Olivia
Online
Pybast
@Pybast
CTO @Corkprotocol | EVM engineer | DeFi & smart contracts | Ex-CTO @Nefture | Summiting peaks & building protocols
Joined June 2014
2K Following
1.4K Followers
2.1K Posts
Pinned Tweet
Thrilled to announce I’ve joined @Corkprotocol as CTO.
After a great run working for top web3 projects, traveling to conferences, and winning hackathons, it’s clear where I want to focus: bringing TradFi onchain.
🧵 Let me share what convinced me to join Cork (+ we are hiring)
What makes me especially excited to build Cork is the market growth for tokenized assets. We’re entering a new phase of scale:
• real world assets: $3B → $25B in 3 years,
• stablecoins: $260B total market,
• vault protocols like @MorphoLabs & @veda_labs: triple-digit growth
As DeFi is rapidly becoming TradFi’s technology backbone, this transition needs to happen with the same rigor, transparency, and automation that underpin traditional financial markets.
Cork is the solution, serving as a programmable risk layer for onchain assets such as vault tokens, yield-bearing stablecoins, and liquid (re)staking tokens.
Prior to joining Cork, I cofounded and was the CTO of @Nefture, a security product aiming to protect DeFi. Through this experience, I came to deeply understand one of the biggest challenges of DeFi, security.
More recently, I expanded my horizon and worked on:
• building a DeFi locker on Linea with @StakeDAOHQ,
• building a secure reward distribution system on Arbitrum with @cedelabs,
• analyzing Permit2 phishing scams with @RevokeCash,
• auditing an ERC4626 vault for @trumarket_tech,
• building UniV4 hooks at UHI @AtriumAcademy
• won 6 hackathons (@ETHGlobal, @alephhackathon), with projects actively developed like PolySwap (grant by @CoWSwap) and @BackupBuddy_io, well on its way to make wallet recovery secure and accessible,
• attended confs and popup cities, making amazing friends and deepening my understanding of the ambitious vision for @Ethereum. Best examples being @Zuitzerland where I spent a month learning about d/acc.
It’s this journey, when meeting @robdogeth at @EthCC, that allowed me to understand the important and inevitable vision of @Corkprotocol.
I’m incredibly excited to contribute to Cork’s vision of institutional-grade risk management for onchain finance.
The next trillion in liquidity will require transparent risk layers, and that’s what we’re here to build.
We’re working on cutting-edge DeFi and building a top-tier team. This is why I’m excited to be building here. If this is interesting to you, come build with me. We’ll be hiring a senior smart-contract developer to support our build (see link in the comments).
Follow @Pybast & @Corkprotocol to see what we're cooking!
@Jeremybtc > delayed every transaction so users could cancel hacks in real time.
AI slop. The delay is meant to prevent double spending. Example: I spend 5€ and, at the same time, withdraw my whole wallet balance.
Result: full balance + 5€ item.
The 3min delay prevents it.
@pashov Can’t wait!
Who to follow
John Forster 🇵🇷
@JohnW_Forster
"Leadership is the capacity to translate vision into reality." Social-Finance. GenAI . Fintech. Edtech. @Aiversityio 🚀@Traderverseio Retired PGA Professional
Bay Balci
@baybalci6646
BODRUM / HATAY ( Minninna) - Mustafa Kemal kirmizi çizgimiz, AKP liler fuck offff - - Atheist 🤞
Matt Haynes - Aurora Ventures
@aurora_ventures
Unemployable aura farming alien future space pirate - I am legend.
What you sign is what you get. max slippage ~= slippage!
Is what you see really what you get in DeFi?
We analyzed large (> $ 50k) Uniswap V3 swaps to measure the gap between the price preview shown before signing and the price users actually received.
TL;DR:
- 78.3% of default-tolerance swaps settled within 1% of the signed slippage floor, and 84.1% within 5%
- Favorable outcomes were economically tiny: max +3 bps, while adverse execution reached ~50 bps in common default-tolerance cases
- Only ~4.2% crossed the slippage floor and reverted. 78.3% settled just inside it.
Read the report, link in the comment.
@ethereumfndn
@Uniswap
#DeFi
we've been speedrunning financial history onchain for a decade. vaults, AMMs, stablecoins, LSTs — every single one is a credit product wearing a different hat
stack enough of them and you've built a beautiful, interconnected pile of unpriced risk
great chat with @therollupco
What is Cork?
⬇️ Answer
The security stack of a protocol is not an afterthought. Certain integrations, such as realtime monitoring, are core to a protocol’s design. Anticipate and plan it early, not post deployment!
The wallet that can pause your protocol should never be the wallet that can upgrade it.
@Pybast, CTO of @Corkprotocol, walked through this at the Rekt Security Summit in Cannes. Giving Hypernative the pause role makes sense for rapid response. But if that role also carries upgrade permissions, you have introduced a new attack vector instead of closing one.
The same logic applies to unpause. If the key that unpauses your protocol gets exfiltrated, an attacker can trigger a pause, wait, unpause, and exploit again.
These are governance design decisions that need to happen before you integrate any security tooling.
