Create Profile More Security Experts

tedtina

Junior Solidity Audit

Twitter
Github
Email

Ted Tina 

  • Male
  • Job Objective: Smart Contract Audit, Contract Security, Solidity 
  • Mobile: +86 17703733662 (WeChat same number) 
  • Email: [email protected]

Skills

  • Familiar with Solidity code development, familiar with common EIP protocols such as ERC20, ERC721, ERC1155, and can quickly understand other EIP protocols
  • Proficient in contract testing tools such as Hardhat, Foundry, can write test cases using these two tools, and familiar with ethers.js
  • Familiar with on-chain event analysis process, can reproduce attack incidents through transaction hash, good at analyzing contract vulnerabilities
  • Familiar with DeFi contract code, such as Uniswap, familiar with related vulnerabilities such as manipulating oracles, flash loan attacks, etc.
  • Years of experience in web backend development, having worked on multiple projects such as e-commerce platforms, ERP, low-code platforms, etc.
  • CET-6 level of English, not  good oral English, but able to use English as a working language

Project Experience (GitHub: captpickle, Code4rena: Polaris_tow)

Code4rena

Code4rena is the most well-known contract security vulnerability bounty platform. I participated in contract auditing, discovered low-level vulnerabilities and gas optimization issues, and received a bounty of $70.

Due to my limited ability and short time on the auditing platform, I can only identify simple issues and am currently working hard to learn about auditing reports.

Defihacklabs

Defihacklabs is an open-source project on GitHub that reproduces Defi attack events using Foundry. It has currently received 2.8k stars. I am one of the code contributors and have reproduced two attack events:

  • ThoreumFinance: The contract vulnerability is that the transfer function will issue additional tokens, leading to token depreciation. The attacker repeatedly calls the transfer() method to complete the attack.
  • DFS: The vulnerability is a business logic issue. The project did not consider that Pancake's skim() method would trigger transfer(), allowing the attacker to bypass the vulnerability and complete the attack.
Wtfsolidity

Wtfsolidity is an open-source Web3 learning platform aimed at Web2 developers. I participated in the early-stage development of the SoulBoundToken project and tutorial writing.

Work Experience

2022.05-present: UFIDA Network Technology Co., Ltd., Senior Development Engineer


Experiece: 6 months

Yearly salary: $50,000

Hourly rate: $0

Nationality: 🇨🇳 China

Residency: 🇨🇳 China

Experience:

Period Title Company
2022 - 2023 Senior Development Engineer UFIDA Network Technology Co

Skills:

java
javascript
solidity
security
english
chinese-mandarin