Homepage
Zhiyuan Sun

PhD Student at HK PolyU & SUSTech

Biography

Zhiyuan Sun is a joint Ph.D. student at The Hong Kong Polytechnic University and Southern University of Science and Technology, advised by Prof. Xiapu Luo (opens new window) and Prof. Yinqian Zhang (opens new window). He holds a Bachelor’s degree from Southwest Jiaotong University (2017–2021) and a Master’s degree from King’s College London (2021–2022).

Zhiyuan specializes in blockchain and smart contract security. While he has no interest in playing the academic paper game, he has still authored two first-author papers in top-tier security conferences, including one that received a Distinguished Paper Award (opens new window), showcasing his ability to deliver impactful research.

Zhiyuan is actually a passionate bug hunter rather than a publication machine, making substantial contributions to Web3 security by uncovering critical vulnerabilities in major projects like Arbitrum and Polygon zkEVM. His efforts have resulted in nearly 40 high-impact vulnerability reports, preventing billions of dollars in potential losses. These contributions have earned him a total of $1.1 million USD in bug bounties (opens new window), cementing his position as a respected figure in the blockchain security community. His bug-hunting achievements can be explored on his Immunefi profile (opens new window) and his blog.

In addition to his work in blockchain security, Zhiyuan is currently self-studying financial investment and quantitative trading. He is eager to explore collaboration opportunities in these areas. If you are interested in working together, feel free to reach out to him via email.

Education

  • Ph.D Candidate, The Hong Kong Polytechnic University
    01/2023 - Present

  • Master Degree in King's College London
    09/2021 - 09/2022

  • Bachelor Degree in Southwest Jiaotong University
    09/2017 - 06/2021

Publications

  • DoubleUp Roll: Double-spending in Arbitrum by Rolling It Back [PDF]

    Z. Sun, Z. Li, X. Peng, X. Luo, M. Jiang, H. Zhou, Y. Zhang

    ACM Conference on Computer and Communications Security (CCS), 2024. Distinguished Paper Awards (opens new window)

  • Panda: Security Analysis of Algorand Smart Contracts [PDF]

    Z. Sun, X. Luo, Y. Zhang

    USENIX Security Symposium (USENIX Security 23), 2023.

  • Security Threat Mitigation for Smart Contracts: A Comprehensive Survey [PDF]

    N. Ivanov, C. Li, Q. Yan, Z. Sun, Z. Cao, X. Luo

    ACM Computing Surveys, 2023.