Hello! I'm Nat. I'm a blockchain security engineer.
After 4 years working as a blockchain security engineer at Trail of Bits and touring around the conference circuit, I'm currently on hiatus. Find me in the mountains, basking in the sun, paddleboarding on the water, walking in the forest, or falling off walls. While I am taking on a few contracts for 2024, my availability is limited. My email, twitter and tg are always open to chat about tooling, fuzzing, or security; and can be found on the bottom of the page. Sorry if there's a delay in my responses!
Technical Experience
My extensive experience with smart contracts and ethereum has given me ample opportunity to understand defi protocols, NFT marketplaces, and scaling solutions. While much of my work is not public, I share public knowledge whenever possible. Some of my highlights can be found below:
- Curvance Invariant Development blog post – a highlight of the largest and longest solo fuzzing engagement with 216 invariants
- Curvance Invariant Development report – the full report containing details and findings of the 10 week invariant development engagement highlighted in the blog post above
- Primitive Finance Invariant Development – fuzzing different versions of the Primitive ecosystem during an engagement where manual review and fuzzing was conducted
- Author of solc-select – a tool that allows users to quickly switch between Solidity compiler versions
Presentations
In addition to learning new technologies, I am always passionate about sharing the knowledge I have gained over the years of reviewing code. The below highlight my public speaking engagements:
- Professor at George Brown College – designed curriculum and content to classes of up to 45 students, teaching the basic concepts of smart contract development and security
- Smart Contract Security: The Beta (2023) – first talk to kick off the Defi Security Summit, talking about recommendations to writing safe code and embedding security into ones development process instead of as an afterthought
- Advanced Defi Invariants Part 1 (2022) – part 1 of a part 2 series highlighted the invariants that were written for Primitive and teaching the audience how to reason about complex codebases
- Advanced Defi Invariants Part 2 (2022) – the second part of the series, continuing on advanced invariant development
- Defi Security Summit 101 (2022) – discussing the benefits of using fuzzing throughout ones development process
- EthCC (2022) – discussing the benefits of using fuzzing throughout ones development process
- EthTaipei Fuzzing Workshop – teaching attendees the basics of fuzzing, and tips on tricks on integrating fuzzers into their systems