AUDITS POWERED BY INVARIANT TESTING

World Class Audits powered by state of the art Invariant Tests

Helping these projects deploy safely

Centrifuge logoBadger logoCorn LogoLiquity LogoBalancer LogoCredit coop Logo

TVL Protected

$1BLN+

Aggregate TVL of our Customers

$200MLN+

TVL Protected with Live Monitoring

7k+

Cloud Fuzzing Runs done with Recon Pro

Testimonials

Our services are tailored to our customers

company logo

We worked with the phenomenal @getreconxyz team to get invariant testing coverage for the @centrifuge ERC-7540 implementation, leveraging their Recon Pro platform. Looking forward to seeing where @getreconxyz goes next, they have ambitious plans to take invariant testing to the next level!

Centrifuge

Jeroen - CTO

company logo

We first met Alex during some excellent security discussions re: Liquity v1. The breadth and depth of his audit of our v2 exceeded expectations - particularly impressive for a solo effort. He uncovered several technical, arithmetic and economic issues and discussed them with us in detail. I’d highly recommend his manual reviews for any DeFi team that takes their security seriously.

Liquity

Rick - Cofounder

company logo

Recon has allowed us to speed up the development of invariant tests immensely. We are able to create and execute test suites in the cloud effortlessly with virtually no boilerplate code. I highly recommend using Recon to automate your fuzzing setup.

Badger DAO

James - Lead Dev

company logo

The recon team is continuously innovating to make invariant testing vastly more accessible to projects, which makes a meaningful difference in security outcomes. They bring their broad expertise in and passion for web3 security to any engagement above and beyond the specified scope.

Corn

Dapp - Cofounder

company logo

Engaging with Alex&Lourens showed great proactiveness to answer deep-technical Qs along the process and help to discuss together items that require deeper drilling on invariants, really valuable not only their ability to answer Qs, but educating you on the process and empowering your team for better understanding of invariants on your architecture!

Onchainification

Petrovska - Cofounder

company logo

Alex has an incredible eye for detail, leaving no stone unturned during our audit. His review helped us gain confidence in our codebase before going to a competitive audit. I would highly recommend Alex’s security services to anyone building smart contract systems.

Solidity Labs

Elliot - Founder

company logo

We worked together with Alex to review a Safe module for our DAO multi-sig. We really valued his proactiveness and quick response times so that we could ship in a timely manner. πŸš€

Balancer DAO

Xeonus - Balancer Maxis

company logo

The ROI on our engagement with Recon was extremely high. They built an invariant test suite that uncovered hard-to-spot high-severity issues and gave us a powerful tool to ship with confidence. Moving forward, invariant testing will be core to our smart contract development at Credit Coop. When we do our next audit, Recon will have to be a part of the picture.

Credit Coop

Thomas Hepner - Cofonder & CTO

company logo

Alex had the most transparent and interactive process of any auditor I've worked with. He was very proactive and provided in-depth analysis even beyond what was initially requested. In the end, our team was able to iterate on findings a lot quicker than we'd estimated, while also learning a huge amount along the way

Quill Finance

Naps62.eth - Cofonder & CTO

Benefits

THE MISSING PIECE

Invariant Testing is often the missing piece to reduce the number of bugs protocols go to audit with

CODE THAT GROWS WITH YOU

Invariant Tests help you specify your system behaviour, helping increase it's predictability

NEVER MAKE THE SAME MISTAKE AGAIN

Invariant Tests can run on every edit, meaning once you fix a bug, they'll check against it

WORLD CLASS MANUAL REVIEW

Recon Audits are lead exclusively by seasoned vetrans, we only take audits for which we have an edge

RECON PRO

Our fully developed cloud platform saves you time with features nobody else has built. Recon Pro is included in every engagement

LIVE MONITORING

Recon suites are easily reusable for live monitoring, these tests try to predict exploits instead of

Trophies

Recon was used to find these bugs

Badger

Critical | Insolvency due to Incorrect Accounting

Finding | Recon Logs
πŸ†

remBADGER Accounting bug, prevented

BUG LINK >

TapiocaDAO

High | Overflow causes Permanent DOS in twTAP

Finding | Recon Logs
πŸ†

The only researcher that wrote a POC

BUG LINK >

TapiocaDAO

Medium | Incorrect decoding in decodeLockTwpTapDstMsg

Finding | Recon Logs
πŸ†

Showing how Invariant tests could have caught this

BUG LINK >

Centrifuge

Medium | Rounding errors allows bypassing caps

Finding | Recon Logs
πŸ†

Invariant Tests helped prevent a notoriously hard to detect edge case

BUG LINK >

Corn

Critical | Insolvency due to Incorrect Accounting

Finding | Recon Logs
πŸ†

Invariant Testing quickly found a mistake in accounting and helped ensure all subsequent changes were safe

BUG LINK >

Credit Coop

Medium | Rounding allows bypassing minting cap

Finding | Recon Logs
πŸ†

Invariant testing helped identify a rounding issue allowing a minting cap to be bypassed

BUG LINK >

Audits

Recon Audits

Liquity

Apollon

All reports

Balancer DAO

Kleidi

Quill Finance

Credit Coop

Audit

Private Report

TEAM

Alex

Alex

Top C4 Judge, Former Badger Lead Dev, Code that handled hundreds of millions of dollars, Bug findings in most protocols you use every day

Antonio

Antonio

Creator of EchidnaToFoundry, Author of some of the most read articles on Invariant Testing, Advisor to multiple high profile projects

Nican0r

Nican0r

Up and coming talented researcher behind most of our articles and invariant testing starters

0xsi

0xsi

Lead Software Engineer && Fuzzing engineer behind a lot of Recon features

Kn0t

Kn0t

Senior Full-Stack Developer, Security Researcher & Fuzzing Engineer, driving R&D and future tools at Recon

SERVICES

Boutique Audits, we can write code and break invariants, whether you want us to code with you perform manual review

We can support your team at all stages of development

Early Stage:

Define key invariants, scaffold and maintain invariant testers

Add invariants as the project grows

Pre Audit Stage:

Reach 100% Coverage, handout to your Auditors a full set of test repros to produce meaningful states or broken properties

Solo Review Stage:

Recon is made by highly respected SRs that can help you with Manual Review

Audit Stage:

We can support you during audits, by adding new properties flagged by your reviewers and by reproducing bugs in invariant tests as a means to ensure they are not introduced later

Our cloud runners ensure you can quickly queue and test fixes, no more waiting for your engineer to come back from the weekend

Our offers:

  • Manual Review > A high quality review done by top Security Researchers, ideally paired with Invariant Testing
  • Invariant Test Writing > Testing written by an experienced fuzzing engineer, for projects that want to skill up their codebase, includes unlimited cloud runs during the engagement
  • Recon Pro > Cloud Fuzzing as a service, a versatile and easy way to run invariant testing in the cloud

RECON PRO

22

Pro Accounts

10k+

Jobs run in the cloud

108k+

Properties Broken

It's never been easier

3 click to run Medusa, Echidna, Halmos or Kontrol in the cloud, works with private repos

One click sharing and Corpus Reuse

Make your result public in one click with automatic reports and repro for all fuzzers

Ready for Automation

Run on PR, Commit or via API, trigger alerts on broken properties