Category: web3 security and cryptography research / public audit-report infrastructure / smart-contract and protocol security tooling
Summary: Hexens is better cataloged as broader security-and-research infrastructure than as a standard audit boutique. In this pass, the official website itself was protected by a Cloudflare challenge that blocked clean extraction, but the company’s first-party GitHub surfaces still revealed a distinct footprint: a large public smart-contract review repository spanning many major protocols, a public FHE-attack research curation project, zkEVM-oriented static-analysis tooling, and an agent-facing Glider skill for Solidity security analysis. The strongest categorization clue is that Hexens appears to package public audit artifacts, niche cryptography research, and reusable analyst tooling together, which suggests a durable ecosystem-security role beyond one-off review engagements.
What it does:
Publishes a first-party public archive of smart-contract audit reports and security reviews covering a wide range of protocols and infrastructure projects
Maintains security-research and analyst-tooling projects, including a curated repository of attacks against fully homomorphic encryption and a static-analysis framework for PIL used in zkEVM state-machine work
Publishes Glider-related docs and skills that teach AI coding assistants how to write queries for Solidity smart-contract analysis, labeling, and vulnerability detection
Uses its GitHub organization as a substantive primary-source surface for both security work history and present tooling/research posture
Key claims:
The official GitHub organization description says “Novel approach to cybersecurity,” which is sparse but still clearly positions Hexens as a security-focused organization rather than a single-product app
The Smart-Contract-Review-Public-Reports README says the repository contains the smart-contract audit reports and security reviews performed by Hexens
The public reports repository page shows a large cross-section of released work across projects such as 1inch, API3, Babylon, Celo, EigenLayer, LayerZero, Polygon zkEVM, and others, which is a strong signal that Hexens operates a substantial public audit corpus rather than only posting a few marketing samples
The GitHub org’s popular repositories include awesome-fhe-attacks, piller, glider-docs, and glider-skills, which shows ongoing investment in niche cryptography/security research and analyst tooling beyond conventional smart-contract audit PDFs
The awesome-fhe-attacks README says it is a curated list of research, articles, tools, and resources focused on attacks against fully homomorphic encryption, intended for researchers and practitioners interested in FHE security
The glider-skills README says it is an AI agent skill that teaches coding assistants how to write Glider queries for analyzing Solidity smart contracts, including security vulnerabilities, labeling, and pattern detection, and says it was built by Hexens
Taken together, the GitHub footprint suggests Hexens spans public review work, vulnerability-analysis tooling, cryptography research curation, and analyst enablement rather than functioning purely as a report-delivery service
Whitepaper: No canonical standalone Hexens whitepaper or litepaper surfaced in this pass. The official website was reachable only through a Cloudflare challenge during retrieval, so the clearest first-party sources of truth were the company’s GitHub organization and repositories; see ../whitepapers/hexens-primary-sources-2026-05-02.md.