CTO Security Lead — CoFounder

BYTE Protocol is the per-byte data settlement layer for the agentic economy, builton Arbitrum. Publishers stake PPB tokens, broadcast data feeds, and earn USDC perKB. AI agents pay per kilobyte via MCP or x402. Quality is enforced entirelyon-chain through a Proof-of-Quality Score (PQS) — computed from disputes,retention, and freshness — with progressive slashing for bad actors(5%→10%→25%+suspension→100%+ban) and up to 70% take rate for top-tier publishers.No arbitration committee. No trusted intermediary. The protocol enforces it.BYTEDev Inc. is the Delaware C-Corp behind the protocol. We are pre-mainnet andpre-funding, with 20 contracts live on Arbitrum Sepolia, 533 tests passing, andagents already settling on testnet.---The RoleThe protocol is built. What comes next is the hardest part: getting it to mainnetsafely.This is a co-founder role. You will own the path from working testnet to audited,production-grade protocol — leading the external security audit, hardening thecontracts, and shaping the technical roadmap from here forward. You'll workdirectly with the founder, have real ownership in the company, and be the technicalvoice to auditors, investors, and the builder community.---What You'll Own- Lead the external security audit end-to-end — firm selection (Trail of Bits,OpenZeppelin, Spearbit, or your recommendation), scope definition, remediation, andsign-off- Identify and close attack vectors the existing test suite doesn't cover —reentrancy, flash loan manipulation, MEV, oracle gaming, access control edge cases- Architect v0.6+ contracts alongside the founder — commit-reveal PQS, validatortiering, governance activation- Design and maintain a robust security architecture across the full stack:on-chain contracts, Rust indexer, TypeScript agent tooling, and x402 gateway- Drive strategic IT and infrastructure decisions as the protocol scales towardmainnet and beyond- Oversee technical execution, manage high-stakes timelines, and contribute to theprotocol's long-term roadmap from both a technical and business perspective---What's Already BuiltYou are not walking into a whitepaper. You are walking into a working protocol:- 20 Solidity contracts: PPBToken, DataStream, ReputationEngine (v0.5),PQSVerifier, OracleConsensus, ValidatorRegistry, ArbitrationController,DividendPool, BurnEngine, and more- Rust indexer + libp2p relay network, fully synced on Arbitrum Sepolia- TypeScript autonomous validator agent (open-source, live on npm)- MCP server — byte-mcp-server@0.3.0, 13 tools, agent-native- x402 payment gateway- Next.js marketplace UI (Mercat)- Pre-audit baseline: Slither clean, Mythril clean across 8 core contracts---QualificationsRequired:- Deep Solidity security expertise — you have found bugs in production contracts,not just written them- Hands-on experience coordinating or participating in formal smart contract audits- Strong software architecture fundamentals — able to design and scale complex,distributed systems- Proficiency in blockchain-specific security: EVM attack vectors, economicexploits, cross-contract risk- Experience with Ethereum or Layer 2 solutions, ideally Arbitrum- Comfortable reading and writing Rust and TypeScript — the off-chain stack is notoptional here- Strong project management instincts — you can own a timeline, identify riskearly, and ship under pressure- Excellent critical thinking and communication skills — you'll be the technicalvoice to auditors, investors, and external partnersStrongly preferred:- Prior experience at a security firm (Trail of Bits, Spearbit, Code4rena,Sherlock) or a DeFi protocol that shipped to mainnet- Opinions on mechanism design — slashing schedules, commit-reveal schemes, stakeeconomics- Familiarity with web3, agent-driven ecosystems, or AI infrastructure- Background in Computer Science, Engineering, or equivalent technical field---Why NowThe x402 Foundation (Coinbase, Cloudflare, Google, Visa, Anthropic, Vercel)standardized agent payment rails in 2025. MCP is the uni...