CaliperForge — Precision contributions, every chain.

What we work on

Chains we cover

We work where contracts are shipping. Active language coverage: Cairo, Rust / Anchor, Solidity, TypeScript.

Base OP Stack L2 Smart contracts, tooling, ecosystem PRs.
Optimism Superchain RetroPGF-eligible Public-good builds, developer tooling.
Solana Anchor / SPL Programs, tooling, Foundation-funded work.
Starknet Cairo 2.x Contract work and developer tooling on snforge.

Move (Sui, Aptos) and Go (Cosmos, Celestia) come online when contract volume warrants.

What we ship

Projects

Open-source tooling we maintain. Source on GitHub, license on the card.

cf-invariants Rust + Cairo · Apache-2.0 Open-source snforge sidecar that adds stateful invariant testing and AI-suggested invariants to Cairo 2.x. Twelve reference contracts, Voyager-verified on Starknet Sepolia. github.com/caliperforge/cf-invariants AI-disclosed
cf-invariants-anchor Rust + Anchor · Apache-2.0 Invariant-authoring layer on top of Crucible (Asymmetric Research's coverage-guided Solana fuzzer). Stateful invariants and AI-suggested invariants tagged in source; CI runs the harness against a clean vault and a planted-bug twin every push — 0 violations on the clean variant, ≥1 on the planted variant, with scorecards committed. github.com/caliperforge/cf-invariants-anchor AI-disclosed
cf-invariants-jito Solana / Anchor (Crucible) · Jito tip-distribution · Apache-2.0 Invariant-fuzzing harness for the Jito Foundation tip-distribution program, ported from anchor-lang 0.31.1 to 1.0.1 to run on Crucible (Asymmetric Research) v0.2.0. CI runs four invariant classes — claim-amount conservation, no-double-claim, Merkle authority, admin gating — against a clean reference and a planted-bug twin per class on every push: 0 violations clean, ≥1 violation planted, across all four. github.com/caliperforge/cf-invariants-jito Blog AI-disclosed
cf-invariants-jito-tippayment Solana / Anchor (Crucible) · Jito tip-payment · Apache-2.0 Sibling harness for the Jito Foundation tip-payment program on the same anchor-lang 1.0.1 / Crucible v0.2.0 rails as cf-invariants-jito. Ships one invariant class to start — write-through state-update on change_tip_receiver — against a clean reference and a planted-bug twin. CI: 0 violations clean, ≥1 violation planted, green on the first push. github.com/caliperforge/cf-invariants-jito-tippayment Blog AI-disclosed
cf-invariants-jito-priorityfee Solana / Anchor (Crucible) · Jito priority-fee-distribution · Apache-2.0 Third Jito program harnessed on the same anchor-lang 1.0.1 / Crucible v0.2.0 rails as cf-invariants-jito and cf-invariants-jito-tippayment. Ships one invariant class to start — total priority-fee tips increment on transfer — against a clean reference and a planted-bug twin. CI: 0 violations clean, ≥1 violation planted, green on the first push. github.com/caliperforge/cf-invariants-jito-priorityfee AI-disclosed
chimera-template-pack Solidity + Foundry · Apache-2.0 (MIT carve-out) Reusable Foundry + Recon Chimera scaffold for contest entries. Pre-wires Echidna and Medusa stateful-fuzz campaigns, three seeded invariants, and a CI job that runs the campaign and writes scorecards into findings/ on every push. Forkable starter, not a finished audit. github.com/caliperforge/chimera-template-pack AI-disclosed

Live on-chain

cf-invariants reference suite on Starknet sepolia.

Twelve Cairo 2.x contracts deployed and Voyager-verified on Sepolia (suite expanded 6 → 12 on 2026-06-04). Planted-bug references span token supply accounting, governance executed-state, AMM constant-product, and additional surfaces — both regression fixtures for cf-invariants and on-chain targets you can run the sidecar against today.

ERC20Ref Token · Cairo 2.x Planted bug on supply accounting. 0x01def8…b055b Voyager
Governance Voting · Cairo 2.x Planted bug on executed-state tracking. 0x066738…794e6 Voyager
SingleSideAmm AMM · Cairo 2.x Planted bug on constant-product reserves. 0x05351d…c81f8 Voyager
ERC4626Ref Vault · Cairo 2.x Planted bug on share / asset conservation. 0x01d31e…e08c Voyager
MultisigRef Multisig · Cairo 2.x Planted bug on threshold monotonicity. 0x04fe55…eef8 Voyager
ERC721Ref NFT · Cairo 2.x Planted bug on token-id uniqueness. 0x02b5aa…55fa Voyager
LendingRef Lending · Cairo 2.x Planted bug on per-user solvency. 0x0627b8…7c52 Voyager
StakingRef Staking · Cairo 2.x Planted bug on stake / slash conservation. 0x014e72…4e09 Voyager
VestingRef Vesting · Cairo 2.x Planted bug on time-bounded release supply cap. 0x032537…bd38 Voyager
TimelockRef Timelock · Cairo 2.x Planted bug on delay-respected execution. 0x000cf3…e3f7 Voyager
PaymentSplitterRef Splitter · Cairo 2.x Planted bug on proportional-share release. 0x019300…710c Voyager
OracleRef Oracle · Cairo 2.x Planted bug on push-update timestamp monotonicity. 0x0617f5…e023 Voyager

Read the findings report

How we work

One operator. A team of specialized AI agents. Reproducible builds.

CaliperForge is an engineering and security agency shipping invariant-driven, CI-verified tooling — AI-augmented and human-reviewed, operated and signed by a named human. One operator — Michael Moffett — orchestrates a small team of specialized AI agents: an audit engineer, a Cairo specialist, a Rust / Anchor specialist, a grant writer, a content reviewer, and others as the work calls for them. Every specialist is a configured AI agent with its own scope and review pattern. The operator reviews every output, runs cold-environment reproductions, and ships under his own name as operator-of-record.

Our edge is specialization velocity. New chain, new VM, new contest — we stand the specialist up and the CI-verified tool with it, in days rather than months. Cairo (snforge) to Solana / Anchor (on Asymmetric Research's Crucible) was roughly one working session. The engine is domain-general; the current portfolio is protocol and smart-contract security.

Our working pattern is an invariant-authoring layer on top of the engines doing the fuzzing — snforge on Cairo, Crucible on Solana / Anchor — with stateful invariants, AI-suggested invariants tagged in source, and clean / planted-bug reference examples checked into CI. We don't compete with the underlying engines on coverage; we author the layer above them.

AI involvement is disclosed at point of use; full policy at caliperforge.com/ai-disclosure. Every contribution ships under Michael's name as operator-of-record, tested in a cold-environment reproduction before submission, and carries an explicit AI-involvement note at the point of use.

Contact

Reachable, KYC-able, accountable.

Operated by Michael Moffett, accountable for every commit, PR, grant application, and bounty claim made under this org. For grant collaboration, engagement inquiries, security tooling questions, or contribution questions:

Operator Michael Moffett
Direct michael@caliperforge.com
Team team@caliperforge.com
GitHub github.com/caliperforge
X @caliperforge
Farcaster @caliperforge
Telegram @caliperforge
ENS caliperforge.eth