Aleksandar

Security Researcher & Engineer

Hi! I'm a security engineer at Informal Systems who loves building things that actually work — and stay secure while doing it.

I spend my days working with Go, Rust, and Solidity, helping teams audit smart contracts and strengthen blockchain protocols. Much of my work happens in the Cosmos and Ethereum ecosystems, where I hunt for vulnerabilities, write formal specifications, and think deeply about how protocols should be designed.

I have worked with many of our partners including Neutron, dYdX, Stride and clients such as Apex and Left Curve, and more, performing audits as well writing formal specifications and performing model-based testing on their protocols. Public audit reports I've worked on can be found under Informal Systems' GitHub organization.

When I'm not breaking things (intentionally), you'll find me building internal tools and learning cool new stuff. Whether it's a Rust consensus engine, a Solidity smart contract, or diving into formal methods, I'm driven by one goal: creating secure-by-design systems that can scale across chains.

My journey into blockchain started during my Master's in High Performance Computing at the Faculty of Technical Sciences, University of Novi Sad, where I developed a blockchain-based distributed system for grading assignments. Before diving full-time into security engineering, I spent a couple of years teaching Computer Architecture and Compilers at my alma mater — mentoring students through systems programming and compiler construction.

I believe the best security comes from understanding systems inside and out — and I love sharing what I learn along the way.

Projects

Construstor· 2025

A tool for analyzing Solidity smart contracts to detect zero address validation patterns in constructors and initialize functions.

RustSoliditySecurity

OpenRev· 2023

Distributed system for for managing and grading student works. Implemented using Hyperledger Fabric, deployed on bare-metal cluster with K8.

GolangHyperledger FabricKubernetes
View all projects on GitHub →

Recent Writing

Case Study: Formalizing Grug's Jellyfish Merkle Tree with QuintFeaturedInformal Systems

·8 min read·
Security,Rust,Data Structures,Merkle Trees

Case study written with my colleagues Gabriela Moreira and Josef Widder for Informal Systems. A technical exploration of formally specifying the Jellyfish Merkle Tree data structure using Quint. We break down the space-efficient sparse Merkle tree implementation originally designed for Left Curve's Grug, translating its complex operations into formal specifications for better understanding and verification.

Case Study: Using Model-Based Testing with Quint to Secure Neutron's Liquidity Pool MigrationFeaturedInformal Systems

·12 min read·
Security,Rust,Formal Methods,Model-based Testing,Quint

Case study written with my colleague Ivan Gavran for Informal Systems. How we used formal specification and model-based testing to verify the correctness of a critical liquidity pool migration for Neutron, the first consumer chain on Cosmos Hub. A deep dive into applying Quint for protocol verification in production systems.

View all posts →

Contact

I'm always interested in discussing tech, interesting projects, or just connecting with fellow developers.

FarcasterXGithub