Cosmin-Marian Lavric

Web3 Security Researcher & Smart Contract Auditor

📍 Brasov, Romania

GitHub Twitter / XDiscord: 321323464437006336Message on Telegram

🟢Aping In

Web3 Security Researcher specializing in Solana (Rust), Move (Sui), and Ethereum (Solidity). Top 3 Cantina finish. Top 5.7% on Sherlock. Built and security-hardened a ZK privacy protocol on Solana with Groth16 on-chain verification and 7 security fixes from Solana Foundation audit. Protects decentralized protocols through manual review, invariant testing, and automated tooling.

Work Preferences

Salary

USD 20,000 – 120,000

Skills

React10/10

Node.js8/10

Solidity8/10

TypeScript8/10

Smart Contract Auditing8/10

Foundry (8/10)ZK Proofs (Groth16/snarkjs) (7/10)EVM Bytecode Analysis (7/10)Rust/Anchor (Solana) (7/10)Slither (7/10)Yul/EVM Assembly (7/10)Vyper (6/10)Threat Modeling (6/10)Penetration Testing (6/10)Move (Sui) (5/10)Docker (5/10)Echidna (4/10)Noir (4/10)Circom (4/10)Formal Verification (Certora CVL) (4/10)

Work Experience

Independent Security Researcher

Cantina / CodeHawks / Sherlock / Code4rena / Cyfrin

Aug 2025 — Present

3rd/723 in Kuru Contracts (Cantina). 23rd/316 in Avon Protocol (Cantina Private). 29th/509 in CurrentFinance (Sherlock) in Move/Sui DeFi. Shadow-audited Aave V4. Top 5 on CodeHawks First Flights with 2 High and 3 Medium severities. 10+ published audit reports.

Cybersecurity Fundamentals Participant

IBM Summer School

Jul 2025 — Jul 2025

Built 2FA (TOTP + QR), SSO/RBAC, threat-modeling. Ran pen testing labs covering DoS, MITM, SQLi, and XSS.

Blockchain Full-Stack Engineer

SkyTrade

Nov 2024 — Feb 2025

Built cNFT minting platform and DEX on Solana using OpenbookDEX protocol.

Web3 Developer & ZK Engineer

Freelance

Jun 2024 — Present

Built and security-hardened PunkZ Vault: Tornado Cash-inspired ZK privacy protocol on Solana with Groth16 verifier, Poseidon hashing, incremental Merkle tree, nullifier tracking. Built Ethereum ZK mixer (PunkZ Contracts) with Noir circuits. Created ZK ECDSA Verifier, CCIP Rebase Token with Chainlink CCIP, and X-Scout automated threat intelligence pipeline (500+ daily data points).

Education

Cyfrin

Assembly and Formal Verification

2025 – 2025

Cyfrin

Smart Contract Security

2025 – 2025

Cornell University

Blockchain Essentials

2024 – 2024

Solana Foundation

Solana Blockchain Developer Program

2024 – 2024

Udemy

Ethereum and Solidity - Complete Developer's Guide

2024 – 2024

IBM

Introduction in Software Engineering

2024 – 2024

University of Transylvania Brasov

BSc · Electrical Engineering and Computer Science, Information Technology

2022 – 2026