Job description
Job Responsibilities:
1. Design and develop institutional-level RWA protocols to achieve asset tokenization, custody, cross-chain bridging, and core modules for the rules engine. Build a permission management system to support multi-role hierarchical control.
2. Optimize cross-chain asset interactions, develop cross-chain deposit/mint/burn logic, and handle asset rollback and refund mechanisms in extreme situations.
3. Enhance contract security to avoid reentrancy attacks, DoS risks, and permission vulnerabilities. Implement a proxy contract upgrade architecture to ensure upgradability and version management.
4. Integrate compliance and risk control, develop a rules engine binding KYC/AML modules, and execute institutional-level compliance checks such as transfer limits and address whitelists.
Job Requirements:
1. Proficient in the tech stack with over 5 years of Solidity development experience, skilled in the OpenZeppelin library. Familiar with proxy contract patterns and upgrade processes. Expertise in cross-chain protocol development (such as LayerZero, Wormhole, or custom bridging logic).
2. Security development capability: Deep understanding of smart contract vulnerability types (reentrancy, overflow, permission vulnerabilities) with experience in fixing permission issues like N4/N14/N19/N23 in audit reports.
3. Experience in the RWA field, familiar with the business logic of on-chain real assets (such as bonds), and understanding of compliance requirements (custodial account operations, institutional needs for mandatory transfers/burns). Practical cases of handling deflationary tokens, asset custody, and wallet proxies.
Preferred Qualifications:
1. Experience in fixing vulnerabilities in institutional audit reports from SlowMist/Ackee (such as reentrancy risks N15 and burn vulnerabilities N21/N22 in this report).
2. Familiarity with the application of ERC1363 (token standard that accepts callbacks) in wallet contracts.
3. Understanding of the compliance framework for institutional-level RWA (such as legal entity binding and on-chain KYC).