JakubHeba
SC and L1 Auditor specializing in Rust, MOVE and Go. Wide web2 hacking experience. ASR @Spearbit.
asr
Biography
Biography
Cybersecurity expert with more than eight years of experience in the industry.** ASR at Spearbit, Lead Blockchain Security Auditor at Oak Security and Zenith. FV Ambassador at Certora. CEO at Monethic.
For 3.5 years associated with blockchain technology as a Smart Contract and L1 auditor. I have conducted over 100 audits of various protocols, mostly related to DeFi. I am specializing in the security of contracts written in Rust, such as CosmWasm, Substrate, MOVE, especially in Aptos, Movement and Sui, and Golang, in Cosmos ecosystem, as well as has a deep technical understanding of EVM and Solidity.
I participated in assessments testing low-level aspects of blockchain technology, such as finality proof verifications, serialization libraries, rollups as well as implementations of bridges between many different ecosystems
Also, I have an experience in auditing L1 blockchains written in MOVE, Go and Rust.
Before moving to web3, i was a Lead Security Researcher and Penetration Tester managing a team of engineers, specializing in Web Application, Red Team and Infrastructure testing. I am also experienced in low-level binary exploitation in both UNIX and Windows environments. Holder of OSCP and OSCE certificates.
Security portfolio
Title | Description |
|---|---|
| Orderly Network - Asset Manager | Solo audit of Asset Manager smart contract, written in Rust on NEAR. |
| Stader Labs - SD Token Staking | Audit of Stader Labs protocol, limited to SD Token staking mechanism. Audited as part of the Halborn team. |
| Brokkr Protocol - Long Term Bonding | Audit of staking-v1 and vonding-v1 smart contracts, limited to the Long-Term Bonding functionality, being part of the Brokkr Protocol. Audited as part of the Halborn team. |
| Brokkr Protocol - Delta Neutral | Audit of a Delta-neutral smart contract, being part of the Brokkr Protocol, which creates the sophisticated DeFi investment strategies. Audited as a part of the Halborn team. |
| Astroport - Astral Assembly contracts | Audit of Astroport Astral Assembly Governance contract, which is a part of the main Astroport protocol. Audited as part of the Halborn team. |
| Astroport Concentrated Liq Pool-Injective Orderbook Integration | Audit of Astroport Passive Concentrated Liquidity pools with Injective exchange, enabling pools to provide liquidity not only as an AMM, but also as a maker in the Injective order book. Audited as a part of the Oak Security team. |
| Astroport - Concentrated Liquidity Pool | Audit of the Astroport concentrated liquidity pool. Audited as a part of the Oak Security team. |
| Hadron Labs Lido Satellite | Audit of a contract allowing users to mint canonical token factory tokens via sending bridged funds to the contract with ExecuteMsg::Mint. Audited as a part of the Oak Security team. |
| Stargaze Reserve Auctions | Audit of a protocol, allowing bidders to bid on NFTs with increasing value for a certain time duration. Audited as a part of the Oak Security Team. |
| Calculated Finance | Audit of a protocol, which allows users to utilize dollar cost average strategies by creating vaults that automatically swap tokens at a specified frequency on the Osmosis DEX. Audited as a part of the Oak Security team. |
| Membrane - CosmWasm | Audit of a cross-collateral debt protocol built on Cosmos, utilizing the floating-peg stable coin $CDT and collateralized debt positions. Audited as a part of the Oak Security team. |
| Osmosis Labs - Osmosis Transmuter | Audit of a contract responsible for interaction with the cosmwasmpool module (Osmosis), allowing for 1:1 swapping between multiple tokens with no fees. Audited as a part of the Oak Security team. |
| SSZ serialization library - Rust | Serialization library responsible for generic types serialization and deserialization, written in Rust. Audited as a part of the Oak Security team. |