Senior Blockchain Security Developer (Canton)

The Secure Development team OpenZeppelin is the security partner of choice for the most important protocols in Web3. Our Secure Development team sits at the intersection of building and breaking: we design, implement, and harden production-grade libraries and smart contracts for leading projects across EVM, Starknet, Stellar/Soroban, Arbitrum Stylus, Aptos, and beyond, often as an embedded extension of the clients engineering team. We work the way the rest of the industry will five years from now. Every developer on the team is a fully AI-native engineer, supported by outstanding internal AI tooling built for every phase of secure development. Developers own their workstreams end-to-end agents amplify their effectiveness, and peers, security researchers, and external auditors provide rigorous review on every piece of work that ships. This role joins us at the start of a 24-month, multi-million-dollar commitment to build the open-source DeFi foundations of the worlds most institutional blockchain, approved by the Canton Foundation. The scope: - **8 production-ready Reference Implementations** . Privacy-preserving DEX, lending protocol, cross-chain stablecoin settlement, confidential auction launchpad, and four more defined in year two. End-to-end blueprints that other teams will fork. - **The OpenZeppelin Contracts Library for Daml** . The audited foundation Canton developers will import vaults, hooks, RBAC, credentials, modular multi-sig accounts, standardized messaging gateway, DeFi math, staking, vesting, auctions, more. The same role our Solidity library plays today, on Canton. - **Canton standards implementation** . Audited Daml implementations of CIP-56 (Token Standard), CIP-86 (ERC-20 Compatible Interface), CIP-103 (dApp Standard), and CIP-104 (Traffic-Based App Rewards) designed to interoperate cleanly with the broader Splice ecosystem and with ChainSafes CIP-86 middleware. - **55 researcher-weeks of dedicated security capacity** . Smart-contract audits, full-stack reviews, pen tests amplified by OpenZeppelins AI security agent in the workflow. Every release ships with a published audit report. - **AI-native developer experience for a new ecosystem** . Contracts Wizard, UI Builder, MCP Server, Claude Plugin, AI Skills all built for Canton, all AI-native end-to-end. Youll help define how AI-native engineering looks on a non-EVM stack. Youll work alongside Digital Asset, the Canton Foundation, and ChainSafe. The deliverables become the standard others build on. The work is public; the impact is measurable; the partners are the institutions reshaping how capital moves. Canton is your first focus, but youll keep contributing across the broader Secure Development portfolio as the work demands. Within this, you will: - Own the development of the OpenZeppelin Contracts Library for Daml end-to-end: vaults, hooks, RBAC, credentials, messaging gateway, accounts, and more. The audited primitives Canton developers will import. - Lead the technical design and implementation of the year-1 Reference Implementations: privacy-preserving DEX, lending protocol, cross-chain stablecoin settlement, and confidential auction launchpad. - Implement and shepherd the OZ Daml versions of CIP-56, CIP-86, CIP-103, and CIP-104. Coordinate with Digital Asset on spec evolution and with ChainSafe on middleware alignment. - Run client-facing roadmap, design, and milestone discussions with Digital Asset, the Canton Foundation, and ChainSafe. - Collaborate with OpenZeppelins auditors and security researchers on threat models, audit prep, and full-stack reviews for every Reference Implementation. - Use AI systems as core daily tools. Extend them: build agents, skills, and workflows that compound the teams leverage on the Canton engagement and beyond. - Apply AI directly to security work and share what works back to the team: audit assistance, invariant generation, spec analysis, fuzzing harnesses, custom evals - Contribute developer-experience and security feedback upstream into the Canton protocol, Splice, the Daml SDK, and the Splice Wallet Kernel. - Conduct open-ended research around privacy-preserving DeFi, multi-party authorization patterns, and Canton-specific primitives; youll have time to publish and contribute back to OpenZeppelins body of knowledge. Location OpenZeppelin is a fully remote organization, however candidates for this position must be located within UTC-8 to UTC+3 time zones to be considered. You have - **Production Daml fluency** . You have shipped non-trivial Daml in production. You understand templates, choices, controllers / observers / signatories , multi-party authorization, sub-transaction views, and propose/accept patterns as first-class primitives. Running an SV, contributing to Splice internals, governance, or Canton Coin tokenomics. - **3+ years of experience in UTXO-based protocol development** . You can reason about Cantons privacy boundaries the way an EVM developer reasons about storage slots. Prior production work in a privacy-preserving or UTXO-based architecture (Canton, Cardano, Midnight, Zcash, Aleo, Mina, or similar) is expected. - **3+ years of experience on DeFi engineering in production** . you have shipped non-trivial DeFi primitives in production: AMMs, vaults (ERC-4626 or equivalent), lending protocols, cross-chain settlement. You understand the security pitfalls of each. - **A security-first mindset** . this is non-negotiable. You think adversarially about every line of code you write, and you have demonstrable experience either auditing, breaking, or hardening production systems published threat models, audit reports, responsible disclosures, or equivalent output. - **Library / SDK API design taste** . Youve built reusable, import-first developer libraries, not just applications. You have opinions on extensibility patterns (hooks, modular components, override points) and on what makes an audited primitive pleasant to consume. - **Cross-chain interoperability exposure** . Production work with at least one major cross-chain messaging protocol (Chainlink CCIP, LayerZero, Wormhole, Axelar, or similar). - Institutional / compliance design fluency: You can design with credential gates, multi-party attestation, custody flows, and compliance hooks as native constraints. - **An AI-native workflow** . Claude Code, Cursor, or equivalent is your daily driver Disclaimer: This job posting has been aggregated from external source. Role details, content, and availability are subject to change. Applicants are advised to confirm the latest information directly on the company website before applying.