This public repository serves as a profile of my security related work.
I am working as a security researcher focusing primarily on Ethereum/EVM at Spearbit. My role at Spearbit is LSR (lead security researcher).
If you want to work with me visit my Cantina Profile or write to xmxanuel@proton.me or reach out on Telegram.
Manuel began working with Ethereum in 2016. He was a Lead Solidity Engineer at Centrifuge, where he designed and built smart contracts that hold a TVL of over $250 million and enabled the first RWAs on MakerDAO
Manuel worked over the years with multiple security companies as a client (Trail of Bits, DappHub, Least Authority, Code4Arena) and got more and more interested into security himself. He is currently serving as an Independent Security Researcher (SR) at Spearbit, previously at Oak Security.
In the last two years, Manuel reviewed more than +20 codebases and found critical bugs across multiple DeFi protocols and in addition helped to improve their overall design.
Manuel also actively contributes to projects like Radicle Drips a highly optimized streaming protocol for open source dependency funding where he was involved in the design and nowadays, mostely serve as PR reviewer.
| Project | Found | Report |
|---|---|---|
| Llama | 1 Critical, 1 High | Report |
| Sturdy Finance | 3 High | Report |
| Aztec Protocol (ZK-Rollup) | 3 Critical, 1 High | Report |
| Aztec Liquity Bridge | 3 Critical | Report |
| Aztec Liquity Trove Bridge | 1 Critical | Report |
| Project | Date | Report |
|---|---|---|
| Usual Money - Pegasus | May 2024 | - |
| Optimism - Safe | May 2024 | - |
| Usual Money - Permissioned Launch | May 2024 | - |
| Uniswap - UR Calldata | April 2024 | - |
| Uniswap Foundation - UniStaker | April 2024 | - |
| zkSync - UsdcConversion | April 2024 | - |
| Uniswap Foundation - UniStaker | April 2024 | - |
| Reserve Protocol - MoonRamp | March 2024 | Report |
| Monad Orderbook | February 2024 | Report |
| Sturdy Finance Fixes | October 2023 | Report |
| Sturdy Finance | September 2023 | Report |
| Project | Date | Report |
|---|---|---|
| Llama Governor | December 2023 | Report |
| Llama Strategies | August 2023 | Report |
| Llama | May 2023 | Report |
| Project | Date | Report |
|---|---|---|
| Centrifuge: Liquidity Pools | June/September 2023 | Report |
| Centrifuge: Pools (Substrate) | December 2022 | Private |
| Project | Date | Report |
|---|---|---|
| Aztec Liquity Trove Bridge | November 2022 | Report |
| Aztec DCA Bridge | September 2022 | Report |
| Aztec Subsidy Contract | August 2022 | Report |
| Aztec Curve Bridge | July 2022 | Report |
| Aztec Compound Bridge | June 2022 | Report |
| Aztec Liquity Bridge | June 2022 | Report |
| Aztec Aave Bridge | May 2022 | Report |
| Aztec Element Bridge | May 2022 | Report |
| Aztec Set Bridge | May 2022 | Report |
| Aztec Lido Bridge | April 2022 | Report |
| Aztec Protocol(ZK Rollup) | April 2022 | Report |
| BRZ Bridge | November 2021 | Report |