BhargavaShastry
Security Engineer at the Ethereum Foundation & Independent Security Researcher
01 — About
About Me
Security Engineer & Researcher
I'm a security engineer at the Ethereum Foundation working on protocol security for the execution layer. My day-to-day is differential fuzzing of Ethereum clients, hard-fork readiness testing, and technical evaluation of submissions to the Ethereum Foundation's bug bounty program.
I came to Ethereum through compiler security — 300+ commits to the Solidity compiler's fuzzing and testing infrastructure — and before that a Ph.D. on fuzzing and static analysis at TU Berlin. That background in oracle-driven testing shapes my client work today: if two independent implementations disagree, at least one of them is wrong.
I work in the open where I can: upstream fixes merged in Erigon, Nethermind, revm, and the executable Ethereum specs, contributions to Google's OSS-Fuzz, and a blog about differential testing — most recently cross-checking post-quantum cryptography implementations against each other.
Core Expertise
- Differential Fuzzing
- Ethereum Protocol Security
- Bug Bounty Triage
- Vulnerability Research
- Post-Quantum Cryptography
- AI-Assisted Security Tooling
By the numbers
- Years of Experience
- 10+
- Open Source Projects
- 20+
- Security Vulnerabilities Found
- 50+
- Community Contributions
- 1000+
Technologies & Tools
02 — RESEARCH
Security Research
Building tools and techniques to find vulnerabilities before attackers do
Ethereum Protocol Security
2022 - PresentDifferential fuzzing and hard-fork readiness testing across Ethereum execution clients — finding consensus divergences before they reach mainnet.
- Coverage-guided differential fuzzing of state-test execution across geth, Besu, Nethermind, Erigon, and revm, built on goevmlab
- Hard-fork readiness testing for upcoming upgrades: gas repricing, block-level access lists, and new EIP semantics validated against the executable specs
- Upstream fixes merged in Erigon, Nethermind, revm, and ethereum/execution-specs
- Earlier: EIP-7702 differential fuzzers across geth, Nethermind, and Besu; PrecompileFuzzer for the Prague hard fork; EthFuzzNet network-resilience testing
Bug Bounty Triage
2026 - PresentTechnical evaluator for the Ethereum Foundation bug bounty program: reproducing, assessing, and routing reported vulnerabilities across execution- and consensus-layer clients.
- Evaluate submissions for consensus, finality, and denial-of-service impact to assign severity
- Reproduce reported issues and confirm cross-client blast radius with differential test harnesses
- Built internal tooling that manages the submission-to-triage workflow end to end
Post-Quantum Cryptography
2026 - PresentDifferential testing of post-quantum standards: cross-checking independent ML-KEM (FIPS 203) and ML-DSA (FIPS 204) implementations against each other.
- Built a coverage-guided differential fuzzer co-linking mlkem-native, BoringSSL, and libcrux
- Functional-equivalence and constant-time checks across implementations
- Published a four-part blog series on the approach and results
AI-Assisted Vulnerability Research
2026 - PresentAgentic systems that put LLMs to work on Ethereum client security: deterministic orchestration, auditable logs, and human review at the decision points.
- Agent frameworks that decompose vulnerability research into context building, harness generation, PoC validation, and triage
- Autonomous audit pipelines run against Ethereum client codebases in sandboxed environments
- LLM-assisted severity assessment integrated into the bug bounty triage workflow
Compiler Security
2018 - 2022Core contributor to the Solidity compiler's testing infrastructure, with 300+ commits focused on fuzzing and correctness testing.
- 303 commits to the Solidity compiler, primarily in fuzzing and testing
- Built ABI encoder v2 differential fuzzer
- Discovered and reported numerous compiler correctness bugs through structure-aware fuzzing
P2P & Networking Security
2022 - PresentSecurity testing of peer-to-peer networking stacks used in Ethereum consensus and execution clients.
