CTO / Security Lead — Co-Founder

full time
Salary not disclosed

BYTE Protocol

BYTE Protocol is the per-byte data settlement layer for the agentic economy, built on Arbitrum. Publishers stake PPB tokens, broadcast data feeds, and earn USDC per KB. AI agents pay per kilobyte via MCP or x402. Quality is enforced entirely on-chain through a Proof-of-Quality Score (PQS) — computed from disputes, retention, and freshness — with progressive slashing for bad actors (5%→10%→25%+suspension→100%+ban) and up to 70% take rate for top-tier publishers.

No arbitration committee. No trusted intermediary. The protocol enforces it.

BYTEDev Inc. is the Delaware C-Corp behind the protocol. We are pre-mainnet and pre-funding, with 20 contracts live on Arbitrum Sepolia, 533 tests passing, and agents already settling on testnet.

The Role

The protocol is built. What comes next is the hardest part: getting it to mainnet safely.

This is a co-founder role. You will own the path from working testnet to audited, production-grade protocol — leading the external security audit, hardening the contracts, and shaping the technical roadmap from here forward. You'll work directly with the founder, have real ownership in the company, and be the technical voice to auditors, investors, and the builder community.

What You'll Own

  • Lead the external security audit end-to-end — firm selection (Trail of Bits, OpenZeppelin, Spearbit, or your recommendation), scope definition, remediation, and sign-off
  • Identify and close attack vectors the existing test suite doesn't cover — reentrancy, flash loan manipulation, MEV, oracle gaming, access control edge cases
  • Architect v0.6+ contracts alongside the founder — commit-reveal PQS, validator tiering, governance activation
  • Design and maintain a robust security architecture across the full stack: on-chain contracts, Rust indexer, TypeScript agent tooling, and x402 gateway
  • Drive strategic IT and infrastructure decisions as the protocol scales toward mainnet and beyond
  • Oversee technical execution, manage high-stakes timelines, and contribute to the protocol's long-term roadmap from both a technical and business perspective

What's Already Built

You are not walking into a whitepaper. You are walking into a working protocol:

  • 20 Solidity contracts: PPBToken, DataStream, ReputationEngine (v0.5), PQSVerifier, OracleConsensus, ValidatorRegistry, ArbitrationController, DividendPool, BurnEngine, and more
  • Rust indexer + libp2p relay network, fully synced on Arbitrum Sepolia
  • TypeScript autonomous validator agent (open-source, live on npm)
  • MCP server — byte-mcp-server@0.3.0, 13 tools, agent-native
  • x402 payment gateway
  • Next.js marketplace UI (Mercat)
  • Pre-audit baseline: Slither clean, Mythril clean across 8 core contracts

Qualifications

Required:

  • Deep Solidity security expertise — you have found bugs in production contracts, not just written them
  • Hands-on experience coordinating or participating in formal smart contract audits
  • Strong software architecture fundamentals — able to design and scale complex, distributed systems
  • Proficiency in blockchain-specific security: EVM attack vectors, economic exploits, cross-contract risk
  • Experience with Ethereum or Layer 2 solutions, ideally Arbitrum
  • Comfortable reading and writing Rust and TypeScript — the off-chain stack is not optional here
  • Strong project management instincts — you can own a timeline, identify risk early, and ship under pressure
  • Excellent critical thinking and communication skills — you'll be the technical voice to auditors, investors, and external partners

Strongly preferred:

  • Prior experience at a security firm (Trail of Bits, Spearbit, Code4rena, Sherlock) or a DeFi protocol that shipped to mainnet
  • Opinions on mechanism design — slashing schedules, commit-reveal schemes, stake economics
  • Familiarity with web3, agent-driven ecosystems, or AI infrastructure
  • Background in Computer Science, Engineering, or equivalent technical field

Why Now

The x402 Foundation (Coinbase, Cloudflare, Google, Visa, Anthropic, Vercel) standardized agent payment rails in 2025. MCP is the universal agent tool interface. BYTE was designed for both from day one. The market is forming now — the window for the first-mover data marketplace is open and won't stay open.

The audit is the gate. Mainnet is the unlock. This role exists to get us through it.

Compensation

Equity-first co-founder role. Comp details are discussed directly and honestly — structure depends on funding stage and what you need. If you need a salary to operate, we will have that conversation openly.

To Apply

DM Mark Zhurbin on LinkedIn or X (@NotMarkZ) with two things: what you've audited or broken, and why this problem is worth your time. No cover letter needed.

When applying, mention the word CANDYSHOP to show you read the job post completely.

About BYTE

BYTE logo
BYTE

Join our team and be part of something great. We're always looking for talented individuals to help us grow and succeed.

See All Jobs
BYTE logoBYTE
miami, united-states
onsite/hybrid in miami united-states
soliditysmart-contractssecurityweb3blockchainrusttypescriptlayer2ethereumcrypto
Apply Now