Learn more at https://t.co/bT9M6kpVM1
When you realize that buying your baguette in EURe is damaging the economy 🫠
Copper coins me voilà!
Stablecoins are not an efficient way to strengthen the international role of the euro, says President Christine @Lagarde.
The best solution remains deeper capital market integration through the savings and investment union and a stronger safe asset base https://t.co/Xewr8ysz9B
Moat — a free, open-source day-one firewall for teams too early-stage to afford the audits they should have before going to production, and for any team trying to convince risk-averse LPs that their funds are safe.
Now live in the @Giveth × @thedaofund Ethereum Security QF round. Every donation amplified by a 500 ETH matching pool 🙏
@KelpDAO @banteg @chainlink We failed to configure X so we’re moving to Y. Hopefully you configure Y correctly
After 6 months of work, we're proud to finally share our first release of our new smart contract language:
Plank v0.1 🚀
To fix the fundamental issues plaguing smart contract development we're rebuilding the language stack from the ground up. 🏗️
Learn more 👇
Trust git, the OSS protocol. Don’t trust github, the for profit company operating the servers behind github(dot)com.
How much of DeFi could be affected by such a vulnerability?
"The time to solve security is before you need it. Once it's broken, everyone's watching and you're out of time."
Our CTO @Pybast lives in the part of DeFi most people don't think about until it's too late: what happens when things break, while they're breaking.
He took the stage at Rekt to talk about exactly that.
DeFi's whole promise is non-skeuomorphic finance, building primitives onchain to create products TradFi can't.
But the industry still hasn't cracked its most basic problem. KYC and onboarding remain the real bottleneck. You can embed compliance logic, licensing terms, and a dozen other rules directly into a smart contract and still end up doing paperwork. In 2026, parts of that paperwork still need wet signatures.
The smart contract is the easy part; the bottleneck is the human in the loop, which nobody has automated yet.
A sharp moment from a recent panel @Philfog moderated.
DeFiScan is live in Ethereum Security QF Round on @Giveth!
We're building verifiable insights into the maturity and risks of DeFi protocols. Providing developers better tools to build with decentralization in mind, and let users avoid single points of failure.
No more blind trust. Real data. Real ratings.
A more secure DeFi ecosystem.
If you have found DeFiScan useful and/or would like to support the development of the centralization risk infrastructure, please consider donating to us: https://t.co/1sluKbCEJJ
@m4rio_eth it’s already funding the next attack
@cas_abbe @LayerZero_Core this is a bunch of ai slop… the verifier (dvn) encompasses the data sourcing, otherwise it’s still completely flawed.
The best practice of multiple DVNs includes the necessity of multiple independent data sources.
@OAK_Res_FR https://t.co/nuJR2pyn4o
La position de KelpDAO qui consiste à dire qu'ils ont suivi la configuration "par défaut" du "quickstart guide" est très problématique.
C'est l'équivalent d'acheter une voiture de sport chez un concessionnaire, s'inscrire à une course de rallye, se retrouver à être malheureusement écraser par le toit de sa propre voiture au cours d'une sortie de route et ensuite mettre la faute sur le constructeur automobile qui a enfoui dans son manuel d'usage qu'il faut installer un arceau de sécurité si vous faites du rallye.
> une configuration DVN 1/1 n'aurait tout simplement jamais dû être possible.
C'est l'équivalent de dire qu'une voiture de sport sans arceau de sécurité ne devrait pas être mis en vente. C'est ignorer que la majorité des gens n'ont pas besoin de payer un arceau de sécurité. C'est pareil pour les DVNs.
Maintenant LayerZero n'est pas sans responsabilité. On est sur la blockchain, tout est transparent, donc le constructeur automobile peut facilement voir ce que fait chaque voiture et les risques pris. S'il a conscience que vous allez faire du rallye sans arceau avec sa voiture, ou s'il a la capacité de le savoir, il doit informer. Dans ce sense, LayerZero aurait du tirer la sonnette d'alarme et exiger une configuration plus sécurisée. C'est assez peu clair si ça a été fait et à quelle intensité.
Ce qu'il faut comprendre c'est que des groupes comme Lazarus cherchent les fruits à portée de main et ils sont prêts à investir des mois et des dizaines de hackers pour taper gros et arriver à leur fin. Sécuriser $1.4b avec un service centralisée sous la totale responsabilité de LayerZero, c'est les inviter au festin et c'est s'assurer qu'il finiront par trouver un moyen!
C'est vraiment décevant de voir que l'industrie se cache derrière des arguments aussi irresponsables... Mais je reste optimiste sur le fait que derrière les facades marketing, les choses vont changer dans la bonne direction.
Last Seen Users on Sotwe
ًًدلوع
Seen from Germany
DPT PRODUCTION
Seen from Malaysia
OG X
Seen from Saudi Arabia
Nil
Seen from Netherlands
Studio JAV Launcher
Seen from Turkey
Muhammet ikis
Seen from United States
Basoka
Seen from Indonesia
Bunda lisa
Seen from Indonesia
👠♠️الديفا جيهان العنتيبى
Seen from Egypt
Couple Moroccan 🇲🇦
Seen from Egypt
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers