-
Work
- Security Engineer @ VyperLang (2023–present)
- Solidity Auditor @ Ackee Blockchain (2021–2023)
- FPGA Developer (infrared cameras) @ Workswell (2020–2021)
-
Highlights
- Built Ivy — AST interpreter + differential fuzzer for the Vyper compiler; led compiler hardening & audit readiness
- Reported high-severity compiler issues:
- Vyper: concat builtin memory corruption — https://github.com/vyperlang/vyper/security/advisories/GHSA-2q8v-3gqq-4f8p
- Sway: access controls of function dispatch — FuelLabs/sway#6333
- MSc in Computer Science (Systems Programming)
-
Programming (compilers & tooling)
- Ivy — AST interpreter + differential fuzzer: https://github.com/cyberthirst/ivy
- microc — dataflow static analyses: https://github.com/cyberthirst/microc
- cfml — bytecode compiler + runtime: https://github.com/cyberthirst/cfml
- tiny-c — C-like compiler: https://github.com/cyberthirst/tiny-c
- coverage-c — coverage-guided fuzzer for C: https://github.com/cyberthirst/coverage-c
-
OSS
- Wake (Solidity testing framework): https://github.com/Ackee-Blockchain/wake
- Vyper (EVM compiler): https://github.com/vyperlang/vyper
-
Selected audits
- Vyper compiler (CodeHawks): https://codehawks.cyfrin.io/c/2023-09-vyper-compiler/results?lt=contest&page=1&sc=reward&sj=reward&t=report
- Sway compiler (Immunefi): https://drive.google.com/file/d/1L-8jHGhR8UqvRlHRhUXXreSRkGUVJsPU/view
- Everstake Staking (Ackee): https://github.com/Ackee-Blockchain/public-audit-reports/blob/master/2023/ackee-blockchain-everstake-staking-report.pdf
- Axelar ITS v3.0 (Ackee): https://github.com/Ackee-Blockchain/public-audit-reports/blob/master/2024/ackee-blockchain-axelar-interchain-token-service-report.pdf
- Safe Multisig 1.4 (Ackee): https://github.com/safe-global/safe-smart-account/blob/main/docs/Safe_Audit_Report_1_4_0.pdf
-
Writing & talks
- Chainlink Data Feeds: a security researcher’s perspective — https://medium.com/ackee-blockchain/chainlink-data-feeds-security-researchers-perspective-3d558399f626
- The Logic of Mutation Testing — https://medium.com/@cyberthirst/the-logic-of-mutation-testing-58f0aefe160b
- Subtle Vyper: Understanding Vyper’s Idiosyncrasies and Gotchas — https://hackmd.io/@cyberthirst/HJ_6IJPCJl
- Writing EVM state in static context — https://hackmd.io/@cyberthirst/B1J1xZTY0
- Access Controls in Compilers — https://hackmd.io/@cyberthirst/SJEaIuotA
- How the Vyper compiler allocates memory — https://blog.vyperlang.org/posts/memory-allocation/
- Safe{Con} 2023 — multisig security
-
Contact
- X: @cyberthirst
- GitHub: https://github.com/cyberthirst
-
Notifications
You must be signed in to change notification settings - Fork 0
cyberthirst/cyberthirst
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
No description, website, or topics provided.
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published