Writing
-
Who audits the auditor?
I built a Solidity static-analysis tool with an agent fleet. The phase that mattered wasn't writing the detectors — it was pointing a separate model at them and saying: lie detector, prove you lie.
-
An arbitrage bot with no slippage is a sandwich
I rebuilt a 2021 flash-loan hackathon contract into a real Aave v3 arbitrage. The contract got the hard security right — and left the door open on the thing arb bots exist to exploit.
-
Running an OP Stack L2 with reth
An OP Stack rollup is four processes and a shared secret. I finalized an old deployment of mine into something reproducible — and the part that actually caught bugs wasn't me, it was CI.
-
Rebuilding a perps DEX from its docs
An old repo of mine had a perps-DEX frontend and nothing else — the protocol was gone. So I rebuilt it from the documentation of what it became. The interesting part is what the docs gave away: who the house is.
-
A social-good protocol, built by an agent fleet
I had an empty repo and pointed a multi-agent workflow at it. The result was a tested rewards protocol — but the part worth writing down is which model sat in which seat, and the bug the auditor caught that the builde...
-
The index fund that held the wrong asset
A Sui Move 'crypto index fund' lets you deposit SUI for exposure to a BTC/ETH/XRP/ADA/MATIC basket. The problem: it never buys any of them. It holds SUI and pays out basket gains it doesn't have — insolvent by constru...
-
Anatomy of a memecoin honeypot
A token contract I found trades perfectly and looks like every other ERC-20. It also lets the deployer freeze your bag with one call. Here's the line that does it, proven against the real contract — and what an un-rug...
-
The bridge that paid twice
A token bridge whose relayer calls release() on every Deposit event. That sounds fine until you remember event delivery isn't exactly-once — and a reorg, a reconnect, or a restart makes the destination pay the same lo...
-
Anatomy of a fake dice game
I dug up a dice-game contract from 2018. It's 48 lines, and it's two bugs in a trenchcoat: its randomness is always zero, and it never uses the roll anyway — every bet just loses half. Here's the autopsy, and the prov...
-
Building ZK dark chess: real fog of war on a public chain
My on-chain chess engine has a fog-of-war mode that hides nothing — the board is plaintext. So I built the real version: the board lives off-chain behind a Poseidon commitment, and every move ships a zk-SNARK that it ...
-
What a ZK proof proves (and what it doesn't)
My on-chain chess engine had a zk settlement path you could forge to steal any in-progress game — not by breaking the proof, but by proving the wrong thing. That bug, and a fog-of-war variant that hides nothing, are t...
-
Verifiable isn't trustless: a coin flip on Sui
A house-signed coin flip lets anyone verify the result — and still lets the house win. The signature is honest; the choice of which games to settle isn't. Here's the gap, and the trustless fix that has its own sharp e...
-
The other side of the wall: FHE where ZK stops
My ZK fog-of-war chess hit a wall: it could prove a move legal against your own board, but not the things that depend on the opponent's hidden pieces — captures, blocked sliders, check. Those are joint predicates over...
-
The on-chain randomness landscape, or: how to pick a chess position fairly
Fischer-random chess needs one of 960 starting positions, drawn so neither player can rig or foresee it. On a deterministic chain that's surprisingly hard — and the way you solve it is the whole map of on-chain random...
-
How CoW Protocol settles a trade (and what my TWAP router got wrong)
My TWAP router for CoW Protocol compiled, passed its tests, and called two functions that don't exist on mainnet. Fixing it meant actually learning how CoW settles: intents not swaps, why you approve the relayer and n...
-
Auditing my own bridge: from “mints money from nothing” to all-criticals-closed
A lock-and-mint bridge is one giant accounting invariant. Here's how I turned that invariant into a fuzz test that found every way the contracts could create unbacked supply — and the on-chain fix pattern that closed it.
-
The post-quantum proof that Shor breaks anyway
A bridge verifies a lattice signature inside a zero-knowledge proof and calls itself post-quantum. The signature is post-quantum. The proof isn't — and a quantum adversary attacks the proof, not the signature. Here's ...
-
Recursive types, finite values: an EIP-712 bug in alloy
EIP-712 explicitly supports recursive struct types — but alloy refused to canonicalize one. The fix turned on a distinction the spec makes and the code didn't: a type definition can be recursive even though every conc...
-
Static analysis scores 0% on real bridge exploits. What does an LLM score?
I ran static analyzers and LLMs against ten real bridge hacks worth $1.2B. The static tools scored ~0% F1 on the actual exploit paths. An LLM with a static pre-filter got to ~40% — and where the gap comes from says so...
-
Greedy was enough: active learning on top of a pretrained potential
I built a GNoME-style active-learning loop to find stable crystals on a labeling budget. The uncertainty-aware strategy I expected to win basically tied the greedy one — and that tie held from a 2,000-structure demo u...
-
The model reads "not" — it just can't use it
Ask GPT-2 to complete "Paris is not the capital of" and it still says France. The interesting part isn't that it fails — it's that the model clearly attends to the word "not" and then can't make that signal change its...
-
When it can't explain what it sees, it asks
I built a predictive-coding engine that runs a hierarchy of beliefs on a laptop GPU, minimizing prediction error layer by layer. The part I like most: when a layer can't explain away its own surprise, it doesn't just ...
-
An AMM built to be attacked
Most AMM code is written to look safe. I wrote one to be a teaching specimen — where the exploits are tests in the repo, some of them passing, and the real lesson is which 'attacks' are contract bugs, which are econom...