01
Protocol contracts
Lending markets, AMMs, yield strategies, perpetuals, options. Architecture that handles the failure modes the post-mortem corpus has documented — not just the happy path.
Loading…
Blockchain & Web3 · MESH
Smart Contract Development.
Solidity, Vyper, and Move smart contracts — audited externally, gas-optimized, upgrade-aware where appropriate, immutable where value-at-risk demands it. Adversarial test discipline from day one, formal verification of critical invariants for institutional-scale TVL.
- Practice
- Blockchain & Web3
- Department
- MESH
The problem
Smart-contract bugs are permanent, public, and immediate — and rushed audits don’t fix that.
Post-mortems across DeFi exploits read the same way: a single missed check, an off-by-one in a math library, an oracle assumption that broke under stress, an admin pattern that 'wasn't supposed to' do what an attacker made it do. Most of the failure modes were avoidable with adversarial testing discipline ahead of mainnet — but the engineering organization optimized for shipping the demo, not for surviving the attack surface.
We engineer smart contracts adversarially. Differential test harnesses against reference implementations where one exists. Property-based fuzzing campaigns from day one of development, not the week before audit. External audits before mainnet, formal verification of critical invariants where value-at-risk warrants it. Operating runbooks that assume hostile environments. The contract that lands on mainnet is the contract that survived all of that.
Where it ships
5 use cases, in production.
Specific applications we’ve built and operated. Not speculative — every example below is grounded in a real shipped engagement.
- 02
Token contracts
ERC-20, ERC-721, ERC-1155, and ERC-3643 (compliant tokens). Royalty enforcement, on-chain provenance, transfer restrictions where regulatory frame requires.
- 03
Upgrade and admin patterns
Transparent / UUPS proxies, time-locked admin, multisig + timelock governance, pausable patterns. We design the trust model first — who can do what under which constraints, with which recovery path.
- 04
Cross-chain and bridge contracts
Lock-and-mint and burn-and-mint bridge architectures with explicit attack-surface analysis. We tell you when a bridge is fundamentally a centralization choice and document the tradeoffs.
- 05
Audit remediation
Audit findings remediation, retest, and the operational discipline (monitoring, runbooks, incident response) that audit reports recommend but most teams never operationalize.
How we engage
4 phases, named in the SOW.
Each phase has a deliverable, an owner, and an acceptance criterion. Not slogans — operating rules.
- 01
Threat model and trust assumptions
Discovery starts with 'what's the worst that can happen, and what does it cost'. Trust assumptions documented, admin pattern designed, upgrade plan settled (or commitment to immutability made explicit). Architecture lands in writing before code does.
- 02
Adversarial development
Foundry / Hardhat development with property-based fuzzing (Echidna, Foundry invariants), differential test harnesses against reference implementations, and continuous static analysis (Slither, Mythril). Tests live alongside contracts in the repo.
- 03
External audit before mainnet
We do not deploy contracts holding meaningful TVL without external audit. We coordinate with audit firms (we maintain working relationships with several reputable ones), stage code at the right phase, manage findings, and ship the audit report alongside the contract.
- 04
Operating runbook on day one
Mainnet launch comes with a documented incident-response plan, named on-call, monitoring on critical invariants, and a pause-and-upgrade runbook. Many engagements continue under Managed Services for ongoing chain monitoring.
Capabilities
What’s in scope.
- Solidity, Vyper, Move — production-grade smart contract engineering
- Token standards: ERC-20, ERC-721, ERC-1155, ERC-3643, ERC-4337
- Upgrade patterns: transparent / UUPS / Diamond proxies; immutable when warranted
- Adversarial test discipline: fuzzing, invariant testing, differential harnesses
- External audit coordination with reputable firms
- Formal verification of critical invariants (Certora, Halmos)
- Operating runbooks: monitoring, incident response, pause-and-upgrade
Stack
Tools we use in production.
- Languages
- SolidityVyperMove (Aptos / Sui)Cairo (StarkNet)
- Dev tooling
- FoundryHardhatMove CLITenderlyAnvil
- Testing
- EchidnaFoundry invariantsHalmosManticoreSlither
- Static analysis
- SlitherMythrilAderynSolidity Metrics
- Verification
- CertoraHalmos (symbolic)HevmK Framework
Selected work
Quantified outcomes, not adjectives.
Common questions
Asked before the first call.
- 01
Do you do audits or only development?
We do internal review on every engagement (CITADEL co-pilots) and coordinate one or more external audits with reputable firms before mainnet for contracts holding meaningful TVL. We don't position ourselves as the only auditor of work we shipped — independent third-party testing is part of the discipline.
- 02
Solidity or Vyper?
Solidity for most production work — broader tooling and audit-firm familiarity. Vyper when the contract benefits from its narrower surface area and stronger guarantees against certain bug classes. We'll recommend Vyper for math-heavy contracts where the readability and audit-defensibility justify the smaller ecosystem.
- 03
When do you recommend formal verification?
When value-at-risk warrants it. Critical invariants in lending markets, AMMs, custody contracts, and bridge architectures benefit from formal verification (Certora, Halmos symbolic execution). We don't FV everything — we identify the specific properties whose violation would be catastrophic and verify those.
- 04
How do you handle gas optimization?
Profile first, optimize second. Foundry's gas reports per function, opcode-level analysis on hot paths, storage-layout optimization, and explicit packed-struct design. We will not sacrifice correctness or readability for marginal gas savings — most production contracts spend more on audit findings than they ever pay in gas.
- 05
Do you do upgradeable contracts?
When the design warrants it. Transparent proxy or UUPS for general-purpose upgradeability, Diamond pattern for large surface area, immutability when the protocol benefits from credible commitment. We design the upgrade pattern first — including the time-lock, governance, and the social-recovery story — not as an afterthought.
- 06
What does a smart-contract engagement cost?
Threat modeling and architecture: 4–6 weeks, $60K–$180K. Production contracts with audit: 4–9 months, $400K–$1.5M depending on protocol complexity. Multi-protocol platforms: $1.5M–$4M+. External audit fees pass through to the customer at cost (typically $80K–$300K per audit). Managed Services for ongoing monitoring: $30K–$120K monthly retainer. Brackets published honestly so visitors self-qualify before the first call.
Within Blockchain & Web3
Other capabilities in this practice.
Talk to us
Bring a smart contract development problem. We’ll bring a senior engineer.
A senior engineer plus the MESH department lead joins the first call. No discovery gauntlet, no junior reps.