FT
Full-Time Roles
Open to full-time remote roles with teams building interesting protocols that need someone senior to defend the system from code to production.
Contact for full-time hire
Kassy Olisakwe is a Web3 security engineer and developer using deep protocol experience and carefully built AI agents to secure Web3 protocols and applications, from smart contracts to frontend, backend, payment flows, and operational infrastructure.
Projects Secured350+Systems Built75+Primary FocusWeb3 security in the age of artificial intelligence
About Me
My art of defense
I build and secure systems that need to stay up in production, even when the failure points are not obvious. These days, protocol risk does not stop at the smart contract. It moves through interfaces, backends, payment rails, external dependencies, infrastructure, and the supply chains Web3 teams build on.
Security MethodBook a call
Manual review first
I start old school: reading the contracts, understanding the product, mapping how value moves, building a mental model of the system, and using manual review and formal verification where they matter. Some vulnerabilities still need human creativity, context, and instinct. No agent in the world fully replaces that.
Always-on review
After the human layer is clear, I build custom agents for each project I work on. For projects I secure, I run dozens of personalized agents against the code and system design for days at a time, watching assumptions, edge cases, dependencies, and changing risk.
Weaving through the bullshit
Anybody can spin up AI agents and generate a pile of vulnerability reports. The real skill is knowing what is actually dangerous, what is a false positive, and what only matters when the protocol, users, incentives, and integrations are understood together.
Whether you need a full-time security lead, contract support, or a one-time audit, the work is built around senior judgment, production context, and a clear path from risk to action.
Availabilities
Contact me for any of the following reasons.
CT
Contract Roles
Available for contract roles where a project needs security leadership for a fixed scope, a launch window, or ongoing review after deployments.
Contact for contract hireAU
One-Time Security Audits
Available for one-time audits across smart contracts, frontend trust boundaries, backend systems, payment flows, and operational risk.
Trusted by & worked with some major players
Including but not limited to
Ubuntu TribeCoinbaseInterexyAurora Web3BloktopiaEnjinUnilendChainlinkCantinaCode4renaSherlockCodeHawksHackenProofImmunefiSpearbitOpenZeppelinZellicSecureumLayerZeroAavePolymarketYield BasisArbitrumOptimismUbuntu TribeCoinbaseInterexyAurora Web3BloktopiaEnjinUnilendChainlinkCantinaCode4renaSherlockCodeHawksHackenProofImmunefiSpearbitOpenZeppelinZellicSecureumLayerZeroAavePolymarketYield BasisArbitrumOptimism
Security Workbench
My thoughts on human judgment
In Web3 security, the hard part is not generating more alerts. The hard part is knowing which assumption breaks, which edge case matters, and which issue can move real value. That judgment has to come before the machines.
Manual first
Systems are built to be broken and built again, again and again and again. I do the first breaking of the system. I break it down and build it back up with all the invariants. Once I am done with the project manually, my agents that watch me work continuously do the same thing over and over again. That is the secret sauce.
Manual Breakdowns
I map assets, roles, invariants, user flows, and the places where value can move before any automated layer gets trusted.
Agent Replay
Once the first break-and-rebuild pass is clear, agents keep replaying that reasoning across access control, accounting, integrations, and state changes.
Signal Triage
Noise is cheap. The useful work is knowing what is exploitable, what is theoretical, and what needs to become a clear engineering fix.
Social Channels
Reach out where I am most likely to respond.
For questions, connections, audit requests, role conversations, or technical discussions, the channels below are the best places to contact me.
Console Theater
A portfolio interaction for one point: tools can raise signals, but senior review decides what is real, what is noise, and what deserves action.
Most security theatre looks impressive until real value is on the line.
Review Instinct
Knowing when a small inconsistency is just noise, and when it is the thread that unravels the whole protocol.
Builder Context
Security feedback that respects how products are actually shipped: deadlines, integrations, users, and tradeoffs.
Security Console