Smart Contract Developer

About the role

p> strong>Smart Contract Security Engineer / Solidity & Solana Auditor /strong> /p> p> br> /p> p>We are seeking an experienced project-based Smart Contract Security Engineer to support the design, review, testing, security audit, and penetration testing of regulated blockchain-based asset contracts. The primary focus is on strong>Ethereum/Solidity /strong> and strong>Solana/Rust /strong>, with other blockchain ecosystems considered a benefit. /p> p>The project involves tokenized financial instruments and regulated digital assets, including ERC-20 tokens, ERC-3643/T-REX-style permissioned tokens, stablecoin-style assets, real-world asset tokens, tokenized securities, tokenized debt, payment tokens, and related smart-contract infrastructure. /p> p>This is not a generic blockchain developer role. We are looking for someone who can think like a developer, auditor, and adversarial security tester. The ideal candidate should be able to write and review production-grade smart contracts, build automated test suites, identify vulnerabilities, challenge the architecture, and document findings clearly for both technical and non-technical stakeholders. /p> p> br> /p> p> strong>Primary Tasks /strong> - The selected candidate will be expected to: /p> p>- Review and improve Solidity smart contracts for Ethereum/EVM-based deployments. /p> p>- Review and improve Solana programs written in Rust, preferably using Anchor. /p> p>- Assess regulated token logic, including ERC-20, ERC-3643/T-REX-style permissioned transfer flows, and stablecoin-style issuer controls. /p> p>- Review and test minting, burning, pausing, blacklisting, freezing, whitelisting, KYC-gated transfers, forced transfers, confiscation/destruction mechanisms, upgradeability, deprecation, and migration logic. /p> p>- Validate identity-registry, compliance-module, and investor-eligibility checks where applicable. /p> p>- Identify risks in role-based permissions, owner privileges, admin keys, multisig controls, and emergency functions. /p> p>- Build or improve automated test suites covering standard flows, edge cases, failure paths, and restricted transfer scenarios. /p> p>- Perform manual code review, static analysis, fuzz testing, invariant testing, negative-path testing, and exploit scenario modeling. /p> p>- Review deployment, upgrade, and migration procedures for operational and security risks. /p> p>- Prepare a clear audit-style report with severity ratings, vulnerability explanations, recommended fixes, and retesting confirmations. /p> p>- Provide practical recommendations for secure deployment, admin controls, multisig usage, monitoring, and incident response. /p> p> br> /p> p> strong>Required Experience /strong> /p> p>The candidate should have strong professional experience with Solidity development and smart contract security reviews. They should understand Ethereum/EVM token standards and security patterns, including ERC-20, ERC-3643 or comparable permissioned-token designs, OpenZeppelin contracts, Ownable and AccessControl patterns, pausable contracts, upgradeable proxy patterns, allowance handling, storage layout safety, mint/burn controls, and transfer-restriction logic. /p> p>The candidate should also have practical Solana experience, including Rust-based Solana programs, Anchor, SPL tokens, Token-2022 concepts, transfer hooks, program-derived addresses, account validation, signer checks, ownership checks, authority management, and cross-program invocation risks. /p> p>A strong understanding of blockchain security risks is required, including reentrancy, access-control failures, authorization bypasses, broken compliance checks, allowance and approval issues, upgradeability flaws, storage collisions, integer and logic errors, denial-of-service vectors, account-substitution attacks, missing signer validation, incorrect PDA derivation, and compliance-rule bypasses. /p> p> br> /p> p> strong>Beneficial Experience /strong> /p> p>Experience with other blockchain ecosystems is beneficial but not mandatory, including Polygon, Arbitrum, Base, Avalanche, BNB Chain, Tron, Stellar, Cosmos-based chains, or permissioned blockchain environments. /p> p>Additional beneficial experience includes regulated asset tokens, RWAs, stablecoins, tokenized securities, tokenized funds, custody systems, exchange infrastructure, multisig administration, Safe, formal verification, symbolic execution, post-deployment monitoring, and incident response. /p> p> br> /p> p> strong>Expected Deliverables /strong> /p> p>The expected project deliverables include: /p> p>- Reviewed and improved Ethereum/Solidity smart contract templates. /p> p>- Reviewed Solana/Rust program architecture where applicable. /p> p>- Automated test suite or recommendations for test coverage. /p> p>- Security audit report with findings and severity ratings. /p> p>- Threat model covering smart contracts, admin controls, upgrade paths, compliance checks, and deployment workflows. /p> p>- Deployment and upgrade ch

Your Match

How well this role fits your profile.

Company Intel

What employees say

Worked at Perpetuals Group? Share your experience