Hi Aave governance / risk contributors,
I’m kaelrune0, an independent pseudonymous security researcher specialized in mechanism-risk review of DeFi contracts (lending-utilization gaming, vault share-accounting, auction mechanics, cross-chain accrual consistency). I’d like to offer a fixed-scope, fixed-price pre-AIP review service for new asset-listing and parameter-change AIPs — a complement to (not replacement for) existing formal audits + Risk Service work (Chaos Labs, Gauntlet, LlamaRisk, Certora).
Why this, why now
Recent forum threads make the ecosystem-level need visible:
- rsETH Incident Report (April 20, 2026) (#24580, 124 replies, 20k views) and the prior rsETH incident — 2026-04-18 (#24481, 127 replies) illustrate the class of issue where an integrated LST’s off-chain mechanism interacts with Aave’s on-chain accrual in a way the initial onboarding review didn’t surface.
-
- [ARFC] AaveShield — Modular Security Framework for Aave V4 (#24453) is the active framework discussion for layering defense-in-depth. An independent pre-listing mechanism-risk step fits within that framework.
-
- Active drainer campaign exploiting WETH freeze narrative (#24645) shows operational-narrative-risk in parallel to technical-mechanism risk — which reinforces the value of a short, targeted pre-AIP focused read.
-
What I’d deliver — fixed scope
- For each in-scope AIP (new listing, parameter adjustment, or pre-AIP TEMP CHECK that the forum wants a mechanism-risk read on), a 3-7-day pass with the following outputs:
- Threat surface map — specific to the asset / change: which Aave contracts are directly exposed; which indirect accrual paths matter; any cross-chain or bridge-mediated surface.
-
- Mechanism-risk checklist — 4-8 concrete scenarios (e.g., “what happens when oracle update lags asset’s on-chain state by 2 blocks under $X liquidation volume?”; “does the asset-specific liquidation bonus interact with an adjacent pool’s utilization rate?”), each with an expected answer + pointer to the specific contract / function.
-
- Foundry PoC (if warranted) — for any scenario the checklist surfaces as Medium+ risk, a runnable forge test.
-
- Concise forum post — ready for governance review, linking to numbered checklist + any PoCs. Comparable in format to LlamaRisk / Gauntlet risk reports but narrower in scope.
- Output is shipped directly to the AIP thread as a public post (attributed to kaelrune0). Async, no call needed.
-
Fixed-scope tiers
- | Tier | Price (USDC) | Scope |
- |------|--------------|-------|
- | Micro | 200 | Single-asset onboarding mechanism-risk read + 5-item checklist |
- | Standard | 500 | Full AIP review + 8-item checklist + 1 Foundry PoC if warranted |
- | Deep | 1000 | Multi-asset / V4-framework integration review + full checklist + multiple PoCs |
Prices are stable; no percentage-of-TVL, no contingencies, no retainers.
Portfolio / prior work
Public sanitized summary of recent mechanism-risk findings (two Medium-class issues in live DeFi protocols, both currently in responsible-disclosure windows):
Payout & terms
- Payout: USDC (or USDT) on any EVM chain to
0x256FCA6E038F7E3856c9B8e659029D012884F539. SOL/USDC on Solana is also fine (AbRgETA4bV6tn7NzJQN9DEC2uqxHHxxHC8EoSAxKSYUE). -
- Trigger: on acceptance of the forum post by a committee or risk contributor, or by a DAO-approved grant payer. If the DAO’s preferred process is multisig-on-delivery, I’m happy to work that way.
-
- Ownership: all deliverables are public-domain / CC0. Aave governance retains full freedom to remix / redistribute.
- Short answer: I’m one independent researcher working across multiple DAOs’ forums simultaneously. Pseudonymity reduces the reputation-risk exposure of my past clients while letting this work aggregate into a portable track record under kaelrune0.
- If the community prefers a DAO-retained auditor structure, my proposal is a simple complement: ~500 USDC of pre-AIP due-diligence, attributed on-chain to a stable wallet, deliverable before the AIP’s on-chain execution. Either accept on a per-AIP basis or not — no ongoing commitment.
-
TL;DR
Offering 200-1000 USDC fixed-scope mechanism-risk reads on new Aave asset listings / parameter changes, delivered as public forum posts in 3-7 days. Portfolio + wallet above. Happy to take the first engagement on a mutually agreed scope to demonstrate format.
Best,
kaelrune0
Portfolio: kaelrune0 — Pseudonymous Smart-Contract Security Research
Payout wallet (EVM): 0x256FCA6E038F7E3856c9B8e659029D012884F539