More than 12 years in the Software industry. Started in 2011 at Yandex, spent some time building compiler-level stuff at Intel and joined JetBrains as Researcher in Software Verification. In 2019, I started to explore Blockchain space with Parity Technologies.
Since 2022, I conduct Security Audits for Web3 projects, both as solo entrepreneur and in collaboration with Oak Security.
MSc equivalent, Mathematician / Software Engineer (010503) Department of Software Engineering, Mathematics and Mechanics Faculty St. Petersburg State University
Thesis topic: “Martin-Löf Type Theory in Software Verification”
?
?
Audits of bridges utilizing on-chain light clients:
“Snowbridge” — bridge from Ethereum to Polkadot:
- Beacon chain light client built as parachain
- Asset Hub and Bridge Hub parachains
- BEEFY light client built as Solidity smart contract
“Centauri” — bridge from Cosmos to Polkadot:
- GRANDPA finality proofs verification
- CosmWasm contract and IBC messaging
- Major and Critical vulnerabilities found
Miscellaneous audits in Cosmos ecosystem:
“Nym” anonymization network
- Mixnet and Vesting contracts
“DAO DAO” platform for DAOs, audit report
- Vesting contract and Payroll factory
“Hyperlane” — interoperability framework:
- Merkle tree performance analysis
- CosmWasm contracts and security modules
- Major and Critical vulnerabilities found
As well as numerous audits of DeFi and NFT projects.
Architecture for DEX based on Atomic Swap (HTLC)
Prototype for Ethereum in Solidity, TypeScript and Ethers
Billing Smart Contract for TON in Tact
Pre-development investigation of blockchain platforms, frameworks and tools:
Building custom Polygon Edge network:
- Security assessment of SDK
- Initial deployment procedures
- Communication with Polygon team
- Stress testing on testnets (up to 50 nodes)
- Performance tuning
- MetaMask integration
- GSN integration
Integration with ChainBridge:
- Security assessment of SDK
- Initial deployment procedures
Ecosystems analytics:
- Ethereum L2 projects scalability, security, EVM-compatibility
- Aggregating and comparing networks metrics and stats
- Practical experiments, genesis configuration etc
- Performance benchmarks on private networks
Theoretical research:
- DEXs and bridges
- Polkadot, Avalanche, Cosmos, Fantom
- Ethereum L2: Polygon, Arbitrum
- Decentralized Autonomous Routing Protocol
Knowledge sharing:
- Internal summaries and write-ups
- Assistance in resolving Substrate-related issues
Reading whitepapers and analyzing existing protocols related to Replicated State Machines and Byzantine Fault Tolerance such as Bitcoin, Polkadot, IOTA and Nano. Leading working group of enthusiasts, conducting seminars and discussions: Decentralized Whitepapers Club
0chain is a blockchain-based file storage, offering innovative features such as PoS and sharded chain data storage.
Analyzing architecture documents related to the project
Setting up CI/CD and testing infrastructure
Leading team of developers
The project is a closed-source fork of Wire messenger, featuring secure communication using Double Ratchet Algorithm. As a backend-developer, I implement services, Cassandra migrations, automate CI jobs and support other team-members on such topics as STUN/TURN servers.
Being the only software engineer in a small-scale drug-discovery company isn’t an easy job, but using Scala and modern software engineering practices in 6 months I succeeded to scale up legacy patents-search system, originally written in Java 7. Unfortunately, I hadn’t time to rework 20-years old awk-based data-processing pipelines into something maintainable.
Given a Rust project written in C++ style with old-school round-robin load balancer, I have redesigned it with modern asynchronous framework Tokio and increased throughput of a Cisco NetFlow analyzer from 25K datagrams per second to 100K.
From implementation of isolated components of web-services I moved to technical leadership of a team, which included architecture design, business requirements discussions and creating initial CI/CD pipelines.
Architecture and development of core functionality
Horizontal scaling with Akka Cluster
Continuous Integration with Docker and Jenkins
Windows/macOS installers for laptop versions
Mentoring junior developers
Open-source project Indigo in the field of chemoinformatics: set of tools and database cartridge for fast molecule querying and chemical calculations.
