A structured 7-stage audit using an orchestrator + subagent architecture for security auditing of blockchain node implementations. Covers execution clients, consensus clients, app-chain SDKs, bridges, and any codebase with P2P networking or consensus logic.

Pipeline

1. Setup — creates output directories, records audit parameters
2. Recon — maps codebase structure, entry points, trust boundaries, and applicable patterns
3. Hunt — parallel subagents analyze assigned subsystems against 20 vulnerability pattern families
4. Cross-subsystem — traces trust boundary mismatches at subsystem call sites
5. Validation — deduplicates findings, applies severity override rules
6. Adversarial review [deep] — Red Team / Blue Team / Judge protocol for HIGH+ findings
7. Report — consolidated report from disk state

Knowledge Base

• 20 vulnerability pattern families covering input validation, consensus correctness, resource exhaustion, memory safety, concurrency, serialization, and more
• 7 structured analysis lenses for systematically examining code at trust boundaries
• Heuristic strategies for finding bugs that patterns alone won’t catch

Track Record

• $1K earned on Immunefi (1 Medium finding)
• Independently discovered a vulnerability in rippled (XRP Ledger), officially acknowledged and patched

Scope

• Execution clients (go-ethereum, Erigon, Reth, Nethermind, Besu)
• Consensus clients (Lighthouse, Prysm, Teku, Nimbus, Lodestar)
• App-chain SDKs (Cosmos SDK, Substrate, CometBFT)
• Bridge and relayer codebases

Install

Install skill https://github.com/DarkNavySecurity/web3-skills/

Usage

/client-auditor .           # Audit current repo
/client-auditor ./node      # Audit subdirectory
/client-auditor . deep      # Full deep audit