Security engineer focused on Web3 product security, protocol review, and security automation.
Former Blockchain Security Consultant at Trail of Bits. I review production Solidity/EVM systems, build audit and invariant-testing workflows, and develop tools that make security findings easier to detect, explain, and prevent.
- Smart contract and protocol security: Solidity, EVM, DeFi accounting, access control, upgradeability, oracle assumptions, invariants
- Product security engineering: threat modeling, CI security checks, monitoring rules, incident runbooks, privileged-role hardening
- Security automation: fuzzing, property testing, static analysis, audit notebooks, graph-based code review, AI-assisted review workflows
- AI security: RAG hygiene, prompt-injection-aware pipelines, audit-drift detection, human-in-the-loop review
- Franklin Templeton tokenized fund
- Immutable zkEVM Bridge
- Seaport / OpenSea
- Maple Finance V2
- LooksRare
- Arcade.xyz
- MYSO v2
- Primitive Hyper
- Code4rena high-severity finding: Stader, 2023
See: work-sample
| Project | What it demonstrates |
|---|---|
| work-sample | Public security review writing samples from Trail of Bits and Code4rena |
| meridian | Audit notebook generator for turning codebases into navigable security-review workspaces |
| ledgerline | Web3 payment/revenue infrastructure with on-chain Merkle anchoring, tests, and verifier flow |
| rag-hygiene-scanner | CI-friendly scanner for prompt-injection indicators, risky HTML/Markdown, PII, and secret-like content |
| solidity-audit-graph | Solidity code graph tooling for protocol review workflows |
I am especially interested in security roles that combine hands-on engineering with deep review of production systems: product security, protocol security, security tooling, Web3 infrastructure, and AI-assisted secure development.
Contact: LinkedIn · SuperDroids