Felix Wilhelm
@_fel1x
Followers
11K
Following
3K
Media
23
Statuses
1K
Co-founder and CTO of @asymmetric_re
Joined November 2010
I’ve started a new security company together with @claudijd: Asymmetric Research (@asymmetric_re / https://t.co/ZGins25AIh ). If you are a strong security engineer or researcher interested in defending and breaking some of the biggest DeFI and Blockchain projects, we’d love to
asymmetric.re
Asymmetric Research is a boutique security venture focused on deep partnerships with L1/L2 blockchains and DeFi protocols in an effort to keep them safe.
8
11
108
We’re excited to announce a shared leadership structure with @asymmetric_re! Teams today face risks that span audits, research, engineering, and incident response, and clear coordination is important.
5
9
70
Asymmetric Research and @osec_io have established a shared leadership structure that aligns both teams while each continues to operate independently. Full details below.
5
12
48
Super proud of the team we've built over the last 2 years at @asymmetric_re. We are always hiring smart security engineers and researchers. If you're good at breaking Rust, Go, C, or Solidity code, we'd love to talk to you (no blockchain experience required).
5
9
75
$VICE AdvisorShares Vice ETF Invest in the things that people love. Learn more at https://t.co/cqouMWd0i8 Foreside Fund Services, LLC, Distributor.
3
6
68
Celebrating the launch of @doublezero's mainnet. A step toward improved performance, reduced latency, and a faster, more efficient Solana. Why it matters ↓
4
13
65
Bridges are hard. New blog post about an interesting loss-of-funds bug in @RelayProtocol
New post: @RelayProtocol’s contracts trusted Ed25519 verification without validating offsets, opening the door to forged allocator signatures and potential double-spends. @_fel1x details the bug, the risks it posed to cross-chain liquidity, and how the issue was addressed.
3
0
18
Take out a flash loan and never pay it back with this simple trick
Threat Contained: marginfi Flash Loan Vulnerability by @_fel1x A new instruction broke the flash loan logic, creating a way to borrow without repaying and putting $160M at risk. We explain the vulnerability, potential impact, and how it was fixed. Full post below ↓
3
5
56
Join us in the Dev Cave! Coffee, snacks, comfy seating, and a livestream of the main stage. Downstairs at @SolanaConf Accelerate ↓
0
3
20
New blog post: An Intro to Differential Fuzzing in Rust, by @nl_gripto & @anarcheuz. It walks through building a pure-Rust JSON fuzzer from scratch, then extending it into a differential fuzzing harness capable of surfacing consensus bugs. https://t.co/yrwtnxAozi
blog.asymmetric.re
In the year 2050, a malformed JSON input lead to the complete shutdown of the Replicant P2P network. Today, we'll reproduce this bug class in ~100 lines of code.
1
23
91
📣 PostgreSQL developers: Meet Azure HorizonDB the new AI-ready database service with native AI capabilities built in. For enterprise scale, security, and performance without compromise.
1
5
42
Congrats to our travel grant recipients! 🎟️ @daisygue_ and @J4X_Security are heading to NYC next week for @SolanaConf. Glad to support their journey and excited to see what they take away from Accelerate.
2
5
24
Today, I’m excited to share that @commonwarexyz is launching a continuous security program, partnering for validator operation, and deploying purpose-built infrastructure (@exowarexyz) with the world-class team at @asymmetric_re.
9
12
83
New blog post: Navigating Vulnerabilities in Solana CPIs, by @dooflin5. It breaks down how unchecked programs, signer privileges, and account handling pitfalls can lead to exploits—and how developers can design defensively. https://t.co/1RV6OglX58
blog.asymmetric.re
Cross-program invocation (CPI) is the mechanism on Solana through which one program calls another. It's used for system instruction calls, SPL token transfers, custom program execution, and even...
2
23
73
Adevar Labs is a new kind of audit firm: deeply focused, radically transparent, and built for high-stakes Solana projects. If you care about safety, trust, and getting it right before launch, keep reading 🧵
4
5
44
Take the Ferry to NYC. Kids Ride Free Thru Jan 4. All Terminals & Routes. Free Shuttles to Attractions. Watch Video. Click for Routes & Schedules.
0
4
28
Announcing AR’s Intern Program We’re launching an intern program that’s hands-on, high-impact, and fully remote. Looking for security research types who are curious, skilled, and ready to work on security challenges that matter ↓
21
19
148
We're actively hiring for a number of roles. Tackle complex security challenges with an integrity-driven team that values deep expertise and relentless curiosity. Details below, and please share with anyone who may be a good fit. ↓
3
11
65
Come work with me on cool stuff like this! job link in replies
Exciting to see that AR is currently the most profitable validator on Solana, based on fees collected!
2
4
16
Congrats to our friends at @doublezero on this raise and testnet beta launch! We're proud to be the first external entity (outside of core teams) on the network and looking forward to what's next for this talented team.
001/ We’re thrilled to announce that DoubleZero Foundation has completed a $28 million token round co-led by @MulticoinCap and @dragonfly_xyz, with participation from @FoundationCap, @recvcx, @dba_crypto, @borderless_cap, @Superscrypt, @_Frictionless_ and others to build a new,
4
5
47
"Dumpling" our JS engine differential fuzzing paper won the best paper award at #NDSSsymposium2025.
5
6
40
🔥💃 We’re now running Firedancer v0.3 on mainnet! Validators running Firedancer benefit from cutting-edge security, reliability, and performance, improving Solana's liveness and safety. https://t.co/etLaAPn2Rt Learn why delegating to AR’s validator supports Solana's future ⇣
1
16
65
I tried to hire @roberto_bayardo away from Google a few years ago. While we didn’t find a way to work together then, we did start a great technical dialogue that has continued since. When the time came to start @commonwarexyz, I knew exactly who to call. This time, I got him.
Good news everyone! I've joined @commonwarexyz, where I'll be implementing the best ideas in decentralized systems to power the next generation of application-forward blockchains. [1/n]
9
3
98