Web3 Hybrid Security.

Auditor × Tooling .

1st place Ronin. Top-10 on four more Code4rena contests. 27 published QA reports.

Get in touch See the record
AUDITED 40+ engagements and audit contests · Jul 2024 → present
Ronin Reserve Morpheus Blackhole Flex Perp Axelar Phi Virtuals Monad Swafe Megapot Hybra Finance Flare Olas Monetrix
./about

Auditor × Tooling.

Blue Eyes Security was built around two things: an auditor who knows what to investigate, and proprietary in-house tooling that makes the investigation scale.

After two years in the contest space, the edge has proven to be the combination of both.

Founded by Auditor_Nate, who has been hunting bugs full-time since July 2024. Body of work includes five top-10 Code4rena contest finishes and 27 published QA reports — produced through Team PolarizedLight, a contest-focused auditing team.

Blue Eyes Security extends that practice into private engagements. Solidity and Rust smart contract audits are the core offering — fixed-scope, manually reviewed, every finding backed by a working proof-of-concept.

./track_record

Code4rena contest platform
results.

Credited with securing Phi, Reserve, Ronin, Axelar Network, Chakra, Morpheus, Flex Perpetuals, Virtuals Protocol, Blackhole, Megapot, Concrete, Lambo.win — plus many more across multiple other contest platforms. Every finish is produced by Team PolarizedLight.

FIG.01 Contest ranks · Code4rena jul 2024 → present
#1 #3 #5 #7 #10
#01 Ronin
#04 Blackhole
#04 Flex Perp
#06 Morpheus
#07 Reserve
peak finish · 1st place top-10 finishes
FIG.02 QA report distribution 27 published · C4
0 A-grade
0 B-grade
A-grade 0 reports · 40.7%
B-grade 0 reports · 59.3%
total 0 reports · 100%
PROFILE verifiable
@PolarizedLight

Full contest history, rank pages, and QA report links available on Code4rena’s public leaderboard.

View profile
./services

Private smart contract audit.

Primary offering

Smart contract audit

Fixed-scope review of a protocol’s on-chain surface — Solidity and Rust; other languages on request. The Blue Eyes Security pipeline pairs a proven human auditor with custom tooling: the auditor manually reviews the code, verifies exploitability with executable PoCs, calibrates severity against real-world impact, and delivers a professional report with remediation guidance.

  • ScopeProtocol-specific
  • TimelineSet at kickoff
  • DeliverableReport + remediation review
On request

Full-spectrum security review

Smart contract plus Web2 attack surface and infrastructure. A wider sweep of the places a protocol can break — beyond the contracts themselves. Discuss scope on a discovery call.

./process

Four core steps.

We embrace a hybrid auditing approach — pairing a proven human auditor with cutting-edge tooling.

  1. 01 /04

    Scope + kickoff

    Discovery call — meet both the team and the code. Repository access, documentation review, protocol walkthrough, and communications channels set up between the auditor and protocol team.

  2. 02 /04

    Audit pipeline

    Auditing begins — tooling and auditor go to work on the code. The auditor manually reviews the code, triages tooling outputs, investigates leads, and follows threads until the deepest findings surface.

  3. 03 /04

    Findings review + severity calibration

    Findings are finalized and executable proof-of-concepts built. Severity is calibrated against real-world impact, and the report is drafted.

  4. 04 /04

    Final report + remediation support

    Professional audit report with finding write-ups, reproducible PoCs, and remediation guidance. Post-engagement review of fixes included.

./availability

Engagement calendar.

Current booking state. Private audits are scheduled in fixed windows; discovery calls are open continuously.

sys.status accepting-inquiries
window state capacity
apr — may 2026 booked
jun — jul 2026 1 slot open
aug — sep 2026 open
oct 2026+ open
Reserve a window discovery call · 30 min · no commit
./contact

Start a conversation.

Send a message with the protocol, target scope, and any deadline you’re working toward. A direct reply follows within two business days.

Email contact@blueeyessec.com
Telegram @Auditor_Nate
X / Twitter @auditor_nate