Smart Contract Auditor

About Poly Syncer

Poly Syncer is the non-custodial copy-trading platform that lets subscribers mirror Polymarket wallets without ever giving up custody. The architecture is built around a narrow, revocable, time-bounded authorization that lets the executor act on a user's behalf without ever holding their funds. The smart-contract surface is small by design — and exactly because it is small, it must be correct. The security page documents our posture and the whitepaper the architecture.

The role

This engagement is a fixed-scope audit covering two surfaces: the next revision of the authorization contract (which mediates every executor action) and the Q3 cross-venue routing layer (which extends mirror execution beyond Polymarket-native pools). We already work with Trail of Bits on the primary engagement; this seat is for an independent second auditor. We have found that two independent reports surface different findings, and the marginal cost is small relative to the marginal safety.

You will receive the source, the threat model written by our engineers, the test suite (including the fuzz-test corpus), and direct access to the contract authors. We do not gate access — if you ask a question on a Tuesday, you will have an answer by Wednesday at the latest. The deliverable is a written report with severity-ranked findings (critical, high, medium, low, informational) and recommended remediations. We publish the report in full on the security page after remediation. Your name and firm are credited.

Engagement runs four to six weeks depending on surface area. Payment is split: 30% on kickoff, 40% on draft delivery, 30% on final report. We do not chase line items in the report — if you find something, we want to know about it.

You'll be a fit if

• You have published audit reports on EVM contracts handling authorization flows, session keys, or account abstraction. We will read them before the intro call.
• You have working knowledge of Polygon-specific edge cases: reorg windows, gas-pricing dynamics, bridge interactions, and how those differ from L1.
• You can read Solidity and Yul, and you have at least passing familiarity with formal verification tooling (Certora, Halmos, or equivalent) even if you do not run it in this engagement.
• You write findings clearly. A good audit report is not a list of grep results — it is an argument about how a contract can be broken and what the cost is. We optimize for the latter.
• You have an opinion about the difference between an exploit and a code-quality nit, and you label findings accordingly.
• You meet deadlines. Our release pipeline depends on the audit landing on schedule.

Bonus points

• You have audited a Polymarket-adjacent or Polygon-CDK-adjacent contract before.
• You have published research on MEV, private mempool dynamics, or session-key delegation patterns.
• You have written a fuzz harness that found a real bug in a deployed contract.

Process

1. Intro call (30 min). A quick conversation to confirm scope, schedule, and that we are a fit.
2. Scoping document (you write, we sign). A two-page doc covering deliverable, exclusions, and milestone payments. We sign within three business days.
3. Audit window (4–6 weeks). You have full access to engineers, codebase, threat model, and test suite. We expect at least one mid-engagement check-in.
4. Final report and remediation. Draft, then final after our team responds to findings. We publish on the security page after fixes ship.

Compensation

Fixed-scope contract, $40k–$80k per engagement, depending on surface area and engagement length. The authorization contract revision and the routing layer audited together fall at the top of the range. Payment is in USDC or fiat, your preference.

Location

Fully remote. We have no preference on time zone — the work is asynchronous and you set your own hours. We ask for one live mid-engagement call (60 min) at a time of your choosing.

How to apply

Email [email protected] with links to two or three published audit reports — preferably ones you wrote in full, not lead-author-as-formality. A short note on availability over the next quarter is helpful but not required.

For background on what you would be auditing, see the methodology page and the whitepaper. For our broader security posture, the security page is canonical and lists the previous engagements we have run, including a summary of every public finding and the commit that resolved it.

One last note on style: the audits we have learned the most from are the ones written like memos, not like checklists. We would rather read four pages of careful reasoning about a single high-severity finding than forty pages of low-severity nits. If you do find forty low-severity nits, send them in an appendix. The argument lives in the body.