Decentralized

Finance

Systems

Application

Security            

Decurity is a tier-1 web3 security audit firm and elite team of ethical hackers who won hardest CTF competitions

Services

Smart Contract Audit

Security audit of the Ethereum Solidity smart contracts, Solana Rust programs, Aptos Move contracts or any kind of a dApp
Get a Quote

Security Advisory

Comprehensive continuous security consulting and audit, implementation of the Security SDLC practices, monitoring, and incident response
Get a Quote

Custodial Security

OPSEC, key management, and multisig configuration consulting, penetration testing of the dApps, layer 1, bridges, CEX, on-ramp, staking infrastructure
Get a Quote

Risk Assessment

Web3 protocol external risk and viability assessment for the traders, PE, and VC funds during the due dilligence
Get a Quote

Invariant Development

Identification of the invariants, development of the invariant and unit tests, on-chain fuzzing, e2e testing
Get a Quote

Security Monitoring

Monitoring the contracts for hack attempts, suspicious transactions and dangerous actions as well as financial solvency
Get a Quote

Testimonials

Legendary DeFi creators and founders trust us and have something to say:

“We had a great experience working with Decurity. Both the quality and speed of their work are second to none. They’ve earned our trust through the insightful and non-obvious findings they delivered. Their communication was also clear, efficient, and genuinely pleasant throughout the entire process. That’s why moving forward, we will continue to work with them on our major projects.”

— Gleb Alekseev, Product Owner at 1inch

"Decurity reviewed Mellow Interoperability components twice in 2025 and we have been impressed with their work. In addition to technical expertise Decurity brought consistent engagement with our dev team. We value actionable feedback, and our tech team worked closely with Decurity researchers to address issues effectively. Their structured approach made a real impact on the quality of our code."

— Nick Stoev, Core contributor at Mellow Protocol

"I have worked with the Decurity team on the smart contract audits for Gearbox Protocol. They quickly identified potential attack vectors, thoroughly examined our complex codebase, and provided concise reports. I appreciate Omar and his responsiveness throughout the entire process. I highly recommend Decurity as reliable and trusted auditors."

— Michael Lazarev, Co-Founder and CTO of Gearbox Protocol

“Stableunit has worked with Decurity twice, and we continue to stay in touch. Both audits were efficient and technically insightful. As a technically mature team, we value deep, constructive feedback, and Decurity consistently delivers. They’re methodical, responsive, and easy to work with throughout the entire process. Their input helped us strengthen our codebase where it truly mattered.”

— Alex Lebed, Architect at Stable Unit DAO

“We worked with Decurity on a full security audit of our embedded wallets. The team was professional throughout—communicative, detail-oriented, and technically sharp. Their methodology was sound, and the final report was clear and actionable. We’re confident in the results and fully recommend them as a trusted audit partner.”

— Domen Uršič, Co-Founder of Apillon

“We've worked with Decurity several times already since 2023 — the audits are always smooth and professional. They guide you from the initial consultation all the way to the final retest once all findings are addressed. The level of expertise and fresh outside perspective stand out. A great team you can rely on while building in web3.”

— Vadim Zolotokrylin, CEO and Co-Founder at Holdex

Portfolio

We've successfully completed dozens of complex audits. Here're the reports for some of them, see more on Github.

Our team joint with partners placed 2nd in the most respected smart contract security audit competition
— Paradigm CTF 2022.
Security audit of the Yearn Finance no-hedge joint strategy helped to ensure the validity of the yield farming strategy logic and the security of the implementation.
Security audit of the GIVEth smart contracts led to discovery of a critical vulnerability in another protocol andremediation of the associated risk.
We did a review of the Compound v3 issues and past audits and created a custom Semgrep SAST rulepack which was integrated in the GitHub DevSecOps pipeline of the Comet protocol
We did numerous audits of various products of the 1inch DEX aggregator and their updates including the Aggregation protocol, token plugins, and the innovative Fusion mode
Security audit of the Yearn Finance no-hedge joint strategy helped to ensure the validity of the yield farming strategy logic and the security of the implementation
We did code review and penetration testing of various components of complex staking infrastructure and found interesting issues
We did a review of the Gearbox governance smart contract as part of the V3 implementation
Security audit of the GIVEth smart contracts led to discovery of a critical vulnerability in another protocol and remediation of the associated risk

Competitions

We are passionate competitive hackers and won toughest CTF (Capture The Flag) competitions — olympic games of smart contract auditors

Our team joint with partners placed 2nd in the most respected smart contract security audit competition
— Paradigm CTF 2022.
Security audit of the Yearn Finance no-hedge joint strategy helped to ensure the validity of the yield farming strategy logic and the security of the implementation.
Security audit of the GIVEth smart contracts led to discovery of a critical vulnerability in another protocol andremediation of the associated risk.
Our team joint with partners placed 2nd in on of the most respected smart contract security audit competition — Paradigm CTF 2022
Decurity overpassed all other audit company teams and won 2nd place in highly crowded OpenZeppelin CTF 2024
Our team co-hosted the biggest web3 security competition ever — Remedy CTF 2025 with over 2000 participants

Partners

We partner with L1/L2 blockchains, development firms, other security companies, hedge funds, and other web3 projects

Our team joint with partners placed 2nd in the most respected smart contract security audit competition
— Paradigm CTF 2022.
Security audit of the Yearn Finance no-hedge joint strategy helped to ensure the validity of the yield farming strategy logic and the security of the implementation.
Security audit of the GIVEth smart contracts led to discovery of a critical vulnerability in another protocol andremediation of the associated risk.
Arbitrum Foundation has chosen Decurity among 12 other top-tier audit firms for the $15M ecosystem grant deployment to support builders in 2025
Holdex is a venture studio that has incubated a lot of prominent DeFi protocols and is working with Decurity since 2023
Optimism L2 added Decurity to the carefully selected list of whitelisted security auditors in October 2024
Scroll L2 onboarded Decurity as a trusted security auditor and is referring us to the emerging ecosystem projects since March 2024
Metis L2 listed Decurity as one of the recommended security auditors who offer a discount for the ecosystem projects since October 2023
PancakeSwap accepted Decurity as one of the experienced AMM security auditors to the v4 Hook audit grant program in 2025

Why Decurity?

We are a team of veteran hackers who dived into the blockchain and smart contract security in the early days. Under our supervision, an audit is not just a filing of the checklist but rather a full-fledged research.

See our public reports on Github to learn more.

About Us

  • Multiple world CTF hacking champions

  • Top-50 hackers worldwide according to HackerOne

  • Discovered critical issues during most of engagements

  • Blockchain security experts with proven record since 2017

Our Customers

Contact Us