Junior Solidity Audit
- Job Objective: Smart Contract Audit, Contract Security, Solidity
- Mobile: +86 17703733662 (WeChat same number)
- Email: [email protected]
- Familiar with Solidity code development, familiar with common EIP protocols such as ERC20, ERC721, ERC1155, and can quickly understand other EIP protocols
- Proficient in contract testing tools such as Hardhat, Foundry, can write test cases using these two tools, and familiar with ethers.js
- Familiar with on-chain event analysis process, can reproduce attack incidents through transaction hash, good at analyzing contract vulnerabilities
- Familiar with DeFi contract code, such as Uniswap, familiar with related vulnerabilities such as manipulating oracles, flash loan attacks, etc.
- Years of experience in web backend development, having worked on multiple projects such as e-commerce platforms, ERP, low-code platforms, etc.
- CET-6 level of English, not good oral English, but able to use English as a working language
Project Experience (GitHub: captpickle, Code4rena: Polaris_tow)
Code4rena is the most well-known contract security vulnerability bounty platform. I participated in contract auditing, discovered low-level vulnerabilities and gas optimization issues, and received a bounty of $70.
Due to my limited ability and short time on the auditing platform, I can only identify simple issues and am currently working hard to learn about auditing reports.
Defihacklabs is an open-source project on GitHub that reproduces Defi attack events using Foundry. It has currently received 2.8k stars. I am one of the code contributors and have reproduced two attack events:
- ThoreumFinance: The contract vulnerability is that the transfer function will issue additional tokens, leading to token depreciation. The attacker repeatedly calls the transfer() method to complete the attack.
- DFS: The vulnerability is a business logic issue. The project did not consider that Pancake's skim() method would trigger transfer(), allowing the attacker to bypass the vulnerability and complete the attack.
Wtfsolidity is an open-source Web3 learning platform aimed at Web2 developers. I participated in the early-stage development of the SoulBoundToken project and tutorial writing.
2022.05-present: UFIDA Network Technology Co., Ltd., Senior Development Engineer
Experiece: 6 months
Yearly salary: $50,000
Hourly rate: $0
Nationality: 🇨🇳 China
Residency: 🇨🇳 China
|2022 - 2023||Senior Development Engineer||UFIDA Network Technology Co|