C++ core for chemical data formats conversion, molecule renderer, calculation of canonical representations. Python and Java bindings to API provided out-of-the-box
Apache Lucene for querying chemical database
Graphical web-based editor of structures
Research in the field of software verification using dependently-typed proof assistants. During this project I was creating proofs in Coq about various properties of several models of algorithms of operational transformations.
Extraction plugin was written in OCaml, which was generating Java 7 code from a model in Coq. This provides a verified core of a framework for applications development with operational transformations.
Also a proof-of-concept of web-based dependently-typed language was implemented in Java, providing innovative means for structured code input.
Attended PhD school organized by Institut Henri Poincar ́e in Luminy, Marseille: “Semantics of proofs and certified mathematics”
Our team was creating a toolchain for an experimental Intel architecture. During this internship
I familiarized myself with LLVM and architecture of assemblers and simulators.
The biggest personal achievement of that time was implementation of mixed native/interpreted execution — an optimisation for our simulator exploiting the fact that instruction set of the architecture was intersecting with x86 instruction set.
By detecting contiguous sequences of x86 instructions in the interpreted code and performing context switch (loading emulated state into executed memory and registers), I managed to achieve performance boost of several orders of magnitude.
The tricky part was returning back from native mode and this required certain instrumentation of the code with interruption opcodes.
During this role I was conducting information retrieval using so-called crawlers targeted on various businesses. This data then was being purified, appraised and scored using algorithms and heuristics like Levenshtein distance. Such a data is vital for Yandex.Maps and other services. In this role, I was also researching experimental universal information retrieval algorithms.
Audits of bridges utilizing on-chain light clients:
“Snowbridge” — bridge from Ethereum to Polkadot:
- Beacon chain light client built as parachain
- Asset Hub and Bridge Hub parachains
- BEEFY light client built as Solidity smart contract
“Centauri” — bridge from Cosmos to Polkadot:
- GRANDPA finality proofs verification
- CosmWasm contract and IBC messaging
- Major and Critical vulnerabilities found
Miscellaneous audits in Cosmos ecosystem:
“Nym” anonymization network
- Mixnet and Vesting contracts
“DAO DAO” platform for DAOs, audit report
- Vesting contract and Payroll factory
“Hyperlane” — interoperability framework:
- Merkle tree performance analysis
- CosmWasm contracts and security modules
- Major and Critical vulnerabilities found
As well as numerous audits of DeFi and NFT projects.
Given a Rust project written in C++ style with old-school round-robin load balancer, I have redesigned it with modern asynchronous framework Tokio and increased throughput of a Cisco NetFlow analyzer from 25K datagrams per second to 100K.
Audits of bridges utilizing on-chain light clients:
“Snowbridge” — bridge from Ethereum to Polkadot:
- Beacon chain light client built as parachain
- Asset Hub and Bridge Hub parachains
- BEEFY light client built as Solidity smart contract
“Centauri” — bridge from Cosmos to Polkadot:
- GRANDPA finality proofs verification
- CosmWasm contract and IBC messaging
- Major and Critical vulnerabilities found
Miscellaneous audits in Cosmos ecosystem:
“Nym” anonymization network
- Mixnet and Vesting contracts
“DAO DAO” platform for DAOs, audit report
- Vesting contract and Payroll factory
“Hyperlane” — interoperability framework:
- Merkle tree performance analysis
- CosmWasm contracts and security modules
- Major and Critical vulnerabilities found
As well as numerous audits of DeFi and NFT projects.
