## https://sploitus.com/exploit?id=6F77271A-BABC-5858-8553-8E1F388A1BBC
# Smart Contract Security Research Portfolio
**hail_the_lord** | Security Researcher & Smart Contract Engineer
This repository serves as public testimony of my work as a **smart contract security researcher** and **developer**. It contains detailed vulnerability reports from multiple Code4rena and private audits, complete with **full coded Proofs of Concept** written in **Foundry** and **Hardhat**.
> **Note:** This repository contains only ~20% of the bugs I have discovered and reported. For the complete list of my findings and reports, please visit my full portfolio:
> **[https://github.com/haildlord](https://github.com/haildlord)**
---
## What This Repository Demonstrates
### 1. Security Research Capability
- Deep understanding of smart contract vulnerabilities (reentrancy, access control, signature replay, entropy manipulation, economic exploits, etc.)
- Ability to identify both **high-severity** and **medium-severity** issues that impact protocol security, user funds, and core mechanics.
### 2. Full Coded Proof of Concepts
Unlike many researchers who only describe bugs, I write **complete, reproducible PoCs** using:
- **Foundry** (Forge tests)
- **Hardhat** (with mainnet forking when required)
Every report in this repository includes working test code that proves the vulnerability exists and can be exploited.
### 3. QA Engineering Skills for Smart Contracts
Writing high-quality, reproducible test cases is a core part of smart contract development. This repository also showcases my ability to act as a **QA Engineer** for smart contracts by:
- Building comprehensive test scenarios
- Testing edge cases and attack vectors
- Validating protocol invariants under adversarial conditions
---
## Repository Structure
Each file in this repository represents one vulnerability report and follows this structure:
- **Title & Severity**
- **Category** (e.g., Reentrancy, AccessControl, Signature, DoS, etc.)
- **Summary**
- **Vulnerability Details** with code snippets
- **Impact**
- **Full Proof of Concept** (Foundry / Hardhat test code)
- **Recommendation** with mitigation diff
---
## Skills Highlighted
| Skill | Evidence in This Repo |
|-----------------------------|------------------------------------------------|
| Smart Contract Auditing | 15+ detailed vulnerability reports |
| PoC Development | Full Foundry & Hardhat test cases |
| Root Cause Analysis | Clear technical explanations + code references |
| Economic Attack Vectors | Golden God skip, forging limits, reward theft |
| Access Control Issues | Wrong modifiers, public internal functions |
| Signature & Replay Attacks | Multiple signature-related high severity bugs |
| QA / Test Engineering | Comprehensive adversarial test cases |
---
## Notable Findings Categories
- Reentrancy & Flash Loan attacks
- Signature Replay & Front-running
- Incorrect Access Control Modifiers
- Entropy & Randomness manipulation
- Economic / Game Design exploits
- DoS & Griefing vectors
- Incorrect state updates & validation logic
---
## About Me
I am a **Smart Contract Security Researcher** and **Full-Stack Web3 Developer** with experience in:
- Public audits on Code4rena and private audits
- Building production-grade dApps (especially on Solana & EVM)
- Writing secure, gas-efficient, and well-tested smart contracts
- Creating detailed, reproducible security reports with working PoCs
**Full Portfolio & More Reports:**
[https://github.com/haildlord](https://github.com/haildlord)
---
## Contact
For collaboration, audits, or security consulting, feel free to reach out via my GitHub or Twitter.
---
*This repository is maintained as a public record of security research work. All findings were responsibly disclosed through proper audit platforms.*