Lead Blockchain Security Developer (Canton)
About the role
The Secure Development team is seeking a talented and experienced individual to join our groundbreaking 24-month, multi-million-dollar commitment to build the open-source DeFi foundations of the world's most institutional blockchain. You will deliver production-ready Reference Implementations, the OpenZeppelin Contracts Library for Daml, and Canton standards implementation.
Responsibilities
Own the development of the OpenZeppelin Contracts Library for Daml end-to-end: vaults, hooks, RBAC, credentials, messaging gateway, accounts, and more.
Lead the technical design and implementation of the year-1 Reference Implementations: privacy-preserving DEX, lending protocol, cross-chain stablecoin settlement, and confidential auction launchpad.
Implement and shepherd the OZ Daml versions of CIP-56, CIP-86, CIP-103, and CIP-104.
Coordinate with Digital Asset on spec evolution and with ChainSafe on middleware alignment.
Run client-facing roadmap, design, and milestone discussions with Digital Asset, the Canton Foundation, and ChainSafe.
Collaborate with OpenZeppelin's auditors and security researchers on threat models, audit prep, and full-stack reviews for every Reference Implementation.
Use AI systems as core daily tools. Extend them: build agents, skills, and workflows that compound the team's leverage on the Canton engagement and beyond, including in security practices.
Contribute developer-experience and security feedback upstream into the Canton protocol, Splice, the Daml SDK, and the Splice Wallet Kernel.
Conduct open-ended research around privacy-preserving DeFi, multi-party authorization patterns, and Canton-specific primitives; you'll have time to publish and contribute back to OpenZeppelin's body of knowledge.
Requirements
Production Daml fluency. Understanding templates, choices, controllers/observers/signatories, multi-party authorization, sub-transaction views, and propose/accept patterns as first-class primitives.
Running an SV, contributing to Splice internals, governance, or Canton Coin tokenomics.
3+ years of experience in UTXO-based protocol development (Canton, Cardano, Midnight, Zcash, Aleo, Mina, or similar).
3+ years of experience on DeFi engineering in production. AMMs, vaults (ERC-4626 or equivalent), lending protocols, cross-chain settlement.
A security-first mindset. Non-negotiable.
Demonstrable experience either auditing, breaking, or hardening production systems — published threat models, audit reports, responsible disclosures, or equivalent output.
Library / SDK API design taste. Building reusable, import-first developer libraries, not just applications.
An AI-native workflow. Claude Code, Cursor, or equivalent is your daily driver. Measurable productivity gains to show for it and clear opinions on how to use these tools well.
Shipped at least one non-trivial AI-powered tool, agent, or automation pipeline in production using the Anthropic SDK, MCP, custom evals, or comparable.
Cross-chain interoperability exposure. Production work with at least one major cross-chain messaging protocol (Chainlink CCIP, LayerZero, Wormhole, Axelar, or similar).
Institutional / compliance design fluency: Design with credential gates, multi-party attestation, custody flows, and compliance hooks as native constraints.
Qualifications
Location: OpenZeppelin is a fully remote organization, however candidates for this position must be located within UTC-8 to UTC+3 time zones to be considered.
Skills
Production Daml fluency.
Understanding templates, choices, controllers/observers/signatories, multi-party authorization, sub-transaction views, and propose/accept patterns as first-class primitives.
Running an SV, contributing to Splice internals, governance, or Canton Coin tokenomics.
3+ years of experience in UTXO-based protocol development (Canton, Cardano, Midnight, Zcash, Aleo, Mina, or similar).
3+ years of experience on DeFi engineering in production. AMMs, vaults (ERC-4626 or equivalent), lending protocols, cross-chain settlement.
A security-first mindset. Non-negotiable.
Demonstrable experience either auditing, breaking, or hardening production systems — published threat models, audit reports, responsible disclosures, or equivalent output.
Library / SDK API design taste. Building reusable, import-first developer libraries, not just applications.
An AI-native workflow. Claude Code, Cursor, or equivalent is your daily driver. Measurable productivity gains to show for it and clear opinions on how to use these tools well.
Shipped at least one non-trivial AI-powered tool, agent, or automation pipeline in production using the Anthropic SDK, MCP, custom evals, or comparable.
Cross-chain interoperability exposure. Production work with at least one major cross-chain messaging protocol (Chainlink CCIP, LayerZero, Wormhole, Axelar, or similar).
Institutional / compliance design fluency: Design with credential gates, multi-party attestation, custody flows, and compliance hooks as native constraints.
Benefits
Company in-person gatherings in different locations around the world
Flexible time off
Paid parental leave
One time work-from-home equipment stipend of up to $500 USD
Medical insurance coverage
Learning & Development opportunities
Work with a global team in a fast-growing industry