Sujith Somraaj

About

I'm Sujith, a security researcher at Spearbit and the CISO / security advisor of protocols, including Superform and LI.FI. I have over a decade of professional Web3 experience and 3 years in security, having worked with over 25 protocols in 2024. I am passionate about infrastructure security, from the consensus layer to message bridges. Before joining Spearbit full-time, I was the founding engineer of two startups, Superform ($180M+ in TVL) and Streams.

Audit clientele includes Berachain, Optimism Interop, Relay Protocol, Variational Finance, Monad, Blast, ZkSync, LI.FI, Decent, Drips, SuperSushi Samurai, DistrictOne, Omni-X, Centrifuge, Tea.xyz, Paintswap, Bitcorn, Sweep n' Flip, Byzantine Finance, Fantom and Angles.

CTF

• Solved four problems during the Remedy 2025 CTF (placed 2nd).
• Got FIRST BLOOD during the 2023 paradigm CTF solving the enterprise blockchains problem (placed 6th).
• Broke Socket protocol's data layer during the surge competition in 2023 and bagged $27,000 from their CTF (placed 1st).

OSS + Bug Bounty

• Major contributor to the Uniswap MMA (github.com/MultiMessageAggregation/multibridge) project, working alongside the Uniswap Foundation.
• Major contributor to Pigeon, a cross-chain test suite. (github.com/exp-table/pigeon).
• Wrote EIP-6170 (eips.ethereum.org/EIPS/eip-6170) to streamline the bridge interface.
• Reported 4 vulnerabilities to Hyperlane via Immunefi from 2022 to 2024
• Reported bugs in relay protocol (responsible disclosure, though the project has no bug bounty)

Hackathons

• Won at EthOnline (2022) for building an PoS (Point of Sale) system in solidity.
• Won EthGlobal NYC (2023) for building an execution layer aggregator using Hyperlane.

Audit contest

• Achieved 1st place in the Cork Protocol competition on Cantina.