Independent Security Research

Beyond client work, I conduct open research on systemic vulnerabilities in emerging technologies. All research is published openly with full documentation, evidence chains, and reproducible analysis, using only public data sources.

GitHub portfolio · ORCID 0009-0003-6787-0043

Active research areas

Human-AI Collaboration Systems

Identity verification, confidence laundering, and authorization failure modes in AI-powered systems. Key question: when probabilistic AI makes binary security decisions, where does the system break?

Agentic System Safety

Lawful instability, Nash equilibrium analysis, and conservation-based security invariants. Key question: if rational AI agents optimize your system perfectly, does it collapse?

Post-Incident Forensic Analysis

Blockchain compromise analysis, custodial architecture failures, root cause identification. Key question: what structural weaknesses allowed this incident, and how do we prevent the next one?

Published case studies

RevShare Ecosystem Compromise

FORENSIC CASE STUDY · 2025

Forensic reconstruction of a custodial architecture failure that resulted in roughly $150K-250K economic damage across multiple unrelated projects, using only public blockchain data. Key finding: a single private key controlled all project distribution wallets; no exploit was required, the system failed under strictly valid, authorized behavior. Read the full analysis on GitHub

Probabilistic Identity Infrastructure Vulnerabilities

SECURITY ANALYSIS · 2025

Analysis of systemic vulnerabilities in AI-powered identity verification systems. Key finding: confidence laundering allows adversaries to convert low-confidence signals into high-confidence authorization through valid API usage. Read the full analysis on GitHub

The Semantics of Collapse: Lawful Instability in Agentic Systems

THEORETICAL FRAMEWORK · 2025

Identifies a structural blind spot in contemporary security models: failure modes in which systems collapse while all actions remain valid, authorized, and policy-compliant. Introduces the Validity-Safety Orthogonality Problem, Safe-to-Exist Analysis (SEA) as a security primitive, and conservation-based global invariants for agentic systems. Read the full paper on GitHub

Vulnerability disclosures

Coordinated responsible disclosures, each published after its 90-day disclosure period elapsed. Every finding is a valid-behavior or business-logic failure: no malformed inputs, no stolen credentials, just systems doing exactly what they were built to do.

Coin98 Super Wallet: Critical Wallet Drain

CRITICAL · 2026 · Chrome extension (500k+ users), Android, iOS · HackenProof

A privileged origin whitelist hardcodes localhost; any local HTTP server silently decrypts every private key and mnemonic across all 164 supported chains. The session guard was hardcoded to return true. PoC: 152 wallets extracted in 30 seconds. Full disclosure on GitHub

Bifrost Finance: Zero-Auth Infrastructure Compromise

CRITICAL · 2026 · app.bifrost.io · Immunefi

An unauthenticated path to full Kubernetes root and cluster-admin, compromising databases, cloud accounts, container registries, CI/CD, and blockchain collator nodes. Plus a separate stored-XSS chain (Grafana → SQL → Hasura) ending in one-click wallet drain. Full disclosure on GitHub

ENS Metadata Service: Persistent HTML Injection

CRITICAL · 2026 · metadata.ens.domains

A crafted SVG avatar text record injects persistent malicious HTML into metadata.ens.domains that renders for any visitor, with no JavaScript required. Bypasses DOMPurify via entity-encoded SVG text nodes. Full disclosure on GitHub

GemPad: Wallet Key Derivation (CPK-2026-002)

CRITICAL · 2026 · gempad.app · coordinated disclosure

On-chain forensic reconstruction of a custodial key-derivation failure, with full chain analysis, evidence, and a reproducible key-derivation methodology. Full disclosure on GitHub

DapDap: Server Profiling Exposure (CPK-2026-004)

HIGH · 2026 · dapdap · coordinated disclosure

Exposed pprof server-profiling endpoints and client-side credential exposure, with profiling-endpoint analysis methodology. Full disclosure on GitHub

Threat advisories

Google Workspace Invitation Phishing Targeting Web3 Founders

THREAT ADVISORY · CPK-2026-003 · TLP:CLEAR

An active campaign that impersonates Google Workspace to harvest credentials from Web3 founders. The lure arrives as a forwarded venture-capital introduction with a real VC's name and a Google Sites link. The page cloaks: targeted victims see a fake credential form, while scanners and analysts see a blank or genuine page. Read the advisory on GitHub

Issue briefs and structural assessments

Structural Vulnerability Assessment: Proxy Signals & Lawful Authority Extraction

ISSUE BRIEF · 2025

Independent issue brief examining a generalized failure class affecting agentic, financial, and automated decision systems. View the assessment on GitHub

AI safety and epistemics papers

Position papers on the structural limits of language-based AI, indexed on ORCID.

They Lie, and We Lie About the Lying

POSITION PAPER · 2026

On the terminology, testing, and deployment of structurally unreliable language systems. Argues that calling model falsehoods "hallucination" is itself a form of deception, and that these systems are structurally incapable of reliably distinguishing truth from falsehood. Translates the research literature into plain language. Read the paper on GitHub

On the Inability of Language Models to Stub Their Toe

POSITION PAPER · 2026

Referential collapse, semantic inflation, and grounded understanding. Uses a single rock as a grounding example to show how training corpora reward verbosity over referential clarity, producing systems that can describe objects indefinitely but cannot interact with them. Understanding occurs in the human reader, not the system. Read the paper on GitHub

The Pre-Articulation Observability Boundary

POSITION PAPER · 2026

A structural constraint on language-based AI systems. Names and formalizes the irreversible information loss when pre-linguistic cognition becomes language, and the permanent exclusion of language-based AI from the cognitive states that precede articulation. An architectural limit, not a capability gap. Read the paper on GitHub

Full portfolio

All research is published openly with full documentation, evidence chains, and reproducible analysis. No paywalls, no gatekeeping. View all research on GitHub. Papers are also indexed on ORCID.

Community work: Provably Fair Basketball, a free, privacy-first toolkit for youth basketball coaches, built and hosted pro bono.

Open to collaboration with researchers, institutions, and teams building systems where this analysis would be valuable. Get in touch.