A proficient smart contract security researcher dedicated to enhancing the security of web3. Ranked 54th overall on Sherlock. With a specific focus on Solidity, I aim to identify and resolve vulnerabilities, contributing to a safer blockchain ecosystem. Adept in collaborative environments and competitive settings as evidenced by achievements in various audit competitions.
I have audited Lending, Governance mechanisms, Perpetual DEXes, AMMs, Liquidity Management Vaults, Reward Gauges, veTokenomics implementations, DAO management protocol, Orderbook perp markets and I am familiar with Uniswap v3 integrations.
Over the last 1 year, participated in contests on Sherlock, C4 and Cantina securing top 3 and top 5 positions in multiple contests across various domains including lending and borrowing, perpetuals, and more. This consistent success demonstrates a broad and deep understanding of different blockchain technologies and auditing skills. I have pretty good knowledge of the Defi landscape.
I have done a few solo audits as well. In march 2024, I got accepted into Block 6 of yacademy DAO auditing fellowship.
I am well versed with the internal working of EVM and bytecode formation.
- Languages: Solidity
- Tools & Platforms: Foundry, EVM
- Specialized Skills: Breaking down EVM bytecode, can read assembly code(Yul),
Here is my Sherlock profile : https://audits.sherlock.xyz/watson/Chinmay
Here is my Code4rena profile : https://code4rena.com/@Chinmay
Major Highlights :
- Placed 2nd in Ajna Finance on sherlock - https://audits.sherlock.xyz/contests/75/leaderboard
- Placed 3rd in 100x finance on sherlock - https://audits.sherlock.xyz/contests/153/leaderboard
- Placed 5th in GMX update on sherlock - https://audits.sherlock.xyz/contests/74/leaderboard
- Found 3 Highs out of 4 and 2 Medium findings in Ethereum Credit Guild contest on C4 : https://code4rena.com/@Chinmay
- Found 2 Highs and 5 Medium findings in zerolend contest on Cantina : https://cantina.xyz/leaderboard/a83eaf73-9cbc-495f-8607-e55d4fdaf407
All results : Audits
- Juicebox V4
- Raisin Labs P2P Fundraising Protocol
- Poodl Dividend Paying Token
- ProphetRouter
- ProphetStaking
A personal blog where I put up tips for developers/ auditors engaged with certain Defi code components (like EIP712, TWAP etc.) : https://medium.com/@chinmayf
Participated in multiple contests and ranked in the top 5, showcasing a strong understanding and skill set in smart contract security.
Publishing educational tweets (https://twitter.com/dev_chinmayf) and github repositories (like this one : https://github.com/chinmay-farkya/solidity-notes and this one : https://github.com/chinmay-farkya/EVM-notes)
- Reading DeFi research papers
- learning about the OP stack and low level blockchain node infra
- Options and cross-chain yield protocols
- Economic security of protocols
Goals :
- publishing checklists for major defi systems and protocols' integration best practices
- writing many more security focused articles
- Master Fuzzing / Formal Verification of smart contracts
- Explore alternate languages and ecosystems (Cairo, Vyper and Move)
- Bachelors of Technology in Computer Science and Engineering at MITS (Madhav Institute of Technology and Science)
You can connect with me at:
- Twitter - @dev_chinmayf
- Discord - chinmayf
- Email - chinmayf2000@gmail.com
- Telegram - chinmayf