi](https://audits.sherlock.xyz/contests/1203) | Slashing Insurance | 2H 1M | 17 | [📄](https://audits.sherlock.xyz/contests/1203/voting/124) | | [Summer.fi - governance v2](https://audits.sherlock.xyz/contests/1176) | Cross-chain Governance | 3M | 🥉 | [📄](https://audits.sherlock.xyz/contests/1176/voting/1) | | [Rezerve Money](https://audits.sherlock.xyz/contests/1134) | Treasury Accumulation | 4H 5M | 26 | Private (Sherlock) | | [Malda](https://audits.sherlock.xyz/contests/1029) | Unified Liquidity | 3M | 32 | [📄](https://audits.sherlock.xyz/contests/1029/voting/105) | | [Cap](https://audits.sherlock.xyz/contests/990) | Stablecoin | 3M | 9 | [📄](https://audits.sherlock.xyz/contests/990/voting/194) | | [succinct-network](https://cantina.xyz/code/bd882748-077e-4e55-853f-f8df70109dbb/overview) | Proof generation marketplace | 1M | 13/400 | Private (Cantina) | | [telcoin-network](https://cantina.xyz/competitions/26d5255b-6f68-46cf-be55-81dd565d9d16) | Consensus | 1H 1M | 58/689 | Private (Cantina) | | [Dodo Cross-chain DEX](https://audits.sherlock.xyz/contests/498) | Cross-chain DEX | 1H 4M | 🥉 | [📄](https://github.com/sherlock-audit/2025-05-dodo-cross-chain-dex-judging/issues/63) | | [Primev](https://cantina.xyz/competitions/e92be0b9-b4f2-4bf2-9544-ae285fcfc02d) | MEV Validator Registry | 1H | 6/232 | Private (Cantina) | | [Alchemix-v3](https://cantina.xyz/code/e68909e6-3491-4a94-a707-ecf0c89cf72a/overview) | Synthetic | 8H 1M | 17/902 | Private (Cantina) | | [Mighty Fi](https://cantina.xyz/competitions/616d8bb4-16ce-4ca9-9ce9-5b99d6e146ef) | CLMM | 2H | 19/629 | Private (Cantina) | | [Crestal Network](https://audits.sherlock.xyz/contests/755) | AI Agent | 1H | 12/341 | [📄](https://github.com/sherlock-audit/2025-03-crestal-network-judging/issues/260) | | [Symmio Staking Vesting](https://audits.sherlock.xyz/contests/838) | Staking, Vesting | 1H 2M | 8/461 | [📄](https://github.com/sherlock-audit/2025-03-symm-io-stacking-judging/issues/100) | | [Thor Wallet](https://code4rena.com/audits/2025-02-thorwallet) | Cross-chain Payment | 1M | 10/133 | [📄](https://code4rena.com/audits/2025-02-thorwallet/submissions/S-79) | | [Rova](https://audits.sherlock.xyz/contests/498) | Launchpad | 1M | 🥈 | [📄](https://github.com/sherlock-audit/2025-02-rova-judging/issues/301) | | [RAAC](https://codehawks.cyfrin.io/c/2025-02-raac) | RWA | 7H 9M | 139/419 | [📄](https://codehawks.cyfrin.io/c/2025-02-raac/s/810) | | [Next Generation](https://code4rena.com/audits/2025-01-next-generation) | Cross-chain Payment | 1H | 14/67 | [📄](https://code4rena.com/audits/2025-01-next-generation/submissions/S-615) | | [Daao](https://cantina.xyz/competitions/bd43bdd1-bc7f-473b-96c0-d35d37f3db33) | Launchpad | 4H 1M | 51/292 | Private (Cantina) | | [Plaza Finance](https://audits.sherlock.xyz/contests/682) | Auction, Bond Token | 2H 4M | 78/100 | [📄](https://github.com/sherlock-audit/2024-12-plaza-finance-judging/issues/33) |2024 公开竞赛
| 协议 | 描述 | 发现 | 排名 | 报告 | | --- | --- | --- | --- | --- | | [SecondSwap](https://code4rena.com/audits/2024-12-secondswap) | Liquid Token Vesting | 1H 2M | 36/181 | [📄](https://code4rena.com/audits/2024-12-secondswap/submissions/S-353) | | [Ethos Network Financial Contracts](https://audits.sherlock.xyz/contests/675) | On-chain Reputation | 1H 1M | 20/33 | [📄](https://github.com/sherlock-audit/2024-11-ethos-network-ii-judging/issues/204) | | [Debita Finance V3](https://audits.sherlock.xyz/contests/627) | Orderbook, Loan | 2M | 35/56 | [📄](https://github.com/sherlock-audit/2024-10-debita-judging/issues/439) | | [Phi Protocol](https://code4rena.com/audits/2024-08-phi) | NFT, On-chain Identitiy | 1H 1M | 55/99 | [📄](https://github.com/code-423n4/2024-08-phi-findings/issues/269) | | [Project One World](https://codehawks.cyfrin.io/c/2024-11-one-world) | NFT, DAO | 1L | 43/61 | [📄](https://codehawks.cyfrin.io/c/2024-11-one-world/s/349) | | [Lambo.win](https://code4rena.com/audits/2024-12-lambowin) | Token Launchpad | 1H 1M | 62/145 | [📄](https://code4rena.com/reports/2024-12-lambowin) |培训与影子审计 (First Flight)
*早期职业生涯培训竞赛,专注于基础安全概念。* ### 首次飞行 | First Flight | 描述 | 发现 | 排名 | 报告 | | --- | --- | --- | --- | --- | | [#36: RustFund](https://codehawks.cyfrin.io/c/2025-03-rustfund) | Fundraise, Rust | 2H 1M | 41th | - | | [#20: The Predicter](https://codehawks.cyfrin.io/c/2024-07-the-predicter) | ERC20, Wager | 4H | 9th | [📄](https://codehawks.cyfrin.io/c/2024-07-the-predicter/s/363) | | [#14: AirDropper](https://codehawks.cyfrin.io/c/2024-04-airdropper) | Airdrop, Merkle Tree | 3H | 4th | [📄](https://codehawks.cyfrin.io/c/2024-04-airdropper/s/85) | | [#12: Kitty Connect](https://codehawks.cyfrin.io/c/2024-03-kitty-connect) | NFT, Chainlink CCIP | 3H 1M | 4th | [📄](https://codehawks.cyfrin.io/c/2024-03-kitty-connect/s/72) [📄](https://codehawks.cyfrin.io/c/2024-03-kitty-connect/s/73) | | [#10: One Shot](https://codehawks.cyfrin.io/c/2024-02-one-shot) | NFT, ERC20 | 3H 1L | 8th | - |标签:AMM, ASN解析, Code4rena, DeFi安全, DNS 反向解析, IDO平台, Immunefi, Move, Rust, RWA, Sherlock, Solidity, Web3安全, 代码安全, 加密货币安全, 区块链安全, 去中心化金融, 可视化界面, 合约漏洞, 安全报告, 安全研究员, 审计作品集, 文档安全, 智能合约审计, 流动性质押, 漏洞枚举, 白帽子黑客, 网络流量审计, 账户抽象, 跨链安全, 配置审计, 配置错误