Sujith Somraaj

About

I'm Sujith, a security researcher at Spearbit and the CISO/Security Advisor for protocols, including Superform and LI.FI. I have over a decade of professional experience in Web3 and 3 years in security, having worked with over 60 protocols during my tenure. I am passionate about infrastructure security, from the consensus layer to message bridges. Before joining Spearbit full-time, I was the founding engineer of two startups, Superform ($180M+ in TVL) and Streams.

Audit clientele includes Sonic, Berachain, Optimism Interop, LayerZero, Relay Protocol, Variational Finance, Monad, Blast, ZkSync, LI.FI, Puffer, Decent, Drips, SuperSushi Samurai, DistrictOne, Omni-X, Centrifuge, Tea.xyz, Paintswap, Bitcorn, Sweep n' Flip, Byzantine Finance, Botanix, Horizen, SatsBridge, and Angles.

CTF

• Solved four problems during the Remedy 2025 CTF (placed 2nd).
• Got FIRST BLOOD during the 2023 paradigm CTF solving the enterprise blockchains problem (placed 6th).
• Broke Socket protocol's data layer during the surge competition in 2023 and bagged $27,000 from their CTF (placed 1st).

OSS + Bug Bounty

• Major contributor to the Uniswap MMA (github.com/MultiMessageAggregation/multibridge) project, working alongside the Uniswap Foundation.
• Major contributor to Pigeon, a cross-chain test suite. (github.com/exp-table/pigeon).
• Wrote EIP-6170 (eips.ethereum.org/EIPS/eip-6170) to streamline the bridge interface.
• Reported 6 vulnerabilities to Hyperlane via Immunefi from 2022 to 2025
• Reported bugs in relay protocol (responsible disclosure, though the project has no bug bounty)

Hackathons

• Won at EthOnline (2022) for building a PoS (Point of Sale) system (https://ethglobal.com/showcase/variable-finance-taat4) in Solidity.
• Won EthGlobal NYC (2023) for building an execution layer aggregator using Hyperlane.

Audit contest

• Achieved 1st place in the Cork Protocol competition on Cantina.