Perimeter | Leading Blockchain & Web3 Security with Fuzzing

Services Process Portfolio Clients Team Request a Quote

Unparalleled Security at

Perimeter's expertise in directed fuzzing uncovers what audits miss, keeping DeFi's largest protocols and smart contracts secure for today's launch and fortified for tomorrow's upgrades

Request a Quote View Our Portfolio

Trusted by the Best

Our Services

Offensive Fuzzing

Flexible Timelines
Uncover Deep Rooted Bugs
Effortless Onboarding
Frequent Communication
Remediations Included
Comprehensive Report

Talk to an expert

Defensive Fuzzing

Everything in offensive fuzzing plus:
Highest Level of Depth
Complete Documentation
Cost Efficient
Ready for Long Term Use
Seamless Integration

Talk to an expert

Bespoke

Supporting but not limited to:
Non-EVM Fuzzing
Blockchain/DLT Fuzzing
Building Dedicated Tooling
Security Advisory

Talk to an expert

Our Methodology

Security Assessment Process

We collaborate closely with your team at every stage, ensuring business and code objectives are achieved securely and efficiently.

No parallel reviews, full focus guaranteed
Minimum one lead fuzzing specialist per engagement
Clear communication at every stage
Fully transparent from start to finish
Fastest timelines, minimal coordination overhead
POCs for all High/Crit and non-trivial findings

Engagement Kickoff

The engagement starts with aligning on objectives, reviewing the protocol's technical architecture, and identifying key invariants to prioritize.

Build Phase

During this phase, the fuzzing harness is developed, simple invariants are implemented, and more complex ones are identified and integrated.

Execution Phase

Deep fuzzing runs are performed on enterprise hardware, with a focus on tracing broken invariants and analyzing edge-case behavior.

Remediations

The harness is updated to reflect any fixes made in response to issues uncovered during the execution phase.

Report Delivery

A detailed report is provided, summarizing all findings, methodology, and recommendations from the engagement.

Codebase Integration

A pull request is submitted to your codebase containing the finalized fuzzing harness for long-term integration.

Our Past Experience

$0+

TVL Held in Fuzzed Contracts

+0Invariants Identified
and Implemented

+0Fuzzing Engagements
Successfully Completed

Transparent Fuzzing Reports View Our Portfolio

Why the Best Trust Us

Berachain proof-of-liquidity is one of the biggest innovation in the L1 space. For us innovation is always coupled with ensuring the highest security. That's why we partnered with Perimeter to run one of the best in-class invariant testing campaign. Perimeter did a tremendous job in testing any possible scenario, identifying the most relevant invariants and running extremely complex simulations.

Bearlusconi Bera

Product Manager at Berachain

@Immutable recently engaged @perimeter_sec to create fuzzing harnesses and test our L1 bridge contracts. We were really impressed with the team's professionalism and high quality report 🙏 @0xScourgedev @rappie

@audityourcontracts

Head of Security at Immutable

I engaged 0xScourgedev for fuzz testing on behalf of Pendle, and I was impressed with his dedication and willingness to go above and beyond. He was very responsive and committed to delivering quality results, consistently addressing any queries or concerns promptly. Overall, 0xScourgedev did a great job ensuring the robustness of the contract. We look forward to working with him again in the future.

Long Vuong

Head of Engineering at Pendle

Rappie found some extremely subtle behaviors in our code that many others missed. He not only uses the cutting edge of multiple fuzzing engines, but also helps shape how these fuzzers are built. We've been delighted to use his mastery to make our contracts more secure.

DanielVF

Head of Security at Origin Protocol

Engagement has been great and I'm sure Alex would second the sentiment. Digging into the code with care and precision, excellent communication and standups, educational. In the top tier of security researcher contract engagements from my experience.

BadgerDAO

eBTC

Rappie went above and beyond to deeply understand our protocol and cover all the edge cases. His experience and knowledge about the art of fuzzing is unparalleled. Overall he is an incredible security expert, we certainly will be returning to him with our future smart contracts.

Igor Zuk

Drips Network

Meet Our Elite Team

0xScourgedev

CEO & Lead Fuzzing Specialist

He brings extensive experience in performing fuzzing engagements for some of the largest DeFi protocols, including Pendle, Berachain, Immutable, Synthetix and various other protocols

Rappie

CTO & Lead Fuzzing Specialist

One of the OGs in EVM fuzzing, helped secure massive companies such as Coinbase, and continues to push the boundaries of smart contract security through research and fuzzing innovation

Antonio Viggiano

Advisor & Lead Fuzzing Specialist

Spoke and published many research papers on EVM fuzzing. The editor of All Things Fuzzy, a newsletter focused on invariants, fuzzing, symbolic testing, and formal verification

Josselin Feist

Lead Fuzzing Specialist

Author of Slither. Ex-engineering Director of the Blockchain team at Trail of Bits, 8+ years focused on blockchain security. Led countless security reviews in Solidity, Go and Rust

Have any questions? Want a boutique service? Contact us!

You will hear back from us within 48 hours

Perimeter is built on uncompromising quality, consistent communication, and transparency.

Open Source

Fuzzlib

Arachne

EVM Fuzzing Resources

Public Fuzzing Campaigns

Resources

Portfolio

Public Reports

Benefits of Fuzzing

Technical Concepts for Fuzzing

Legal & Contact

Terms and Conditions

info@perimetersec.io

Paxtonstraat 3 N Box A2345 8013RP Zwolle, The Netherlands