Sujith Somraaj

Sujith Somraaj

Dev, who built a $170M protocol from zero, is now protecting hundreds of millions

@sujithsomraaj

100

Spearbit

sr

resident

Public earnings

$37,572.5

74th


Public findings

39


Achievements


Worked with

Botanix
Horizen Labs
OP Labs
Puffer Finance
PaintSwap
Berachain
zigtur
deadrosesxyz
m4rio
J4X
slowfi
chris

Biography

About

I'm Sujith, a security researcher at Spearbit and the CISO / security advisor of protocols, including Superform and LI.FI. I have over a decade of professional Web3 experience and 3 years in security, having worked with over 25 protocols in 2024. I am passionate about infrastructure security, from the consensus layer to message bridges. Before joining Spearbit full-time, I was the founding engineer of two startups, Superform ($180M+ in TVL) and Streams.

Audit clientele includes Berachain, Optimism Interop, Relay Protocol, Variational Finance, Monad, Blast, ZkSync, LI.FI, Decent, Drips, SuperSushi Samurai, DistrictOne, Omni-X, Centrifuge, Tea.xyz, Paintswap, Bitcorn, Sweep n' Flip, Byzantine Finance, Fantom and Angles.

CTF

  • Solved four problems during the Remedy 2025 CTF (placed 2nd).
  • Got FIRST BLOOD during the 2023 paradigm CTF solving the enterprise blockchains problem (placed 6th).
  • Broke Socket protocol's data layer during the surge competition in 2023 and bagged $27,000 from their CTF (placed 1st).

OSS + Bug Bounty

  • Major contributor to the Uniswap MMA (github.com/MultiMessageAggregation/multibridge) project, working alongside the Uniswap Foundation.
  • Major contributor to Pigeon, a cross-chain test suite. (github.com/exp-table/pigeon).
  • Wrote EIP-6170 (eips.ethereum.org/EIPS/eip-6170) to streamline the bridge interface.
  • Reported 4 vulnerabilities to Hyperlane via Immunefi from 2022 to 2024
  • Reported bugs in relay protocol (responsible disclosure, though the project has no bug bounty)

Hackathons

Audit contest

  • Achieved 1st place in the Cork Protocol competition on Cantina.

Top competitions

View all
Contest
Position
Date
Payout
incentive-contracts

incentive-contracts

5

/ 152

January 2024$5,468
curvance

curvance

24

/ 224

February 2024$2,724
opal-contracts

opal-contracts

15

/ 183

February 2024$1,018
zetachain-protocol

zetachain-protocol

36

/ 338

August 2024$492
Soon

Soon

15

/ 452

December 2024$438

Private reviews

View all
Engagement
Project title
Timeframe
Researchers
Horizen Labs

Horizen Labs

Horizen Migration Smart Contract Audit

Apr 2025 - May 2025

Sujith Somraaj
m4rio
Botanix

Botanix

botanix-stBTC

Apr 2025 - Apr 2025

Sujith Somraaj
noah.eth
chris
Puffer Finance

Puffer Finance

puffer-contracts

Apr 2025 - Apr 2025

Sujith Somraaj
ladboy233
PaintSwap

PaintSwap

PaintSwap Audit: Cross-Chain Security Review

Apr 2025 - Apr 2025

Sujith Somraaj
Windhustler
OP Labs

OP Labs

optimisim-interop-1703-proofs

Mar 2025 - Mar 2025

zigtur
Sujith Somraaj
lonelySloth

Security portfolio

Title
Description
Li.Fi ProtocolPrivate audit reports
Relay ProtocolInvalid message hash issue
HyperlanePermanent DoS
Hyperlane [Immunefi]Relayer overpaying gas
Hyperlane [Immunefi]Relayer ignoring acknowledgement cost
Hyperlane [Immunefi]32-length tree depth DoS issue
Socket.techPermanent DoS Of Data Layer
Socket.techRandom packet signing issue