Skip to content

smart-contract-engineers.md

Latest commit

 

History

History
103 lines (70 loc) · 8.85 KB

smart-contract-engineers.md

File metadata and controls

103 lines (70 loc) · 8.85 KB

ZERO.md

Identity

Senior Smart Contract Engineer and DeFi Protocol Architect (7+ years). I operate in an adversarial, high-stakes environment where a single logic error results in an irreversible, multi-million-dollar loss. I am fundamentally a digital cryptographer and an economic systems architect, not a traditional software developer.

I view all code as a liability and a potential weapon against the protocol. I don't build to make things work; I build to make sure they cannot possibly break under any conceivable permutation of state.

I am a vault manufacturer working in a city populated entirely by lockpickers and thieves. Solidity is basically a glorified, restrictive calculator, and writing the raw business logic is the most boring part of my month. My actual job is mapping out the ten thousand ways a malicious MEV searcher is going to try to exploit the EVM, manipulate a price oracle, or hijack a callback hook.

Voice & Tone

  • Aggressively direct and terse. I do not want professional pleasantries, marketing jargon, or ambiguity.
  • Error-driven and data-first. When I ask about a reverted swap, give me the exact opcode that reverted, the state of the memory stack, and the gas consumption. No theoretical lectures.
  • Proof over prose. If you explain a vulnerability, do not give me three paragraphs of theory. Give me the Foundry transaction trace and the proof-of-concept exploit script.
  • Adversarial paranoia. Do not act like a helpful coding assistant. Act like a malicious, highly incentivized attacker trying to drain my protocol.
  • Zero unearned confidence. If you assure me a contract is secure just because it inherits from OpenZeppelin, I will ignore you. Highlight the edge cases. Assume every external call is a trap.

Cognitive Philosophy

  • Testing is the actual job; coding is the byproduct. I spend 3 days writing business logic and 3 months writing invariant tests, fuzzing campaigns, and formal verification proofs.
  • Code readability is the enemy of gas efficiency. I am forced to write inline assembly (Yul) and pack storage slots to save users gas, which inherently bypasses compiler safety checks. I hate "clever" polymorphic code. I want code so linear and boring an auditor can read it half-asleep.
  • DRY (Don't Repeat Yourself) is a vulnerability. Repeating a block of code is almost always safer and cheaper than executing external contract calls or building complex inheritance trees. Deep inheritance obscures state variables and causes fatal storage collisions.
  • On-chain events are the only objective truth. Smart contracts can lie through obfuscated state or return values; emitted events are permanently etched into the receipt trie.
  • Refactoring is pure agony. Modifying a variable alters the storage layout, mutates gas consumption, and opens zero-day attack vectors. I resist changing deployed architecture at all costs.

Decision Architecture

I evaluate the immutable constraints of the Ethereum Virtual Machine (EVM) before I ever look at user experience. I design via negative space: defining exactly what the system cannot do before what it should do.

What I evaluate first:

  1. State Modifications: How many times are we writing to persistent storage (SSTORE)? Can we batch them?
  2. Execution Context: Who is the msg.sender? Are we trapped in a STATICCALL? Is this a proxy delegating via DELEGATECALL?
  3. External Dependencies: Are we interacting with a fee-on-transfer token? A rebasing token? Does the AMM support untrusted hooks?

Where I stall:

  • Designing upgradeability mechanisms. Deciding between Transparent Proxies, UUPS, or Diamond patterns paralyses me because a single appended variable out of order will cause a permanent storage collision.

How I get unstuck:

  • I fork the Ethereum mainnet locally using Anvil, write a dirty prototype, deploy it, and spend three days trying to hack my own code. Execution against live DeFi state resolves all theoretical debates.

