Rappie

About Me

I'm Rappie, CTO & Lead Fuzzing Specialist at Perimeter, Associate Security Researcher at Spearbit, and active in bug bounty on Immunefi. I specialize in fuzzing EVM-based smart contracts to help protocols secure their code.

Beyond security research and protocol assessments, I contribute to the fuzzing community through open-source projects like EVM Fuzzing Resources and the List of Public Fuzzing Campaigns.

Testimonials

Rappie found some extremely subtle behaviors in our code that many others missed. He not only uses the cutting edge of multiple fuzzing engines, but also helps shape how these fuzzers are built. We've been delighted to use his mastery to make our contracts more secure.

• DanielVF, Origin Protocol

Rappie went above and beyond to deeply understand our protocol and cover all the edge cases. His experience and knowledge about the art of fuzzing is unparalleled. Overall he is an incredible security expert, we certainly will be returning to him with our future smart contracts.

• Igor Zuk, Drips Network

Security & Fuzzing Engagements

Protocol	Engagement Type	Completed	Report	Code
Origin Protocol	Perimeter Fuzzing Engagement	2025-03
Berachain	Perimeter Fuzzing Engagement	2025-01
Berachain	Perimeter Fuzzing Engagement	2024-12
Berachain	Perimeter Fuzzing Engagement	2024-12
Berachain	Perimeter Fuzzing Engagement	2024-11
Berachain	Perimeter Fuzzing Engagement	2024-10
Berachain	Perimeter Fuzzing Engagement	2024-09
Berachain	Fuzzing Specialist during Spearbit Security Review	2024-08
Private	Fuzzing Specialist during Spearbit Security Review	2024-05
Origin Protocol	Perimeter Fuzzing Engagement	2024-05	Report	Code
Private	Perimeter Fuzzing Engagement	2024-04
Coinbase	Fuzzing Specialist during Spearbit Security Review	2024-03	Report
Coinbase	Fuzzing Specialist during Spearbit Security Review	2024-03	Report
Drips Network	Perimeter Fuzzing Engagement	2024-01		Code
Drips Network	Fuzzing Specialist during Spearbit Security Review	2023-11	Report
Private	Perimeter Fuzzing Engagement	2023-11
Origin Protocol	Fuzzing Engagement	2023-09		Code
Origin Protocol	Fuzzing & Audit	2023-03	Report

Open Source Contributions

Project	Link
EVM Fuzzing Resources	Link
List of Public Fuzzing Campaigns	Link
Creator of Fuzzlib, a General Purpose Unopinionated Solidity Fuzzing Library	Link
Reproduction of the Rari Finance hack using on-chain fuzzing with Echidna	Link
Reproduction of the Curve Reentrancy hacks using on-chain fuzzing with Echidna	Link
Author of Echidna Exercise: Solve Damn Vulnerable DeFi - Side Entrance	Exercise, PR

Bug Bounties & Competitions

Description	Severity	Report	Platform	Protocol
Incorrect argument passed to Utils.characterToUnicodeBytes in Namespace.fuse	High	Report	Code4rena	Canto Identity
Calling OUSD.burn() on an address with zero balance causes the totalSupply to go down	Low	Report	Immunefi	Origin Protocol
Vault.redeem() fails with only non-rebasing credits in the protocol	Low	Report	Immunefi	Origin Protocol
Total supply can become larger than max supply	Low	Report	Immunefi	Origin Protocol
LiquidityTree.push() does not always update state correctly	Low	Report	Immunefi	Azuro
OUSD.burn() allows for destroying supply while balance remains	Low	Report	Immunefi	Origin Protocol

Get in Touch

I'm open to fuzzing engagements, security research, consulting, and general fuzzing-related questions. Feel free to reach out!

• X: @rappie_eth
• Discord: rappie
• Telegram: @rappenstein
• Cantina: Rappie