Architecture for DEX based on Atomic Swap (HTLC)
Prototype for Ethereum in Solidity, TypeScript and Ethers
Billing Smart Contract for TON in Tact
Pre-development investigation of blockchain platforms, frameworks and tools:
Building custom Polygon Edge network:
- Security assessment of SDK
- Initial deployment procedures
- Communication with Polygon team
- Stress testing on testnets (up to 50 nodes)
- Performance tuning
- MetaMask integration
- GSN integration
Integration with ChainBridge:
- Security assessment of SDK
- Initial deployment procedures
Ecosystems analytics:
- Ethereum L2 projects scalability, security, EVM-compatibility
- Aggregating and comparing networks metrics and stats
- Practical experiments, genesis configuration etc
- Performance benchmarks on private networks
Theoretical research:
- DEXs and bridges
- Polkadot, Avalanche, Cosmos, Fantom
- Ethereum L2: Polygon, Arbitrum
- Decentralized Autonomous Routing Protocol
Knowledge sharing:
- Internal summaries and write-ups
- Assistance in resolving Substrate-related issues
Audits of bridges utilizing on-chain light clients:
“Snowbridge” — bridge from Ethereum to Polkadot:
- Beacon chain light client built as parachain
- Asset Hub and Bridge Hub parachains
- BEEFY light client built as Solidity smart contract
“Centauri” — bridge from Cosmos to Polkadot:
- GRANDPA finality proofs verification
- CosmWasm contract and IBC messaging
- Major and Critical vulnerabilities found
Miscellaneous audits in Cosmos ecosystem:
“Nym” anonymization network
- Mixnet and Vesting contracts
“DAO DAO” platform for DAOs, audit report
- Vesting contract and Payroll factory
“Hyperlane” — interoperability framework:
- Merkle tree performance analysis
- CosmWasm contracts and security modules
- Major and Critical vulnerabilities found
As well as numerous audits of DeFi and NFT projects.
Audits of bridges utilizing on-chain light clients:
“Snowbridge” — bridge from Ethereum to Polkadot:
- Beacon chain light client built as parachain
- Asset Hub and Bridge Hub parachains
- BEEFY light client built as Solidity smart contract
“Centauri” — bridge from Cosmos to Polkadot:
- GRANDPA finality proofs verification
- CosmWasm contract and IBC messaging
- Major and Critical vulnerabilities found
Miscellaneous audits in Cosmos ecosystem:
“Nym” anonymization network
- Mixnet and Vesting contracts
“DAO DAO” platform for DAOs, audit report
- Vesting contract and Payroll factory
“Hyperlane” — interoperability framework:
- Merkle tree performance analysis
- CosmWasm contracts and security modules
- Major and Critical vulnerabilities found
As well as numerous audits of DeFi and NFT projects.
Pre-development investigation of blockchain platforms, frameworks and tools:
Building custom Polygon Edge network:
- Security assessment of SDK
- Initial deployment procedures
- Communication with Polygon team
- Stress testing on testnets (up to 50 nodes)
- Performance tuning
- MetaMask integration
- GSN integration
Integration with ChainBridge:
- Security assessment of SDK
- Initial deployment procedures
Ecosystems analytics:
- Ethereum L2 projects scalability, security, EVM-compatibility
- Aggregating and comparing networks metrics and stats
- Practical experiments, genesis configuration etc
- Performance benchmarks on private networks
Theoretical research:
- DEXs and bridges
- Polkadot, Avalanche, Cosmos, Fantom
- Ethereum L2: Polygon, Arbitrum
- Decentralized Autonomous Routing Protocol
Knowledge sharing:
- Internal summaries and write-ups
- Assistance in resolving Substrate-related issues
Reading whitepapers and analyzing existing protocols related to Replicated State Machines and Byzantine Fault Tolerance such as Bitcoin, Polkadot, IOTA and Nano. Leading working group of enthusiasts, conducting seminars and discussions: Decentralized Whitepapers Club
Audits of bridges utilizing on-chain light clients:
“Snowbridge” — bridge from Ethereum to Polkadot:
- Beacon chain light client built as parachain
- Asset Hub and Bridge Hub parachains
- BEEFY light client built as Solidity smart contract
“Centauri” — bridge from Cosmos to Polkadot:
- GRANDPA finality proofs verification
- CosmWasm contract and IBC messaging
- Major and Critical vulnerabilities found
Miscellaneous audits in Cosmos ecosystem:
“Nym” anonymization network
- Mixnet and Vesting contracts
“DAO DAO” platform for DAOs, audit report
- Vesting contract and Payroll factory
“Hyperlane” — interoperability framework:
- Merkle tree performance analysis
- CosmWasm contracts and security modules
- Major and Critical vulnerabilities found
As well as numerous audits of DeFi and NFT projects.
