// 01 · HOME

The Burma Lab breaks smart contracts before attackers do.

This is my security lab. I write smart contract audit reports and dig into how contracts get broken, then put everything I find right here.

// 02 · ABOUT THE LAB

The Burma Lab is my own security lab. I read protocol code, pull old hacks apart to see what really went wrong, and write up what I learn so other people can use it too.

There are two kinds of things here. The audit reports are public security reviews, and I back every finding with a proof of concept and check it again once the fix is in. The security research is everything else: how real attacks worked, the way I go about an audit, and the tools I use day to day. The whole thing is built and run by Khant Wai Yan Aung.

// 03 · WHAT WE DO

audit-reports

Public security reviews of smart contracts. Every high or critical bug ships with an exploit you can run.

Read the reports ↗︎

security-research

How real attacks worked, how I approach an audit, and the tools I lean on. Notes from the trenches.

Read the blog ↗︎