plainshift
Our mission
Plainshift is a full-stack security firm built on the “shift left” security philosophy. We often work with teams early in the product development process to bring security to a greater organizational range than just smart contracts. From the web app, to fuzzing/formal verification, to a team’s operational security, full-stack security can only be achieved by first understanding there is no “scope” to protect the users that trust you.
We’re here to meaningfully revolutionize how teams approach security and guide them towards a holistic approach rather than the single sided approach so prevalent today.
Timeline
Plainshift proposes a 12 engineer week audit (3 auditors) from April 21st to May 19th (report delivery).
We’ll set up a dedicated Telegram groupchat for comms between our auditors and the Loopscale dev team. All confirmed findings/recommended mitigations will be communicated as we go if preferred by Loopscale, so as to avoid waiting until report delivery to validate/fix if operating under a tight timeline.
Relevant Experience
All experience listed below includes the auditors assigned to this review.
Our team is highly trusted in the industry:
-
We were contracted by the Ethereum Foundation to conduct comprehensive audits for the Pectra Upgrade EIP bytecode contracts, working alongside a16z and three other respected firms.
-
The Uniswap v4 lead designer and Uniswap v3 core developer entrusted Plainshift to conduct the core audits for both the Starknet and EVM implementations of Ekubo after a previous auditing firm missed a critical vulnerability.
Ekubo is a Concentrated Liquidity Market Maker (CLMM) heavily inspired by Uniswap v3/v4, for which we developed a complementary custom testing suite alongside our audit to extensively evaluate all potential edge cases.
You can review both of our audits for Ekubo at https://docs.ekubo.org/integration-guides/reference/audits, where we identified a critical vulnerability in the Solidity smart contracts.
Given the traditional lack of clarity on experience of the auditors assigned to your review with other audit firms, we’ve attatched other public-facing work our auditors have done, including audit competitions to display how we stand relative to the rest of the industry:
| Project | Description |
|---|---|
| Reserve Protocol (Solana) | Placed first in Solana audit competition, found 7/7 Highs |
| Perena (Solana) | Private Solana Audit |
| Lavarage (Lending, Solana) | Placed first in Solana audit competition |
| Maple Finance (Lending) | Private Lending Audit |
| WOOPFi Swap (Solana) | Top 3 in Solana audit competition |
Proposed Quote
| Timeline | Engineer Weeks | Cost |
|---|---|---|
| April 21st - May 19th | 12 | 60000 USDC |