Ask the Expert: Xinyuan Sun

CertiK | Jul 22, 2021

Ask the Expert: Xinyuan Sun

The CertiK Team is truly international. With a team which reflects the decentralised nature of a blockchain itself, we’re able to achieve incredible results when it comes to innovation in the blockchain security space.

Not least because of people like Xinyuan, the latest team member in our Ask the Expert series.

Without further ado, take it away Xinyuan!

Q: Could you introduce yourself? How did you start your career?

My name is Xinyuan Sun, from Nanjing, China. I currently live in New York, USA. I joined CertiK a year ago. I have a dual degree in philosophy and computer science. After graduation, I became a CertiK R&D engineer. I am responsible for building a framework to expand the encryption audit solutions.

Q: Why did you want to become a research engineer?

When I majored in philosophy, I was interested in a semantic definition of “Truth”. This conception comes from The Semantic Conception of Truth, written by the Polish mathematician and logician Alfred Tarski in 1933. The definition is very interesting. Later I learned that the term “formal language” also exists in computer science.

Step by step, I developed a keen interest in computer science. Computers brought me as much exploration and thinking as philosophy, so I majored in computer science for my second degree.

Later, I accidentally learned that a new team, CertiK, was established. The founders were Professor Shao Zhong, the chair of the Department of Computer Science at Yale University, and Professor Ronghui Gu from the Department of Computer Science, Columbia University. They focus on operating systems, software security, and formalization. They are leading figures and experts in the formal verification field and boast scientific research capabilities, which make me really admire them.

So after graduation, I joined CertiK and officially became a research engineer!

Q: What is your daily work schedule?

I mainly devote myself to the development of CertiK's various products and projects. After coming to CertiK, I participated in the development of the DeepSEA compiler, alongside the writing and presentation of research papers.

In addition to the above research, I usually do some research related to DeFi attacks, DeFi financial model monitoring, and other security hypervisors. I also participate in the cooperation project between CertiK and Ant Financial. I will also develop some general science articles about DeFi financial models.

Q: What are some of your challenges and accomplishments?

The thing that gives me the greatest sense of accomplishment is that I have received an invitation to the 4th Ethereum Community Conference, EthCC 2021! As a CertiK R&D engineer, I will give a speech with the theme ‘Exploiting and Securing DeFi Projects with Formal Methods’ at 7:05AM Eastern Standard Time on July 22. EthCC is Europe’s largest annual Ethereum event focusing on technology and community.

As a large-scale conference centered on developers, it has attracted widespread attention from the global Ethereum and blockchain communities and gathered many people from the blockchain ecosystem. My talk aims to share information on the security and development of DeFi technology, as well as discuss how to use DeepSEA to find/prevent two classes of interesting hacks: flash-loan attacks & price oracle manipulation attacks.

This invitation gives me a great sense of accomplishment, and this speech is likely to leverage all of my work and research since I entered the computer industry.

Q: What do you do in your spare time?

Work at home, write some research papers, participate in some technical conferences, such as EthCC 2021. In addition, I usually like to go to the food truck to eat hummus. After all, there are not as many delicious foods abroad as those at home. This is a nearby delicacy that I like very much. And going to the food truck to buy things can save a lot of time for work and research.