• Solidity smart contract researcher and auditor
• Currently learning, conducting research, and bug hunting
• Completed the Secureum Bootcamp
• Completed my MSc in Blockchain and Digital Currency at the University of Nicosia as a Coinbase Scholar
• Previously a Vice President at Goldman Sachs, leading business development and strategic partnerships

Here's a bit more about my story.

This is a public profile of my adventure as an auditor and researcher.

Some of my early projects and contributions are shared below.

1. Smart Contracts
2. Vulnerabilities and Safeguards
3. Wargames
4. My Toolkit
5. Community Contributions

Here are various smart contracts I've developed, including:

• NFT Marketplace: OpenWave
• Custom NFT ERC721 Token
• Custom ERC20 Token
• Token Depository and Receipt Token

Here is a compilation of projects that underline common vulnerabilities and exhibit how they can be exploited. For some, improved contracts are included, showcasing best practices to fortify the contract's security. Highlights include:

• CryptoBank Reentrancy
• TX Origin Phishing
• Token Minting Underflow
• ICO Overflow
• Beyond The Limit Overflow
• Timed Vault Overflow
• Insecure Blockhash
• Guessing Random Numbers

Here are my solutions to blockchain security wargames, challenges, and capture the flag (CTF) competitions.

• Ethernaut

1. Mythril: I appreciate its extensibility, enabling me to script custom modules to detect specific vulnerabilities. For example, it can help in identifying a flawed external call that leads to a reentrancy attack.
2. Slither: I find it invaluable during preliminary code assessments, when I can run a static analysis to identify vulnerabilities without executing the code. For instance, it can highlight an uninitialized state variable.
3. Echidna: I value its property-based testing approach which expands my toolkit beyond traditional unit testing to testing properties. One practical example is verifying that a transfer function consistently maintains integrity of the total token supply.
4. Foundry: Ultimately, I believe manual testing is the most powerful tool and Foundry enables me to generate POCs with simulated real-world contract interactions.

Others: Surya, Ethlint

• Linux Distribution: ZIION. I enjoy using ZIION because it is tailored for smart contract security and minimizes the usual environment setup woes. It has dozens of pre-installed tools (ranging from decompilers to vulnerability scanners) that I enjoy using and it supports Solidity/EVM + Rust-based blockchains.
• IDE: VS Code. I appreciate the suites of great blockchain extensions. A few of my favorites include the Solidity extension to enable syntax highlighting and the Solidity Visual Auditor to visualize control flow graphs. For quick code review and testing I enjoy using Remix as well.