Category: blockchain security and threat-intelligence firm / AML and incident-response platform / public research and security-operations tooling provider
Summary: SlowMist is best understood as a broad blockchain-security and threat-intelligence platform rather than only an audit firm. Its official materials combine classic exchange, wallet, blockchain, and smart-contract auditing with threat intelligence, defense deployment, AML tooling, hacked-incident data, and a large public GitHub footprint full of security guides, vulnerability advisories, knowledge-base material, and attack-monitoring software. That mix makes SlowMist look more like a security-operations and intelligence vendor with audit services attached than a simple boutique reviewer.
What it does:
Provides security services for exchanges, wallets, blockchain infrastructure, smart contracts, red teaming, monitoring, consulting, and defense deployment
Operates security products including MistTrack, SlowMist KYT, MistEye, fake-deposit scanning, SlowMist Hacked, and other threat-intelligence or AML/compliance surfaces
Publishes detailed audit criteria for smart contracts across token, DeFi, RWA, Move, Solana, and EOS environments
Maintains public GitHub repositories for vulnerability advisories, threat-intelligence tooling, security-practice guides, auditor-learning material, knowledge-base content, malicious-address datasets, and bug-bounty references
Appears to participate directly in investigation and disclosure work, not only preventative review, based on the public advisories and threat-intelligence tooling surfaces
Key claims:
The homepage and about page describe SlowMist as a blockchain-security / threat-intelligence firm founded in January 2018 by a team with more than ten years of network-security experience
The about page says SlowMist’s solutions span auditing, blockchain threat intelligence, defense deployment, AML tracking and analytics through MistTrack, institutional compliance via SlowMist KYT, threat monitoring through MistEye, and a hacked-incident database
The about page says SlowMist’s investigation work has been cited by international organizations and government bodies including the United Nations Security Council and the United Nations Office on Drugs and Crime
The smart-contract-audit service page exposes unusually granular public audit taxonomies across token, DeFi, RWA, Move, Solana, and EOS environments, which makes the service page itself a meaningful primary technical artifact
The Web3 Project Security Practice Requirements repository says SlowMist open-sourced a full-lifecycle security-practice guide so project teams can build their own security systems rather than relying only on a short-term audit engagement
The SlowMist-Learning-Roadmap-for-Becoming-a-Smart-Contract-Auditor repository frames itself as a skills chart for SlowMist auditors and publishes a large public learning roadmap, which is strong evidence of first-party security education infrastructure
The papers repository preserves SlowMist vulnerability-research advisories, while the blockchain-threat-intelligence repository describes tooling that simulates blockchain-node RPC interfaces to monitor attacks across the global network
The GitHub organization shows a broader tooling footprint including threat-intelligence platforms, malicious-wallet-address work, node-security checklists, bug-bounty lists, and a public knowledge base
Whitepaper: No single canonical SlowMist whitepaper or litepaper surfaced in this pass. The clearest current source of truth is the official site and service pages plus the public GitHub organization, research advisories, threat-intelligence tooling, and open security-guidance repositories; see ../whitepapers/slowmist-primary-sources-2026-04-30.md.