Architecture for DEX based on Atomic Swap (HTLC)
Prototype for Ethereum in Solidity, TypeScript and Ethers
Billing Smart Contract for TON in Tact
Pre-development investigation of blockchain platforms, frameworks and tools:
Building custom Polygon Edge network:
- Security assessment of SDK
- Initial deployment procedures
- Communication with Polygon team
- Stress testing on testnets (up to 50 nodes)
- Performance tuning
- MetaMask integration
- GSN integration
Integration with ChainBridge:
- Security assessment of SDK
- Initial deployment procedures
Ecosystems analytics:
- Ethereum L2 projects scalability, security, EVM-compatibility
- Aggregating and comparing networks metrics and stats
- Practical experiments, genesis configuration etc
- Performance benchmarks on private networks
Theoretical research:
- DEXs and bridges
- Polkadot, Avalanche, Cosmos, Fantom
- Ethereum L2: Polygon, Arbitrum
- Decentralized Autonomous Routing Protocol
Knowledge sharing:
- Internal summaries and write-ups
- Assistance in resolving Substrate-related issues
Reading whitepapers and analyzing existing protocols related to Replicated State Machines and Byzantine Fault Tolerance such as Bitcoin, Polkadot, IOTA and Nano. Leading working group of enthusiasts, conducting seminars and discussions: Decentralized Whitepapers Club
Audits of bridges utilizing on-chain light clients:
“Snowbridge” — bridge from Ethereum to Polkadot:
- Beacon chain light client built as parachain
- Asset Hub and Bridge Hub parachains
- BEEFY light client built as Solidity smart contract
“Centauri” — bridge from Cosmos to Polkadot:
- GRANDPA finality proofs verification
- CosmWasm contract and IBC messaging
- Major and Critical vulnerabilities found
Miscellaneous audits in Cosmos ecosystem:
“Nym” anonymization network
- Mixnet and Vesting contracts
“DAO DAO” platform for DAOs, audit report
- Vesting contract and Payroll factory
“Hyperlane” — interoperability framework:
- Merkle tree performance analysis
- CosmWasm contracts and security modules
- Major and Critical vulnerabilities found
As well as numerous audits of DeFi and NFT projects.
Pre-development investigation of blockchain platforms, frameworks and tools:
Building custom Polygon Edge network:
- Security assessment of SDK
- Initial deployment procedures
- Communication with Polygon team
- Stress testing on testnets (up to 50 nodes)
- Performance tuning
- MetaMask integration
- GSN integration
Integration with ChainBridge:
- Security assessment of SDK
- Initial deployment procedures
Ecosystems analytics:
- Ethereum L2 projects scalability, security, EVM-compatibility
- Aggregating and comparing networks metrics and stats
- Practical experiments, genesis configuration etc
- Performance benchmarks on private networks
Theoretical research:
- DEXs and bridges
- Polkadot, Avalanche, Cosmos, Fantom
- Ethereum L2: Polygon, Arbitrum
- Decentralized Autonomous Routing Protocol
Knowledge sharing:
- Internal summaries and write-ups
- Assistance in resolving Substrate-related issues
The project is a closed-source fork of Wire messenger, featuring secure communication using Double Ratchet Algorithm. As a backend-developer, I implement services, Cassandra migrations, automate CI jobs and support other team-members on such topics as STUN/TURN servers.
Research in the field of software verification using dependently-typed proof assistants. During this project I was creating proofs in Coq about various properties of several models of algorithms of operational transformations.
Extraction plugin was written in OCaml, which was generating Java 7 code from a model in Coq. This provides a verified core of a framework for applications development with operational transformations.
Also a proof-of-concept of web-based dependently-typed language was implemented in Java, providing innovative means for structured code input.
Attended PhD school organized by Institut Henri Poincar ́e in Luminy, Marseille: “Semantics of proofs and certified mathematics”
Whether you're gearing up for a thorough audit or are still in the planning stages of your project, we encourage you to get in touch. Our expertise extends to architecture and security consulting, catering to a diverse range of needs. Rest assured, all inquiries are attentively processed during business hours. You can expect a response within an hour; however, we appreciate your patience if it occasionally takes a few days.