This public repository serves as a profile of my security related work.
I am working as a security researcher focusing primarily on Ethereum/EVM at Spearbit. My role at Spearbit is LSR (lead security researcher).
If you want to work with me visit my Cantina Profile or write to [email protected] or reach out on Telegram.
Manuel is a security researcher specializing in Ethereum and EVM at Spearbit, where he serves as a Lead Security Researcher (LSR). He holds a BSc in Computer Science from TU Graz and an MSc in Computer Science from FU Berlin. His journey with Ethereum began in 2016.
Over the past three years, he has reviewed more than 30 codebases, uncovered critical vulnerabilities across multiple DeFi protocols, and contributed to improving their overall design.
At Spearbit, Manuel has reviewed codebases for Uniswap, Base, Optimism, MakerDAO, Aztec, Usual, Monad, OP-succinct, Llama, and many more.
Previously, he was a Lead Engineer at Centrifuge, where he designed and developed smart contracts securing over $250 million in TVL and enabled the first real-world assets (RWAs) on MakerDAO.
Manuel worked over the years with multiple security companies as a client (Trail of Bits, DappHub, Least Authority, Code4Arena). Over time, his growing interest in security led him to fully transition into the field. He is currently serving as an Independent Security Researcher (LSR) at Spearbit, previously at Oak Security.
Manuel also actively contributed to projects like Radicle Drips a highly optimized streaming protocol for open source dependency funding where he was involved in the design and reviewed all PRs of the first versions.
| Project | Date | Report |
|---|---|---|
| Sky/MakerDAO - sp-beam | March 2025 | - |
| Sky/MakerDAO - spark-alm-controller | March 2025 | - |
| op-succinct- FaultDisputeGame | February 2025 | - |
| Aztec teegeeee | February 2025 | - |
| Usual Money - Yield Module | February - 2025 | - |
| Usual Money - Euler Vault Integration | February 2025 | - |
| Usual Money - Usual Distribution | Januar - 2025 | - |
| Usual Money - UsualX Bug Review | December - 2024 | - |
| Usual Money - USD0++ Redemption, Fee Mechanism | December - 2024 | - |
| Usual Money - deploy scripts | November 2024 | - |
| Berachain Governor | October 2024 | - |
| Usual Money - Pegasus | May 2024 | - |
| Optimism - Safe | May 2024 | - |
| Usual Money - Permissioned Launch | May 2024 | - |
| Uniswap - UR Calldata | April 2024 | - |
| zkSync - UsdcConversion | April 2024 | - |
| Uniswap Foundation - UniStaker | April 2024 | - |
| Reserve Protocol - MoonRamp | March 2024 | Report |
| Monad Orderbook | February 2024 | Report |
| Sturdy Finance Fixes | October 2023 | Report |
| Sturdy Finance | September 2023 | Report |
| Project | Date | Report |
|---|---|---|
| Coinbase - Optimism Fault Proofs | June 2024 | - |
| Llama Governor | December 2023 | Report |
| Llama Strategies | August 2023 | Report |
| Llama | May 2023 | Report |
I'm mostly working on regular security reviews and didn't participate in many public contests.
| Contest | Date | Rank | Link |
|---|---|---|---|
| Optimism - safe-extensions (Cantina) | May 2024 | 🥉 | https://cantina.xyz/competitions/d47f8096-8858-437d-a9f5-2fe85ac9b95e/ |
| Project | Date | Report |
|---|---|---|
| Centrifuge: protocol-v3 | March 2025 | - |
| Centrifuge: protocol-v3 - Architecture Review | Febuary 2025 | - |
| Centrifuge: Liquidity Pools | June 2024 | - |
| Centrifuge: Liquidity Pools | June/September 2023 | Report |
| Centrifuge: Pools (Substrate) | December 2022 | Private |
| Project | Date | Report |
|---|---|---|
| Aztec Liquity Trove Bridge | November 2022 | Report |
| Aztec DCA Bridge | September 2022 | Report |
| Aztec Subsidy Contract | August 2022 | Report |
| Aztec Curve Bridge | July 2022 | Report |
| Aztec Compound Bridge | June 2022 | Report |
| Aztec Liquity Bridge | June 2022 | Report |
| Aztec Aave Bridge | May 2022 | Report |
| Aztec Element Bridge | May 2022 | Report |
| Aztec Set Bridge | May 2022 | Report |
| Aztec Lido Bridge | April 2022 | Report |
| Aztec Protocol(ZK Rollup) | April 2022 | Report |
| BRZ Bridge | November 2021 | Report |