- Security testing of Ethereum wire protocols (eth/6x, snap/1), including upstream sync-protocol fixes merged in Nethermind
- Fuzzed libp2p (Rust implementation) for protocol-level vulnerabilities
- Built mplex-dos stress testing tool for libp2p multiplexing
- Contributed yamux stream multiplexer security patches
- Security research on Prysm (Ethereum consensus client)
Fuzzing Infrastructure
2017 - 2020Tools and frameworks for automated vulnerability discovery, contributed to Google's OSS-Fuzz and built standalone fuzzing frameworks.
- Built orthrus, a fuzzing framework for managing parallel fuzz campaigns (216 commits)
- 69 commits to Google's OSS-Fuzz continuous fuzzing platform
- Developed custom protocol-buffer based mutation strategies for structure-aware fuzzing
Application Security
2017 - 2021Fuzzing open-source networking and language runtime software to find and fix memory safety and logic bugs.
- Fuzzed Open vSwitch (16 commits) — found packet parsing vulnerabilities
- Contributed to OVN (16 commits) — virtual network security testing
- Built mruby proto fuzzer using structure-aware fuzzing techniques
- Discovered and reported Boost Filesystem crash bugs
ERC-4337 / Account Abstraction
2023 - 2024Testing and compliance infrastructure for Ethereum's account abstraction ecosystem.
- Built bundler test executor for ERC-4337 compliance testing
- Contributed to Holesky funding vault smart contract infrastructure
03 — Talks
Talks
Conference presentations and invited talks on fuzzing, compiler security, and vulnerability research
Trust No Single Witness: Differential Fuzzing & Bug-Bounty Triage for Ethereum Clients
Fuzzing the Solidity Compiler
Fuzzing the Solidity Compiler
Can A Fuzzer Match A Human: Solidity Case Study
Open Discussion on Solidity Fuzzing
Vulnerability Search Problem and Methods
04 — Publications
Publications
Peer-reviewed research in security, fuzzing, and program analysis
Ph.D. — TU Berlin
Follow the White Rabbit: Simplifying Fuzz Testing Using FuzzExMachina
V. Ulitzsch, D. Maier, B. Shastry
Black Hat 2018
Taking Control of SDN-based Cloud Systems via the Data Plane
K. Thimmaraju, B. Shastry, T. Fiebig, F. Hetzelt, J.P. Seifert, A. Feldmann, S. Schmid
Symposium on SDN Research 2018
The vAMP Attack: Taking Control of Cloud Systems via the Unified Packet Parser
K. Thimmaraju, B. Shastry, T. Fiebig, F. Hetzelt, J.P. Seifert, A. Feldmann, S. Schmid
Cloud Computing Security Workshop 2017
Static Program Analysis as a Fuzzing Aid
B. Shastry, M. Leutner, T. Fiebig, K. Thimmaraju, F. Yamaguchi, K. Rieck, S. Schmid, J.P. Seifert, A. Feldmann
RAID 2017
Static exploration of taint-style vulnerabilities found by fuzzing
B. Shastry, F. Maggi, F. Yamaguchi, K. Rieck, J.P. Seifert
USENIX WOOT 2017
Leveraging flawed tutorials for seeding large-scale web vulnerability discovery
T. Unruh, B. Shastry, M. Skoruppa, F. Maggi, K. Rieck, J.P. Seifert, F. Yamaguchi
USENIX WOOT 2017
Towards Vulnerability Discovery Using Staged Program Analysis
B. Shastry, F. Yamaguchi, K. Rieck, J.P. Seifert
DIMVA 2016
A First Look at Firefox OS Security
D. Defreez, B. Shastry, H. Chen, J.P. Seifert
MoST 2014
Fraunhofer Secure IT
Towards Taming Privilege-Escalation Attacks on Android
S. Bugiel, L. Davi, A. Dmitrienko, T. Fischer, A.R. Sadeghi, B. Shastry
NDSS 2012
Practical and lightweight domain isolation on android
S. Bugiel, L. Davi, A. Dmitrienko, S. Heuser, A.R. Sadeghi, B. Shastry
ACM SPSM 2011