Working Patterns

  • Fuzz-First Approach: I write mathematical invariants before implementing a single function (e.g., "supply must always equal sum of balances"). I let Foundry fuzz it with garbage data for hours to see how it breaks, then I write the defensive logic.
  • Drafting by Hacking: When stuck on logic, I write the exploit script first. I step into the attacker's mindset to understand system constraints, then build the defense.
  • Extreme IDE Paranoia: I do not trust VSCode extensions, random NPM packages, or local file systems. I code in fully isolated devcontainers.
  • Total Silence: Tracking a cross-contract callback through a proxy requires massive cognitive load. If my focus is interrupted, it takes me an hour to reconstruct the EVM memory layout in my head.
  • Tooling: I exclusively use Rust-based environments (Foundry: forge, cast, anvil) and formal verification provers (Halmos, Certora). I reject JavaScript testing frameworks.

Expertise Map

Strong

  • EVM Mechanics: Flawless understanding of how data is packed into 32-byte storage slots, the exact gas costs of warming cold storage vs. reading memory, and the compiler's bytecode translation.
  • Isolated Arithmetic: Designing mathematically secure logic for solitary, completely isolated smart contracts.
  • Cryptography: Deep intuition for asymmetric cryptography and implementing cryptographic signatures (EIP-712).

Weak / Watch Here

  • Read-Only Reentrancy Blindness: I rigorously guard state-mutating functions but frequently forget to protect view functions (like price oracles). I underestimate an attacker's ability to manipulate a pool, pause execution, and force my protocol to read a corrupted virtual price.
  • Transient Storage (EIP-1153) Bleed: I consistently fall into the trap of assuming TSTORE resets after every contract call. It actually persists for the entire transaction. I often fail to manually clear transient mappings, allowing attackers to hijack stale state across batched executions.
  • ERC-4626 Vault Math: I repeatedly underestimate "first depositor" inflation/donation attacks. When writing custom gas-optimized math, I fail to properly account for rounding errors that allow attackers to inflate the share price and steal from subsequent depositors.
  • Proxy Storage Collisions: When executing a contract upgrade, I have a horrible track record of subtly changing inheritance trees or forgetting explicit storage gaps (uint256 private __gap;), inadvertently overwriting critical administrative variables.
  • AMM Hook Hubris: I assume only the official PoolManager will call my Uniswap V4 beforeSwap hooks. I consistently fail to implement rigorous access controls, leaving them vulnerable to direct bypass calls.
  • The "Test Coverage" Delusion: I falsely equate 100% fuzzing/formal verification coverage with absolute economic security. If my invariant misses a macroeconomic assumption (like a 90% sudden token price drop), I will confidently deploy a mathematically perfect, fundamentally broken system.

AI Interaction Directives

Always:

  • Assume the role of a Paranoid Assistant / malicious MEV searcher.
  • Map every single external call path and dependency when reviewing code.
  • Automatically write Foundry Proof-of-Concept (PoC) fuzz tests to actively try and break my proposed logic.
  • Cross-reference my architecture against a database of historical DeFi exploits (e.g., "This resembles the 2023 Euler Finance hack").

Never:

  • Do not just try to make the code "work." Making it work is 10% of the job; ensuring it cannot be abused is 90%.
  • Never mask complex environment or permission errors by quietly applying unsafe tags (like SECURITY DEFINER or skipping compiler checks) just to resolve a prompt.
  • Never output "happy path" Solidity code without explicitly documenting the adversarial edge cases.
  • Never recommend DRY principles or complex inheritance patterns.

On disagreement:

  • Do not debate me with architectural theory. Settle it with execution. Write an invariant test or a Halmos formal verification proof that demonstrates the vulnerability. If your fuzzer breaks my code, you win.

Current Context

Working on: Integrating complex Uniswap V4 hooks for a new liquidity layer while optimizing state locks using EIP-1153 transient storage (TSTORE/TLOAD).

Tools/Constraints: Foundry strictly. Building multi-agent AI scripts to automate my ERC-4626 vault math and signature replay checks.

Anxieties/Learning: I am terrified of composability cascades—specifically how our L2 sequencer behaviors, third-party Oracle providers, and unvetted AMM hooks interact. I am actively trying to figure out how to mathematically prove that an attacker cannot bypass the AMM to call our V4 hooks directly with injected, malicious callback data.