deliriusz
Man of many interests, with deepest love for IT. In previous life, specializing in backend and data & systems integration technologies. Independent security researcher, Web3 contributor (full stack and Smart Contracts), Code4rena certified warden & Developer DAO member. REACH auditing school mentor. Cooperating with multiple auditing companies providing security expertise. Passionate about Linux, programming and language learning. Open-minded, people person.
Security research
Immunefi
Found multiple issues in projects deployed on mainnet. E.g.:
- Angle protocol CRITICAL - user funds draining via reentrancy attack
- Angle protocol CRITICAL - stealing vault from a user
- Nomad bridge HIGH - one message bridge DoS
- Nomad bridge LOW - gas stealing from relayer
- (classified) HIGH - one message bridge DoS
- (classified) LOW - gas stealing from relayer
- (classified) MED - unable to prove validator fraud on-chain
- (classified) HIGH - unauthorized call to any protocol escrowed NFT
Trust mentorship
I was a top security researcher Trust's mentee over the 4 months period. In this period I learned many tools and techniques, that allowed me to place top in multiple audit contests and find multiple issues on Immunefi.
Competitive audits
- Code4rena certified backstage warden - 7th place on 90 days leaderboard (as of June 2023)
- Venus Private Pools - 4th place
Private audit
- GMXv2 - Guardian Audits
- StackOS v2 - Securr
- Solady - ongoing REACH school audit
Articles
- Contributed to Smart Contract Security Verification Standard
- Writing about security on Medium
Software engineering
IDriss contributor
Web3 swiss-knife for non crypto-native people.
Writing smart contracts & full stackTypeScript, Solidity, Hardhat
Turbo-DIPaaS - 🏆 finalist project for ETHOnline 2022
No code Web3 integration project. TypeScript, NodeJS, React