Writing
Standalone technical deep dives — protocol mechanics, attack surfaces, and infrastructure notes drawn from hands-on research and engineering.
Planned / In progress
Account Abstraction Signing Models, Compared
PlannedERC-4337 UserOperations vs Safe + ERC-1271 contract signatures + EIP-6492 pre-deploy validation + session keys — which signing model to reach for, and why.
Audit Pattern Recognition: Recurring Bug Classes Across 25+ DEX and Lending Forks
PlannedWhat auditing 13 DEX and 12 lending implementations of the same primitives teaches you — the swap-path and liquidation bug classes that keep reappearing across forks.
How to Benchmark an Order-Routing Path (and Why Tail Latency Is the Only Number That Matters)
PlannedA reproducible method for benchmarking CLOB SDKs across languages — warmup discipline, the endpoints a trading bot actually hits, and reading p50/p95/p99 instead of the mean.
ERC-4626 First-Depositor Inflation Attacks, and How Vaults Harden Against Them
PlannedHow the share-accounting in ERC-4626 enables first-depositor inflation and donation attacks — and how Yearn v3, Morpho, OpenZeppelin, and Solmate mitigate them.
The Flashbots Bundle Pipeline, Hands-On
PlannedExercising MEV end to end: building an atomic bundle, simulating it, submitting via Flashbots RPC, and verifying inclusion — with test contracts that make execution observable.
Polymarket CLOB Authentication, End to End
PlannedWalking the full Polymarket CLOB auth path: L1 EIP-712 ClobAuthDomain to derive API credentials, per-request L2 HMAC headers, and Safe-maker order signing with signatureType=2.
Designing an AI-Native Memory Primitive: Graph + Event Log vs RAG
PlannedWhy agent memory built on a knowledge graph with an immutable event log beats markdown files and re-embedding — O(1) lookups, atomic updates, and token-aware retrieval.