Hey, I’m Thomas 👋
I help protocol teams find deep bugs and ship with confidence.
🧾 New: Protocol Readiness Review
Before you spend big on a protocol audit, get a 1-week diagnostic to clarify:
→ what’s worth auditing · where risk actually lives · how to focus your audit scope
$9.8k · 1 week · limited slots/month
📅 Book a short call
📫 Contact: blltprf.xyz · webintake@blltprf.xyz · @audithare
- 🔍 Precision Code Review & Security Audits — humans see nuance; tools miss context
- 🧪 High-Coverage Fuzzing & Scenario Simulation — stress high-risk paths, reproduce real failures
- 📐 Formal Modeling, Proofs & Verification — prove protocol properties with machine-checked guarantees
- 🧭 Security Strategy & Training — design for safety; ship with confidence
- 🛡️ Independent audits/code reviews (Cantina, Code4rena, Sherlock)
- 💙 Core team: Apalache — symbolic model checker for TLA+ & Quint
- 🔥 [redacted] — formal verification of L2 governance protocol (Apalache & Quint)
- 🍩 Ethereum Foundation: 3-slot finality (3SF) — formal modeling & verification of accountability · repo
- 🧪 Protocol fuzzing workshop @ Protocol Berg v2 · repo
- 🚢 Soroban smart contract audit — authentication / authorization · TBA
- 🌟 Solarkraft — runtime verification for Soroban/Stellar smart contracts · repo
- 🎠 Apalache — symbolic model-checker for TLA+ / Quint · repo
- 🍭 Quint — modern language & tooling for TLA+ specs · repo
🛠️ Languages: Solidity · Rust · Go · Lean · Python · TypeScript
📐 Verification: Alloy · Lean4 · Certora Prover · Quint / TLA+ · SMT (CVC5, Z3)
🧪 Fuzzing: AFL · cargo-fuzz · libFuzzer · Echidna / Medusa · Wake