Job description
Job Responsibilities:
1. Responsible for security auditing related to web3 wallets (mainly Java code, some Golang/Rust), identifying potential risks in business requirements, technical implementation plans, etc., providing solutions and driving their implementation;
2. Research the characteristics of new chains, gain a deep understanding of potential risks during the integration process of new chains, and promote risk avoidance in code implementation;
3. Familiar with wallets and Web3 business, capable of identifying security vulnerabilities in business architecture, processes, logic, technical solutions, etc., and can provide corresponding security solutions and drive their implementation;
4. Participate in the entire R&D process of the product research team, promoting the implementation of SDL;
Requirements:
Keywords: Java/Rust, Spring Framework, web3 wallet, SDL, encryption and decryption, security solutions
1. Familiar with and proficient in relevant application security and blockchain security knowledge, understanding the inherent principles, discovery methods, vulnerability code scenarios, exploitation techniques, and solutions of common security vulnerabilities;
2. At least 3 years of experience in business development or security auditing based on Java or other languages, having led or participated in the implementation of SDL;
3. Familiar with the blockchain industry and related technologies, as well as common security risks and the working principles of mainstream chains (BTC, ETH, etc.);
4. Familiar with commonly used encryption/decryption/signature algorithms, especially those commonly used in web3 wallets, such as ECDSA, ED25519, RSA, AES, SSS, etc., with a deep understanding;
5. Possess a certain background in penetration knowledge, familiar with mainstream attack and defense, and penetration methods;
6. Have a strong interest in emerging blockchain technologies and be self-driven to learn and understand.