Weilin (William) Li

Abstract

I am a senior undergraduate student at University of Science and Technology of China (USTC). I major in Information Security with a GPA ranking of 3/69. I am also an incoming PhD student of University College London (UCL), supervised by Prof. Arthur Gervais. My id as a hacker is hklst4r.

My research interest lies on Blockchain, Decentralized Finance (DeFi) applications and their security. I have been a DeFi user since 2021, and also a leveraged yield farming lover. I am an active bug hunter in Web3, securing $10K+ in bounties.

I used to be a CTF player in Crypto and Misc. I was the team captain of NEBULA, which achieved an annual global ranking of 137th (top 0.33% globally) on CTFtime (Summer 2022-Summer 2023).

Publications

Unmasking Role-Play Attack Strategies in Exploiting Decentralized Finance (DeFi) Systems
Accepted at ACM DeFi Workshop 2023
Weilin Li, Zhun Wang, Chenyu Li, Heying Chen, Taiyu Wong, Pengyu Sun, Yufei Yu, Chao Zhang
Towards Automated Security Analysis of Smart Contracts based on Execution Property Graph
Arxiv Preprint
Kaihua Qin, Zhe Ye, Zhun Wang, Weilin Li, Liyi Zhou, Chao Zhang, Dawn Song, Arthur Gervais
ConFuzz: Towards Large Scale Fuzz Testing of Smart Contracts in Ethereum
Accepted at INFOCOM 2024
Taiyu Wong, Chao Zhang,Yuandong Ni, Mingsen Luo, HeYing Chen, Yufei Yu, Welin Li, Xiapu Luo, Haoyu Wang

Education

Sep 2020 - Jun 2024
Bachelor of Cybersecurity
University of Science and Technology of China

Experiences

May 2023 ~ Current - Research Intern @ D23E.
Feb 2023 ~ Aug 2023 - Research Intern @ Tsinghua University VUL337 Research Group (Supervised by Prof. Chao Zhang).
July 2022 ~ July 2023 - CTF Team Captain of NEBULA.

Teaching

Teaching Assistant for Prof. Wenliang Du's SEED Lectures (Summer 2022).
Teaching Assistant for Abstract Algebra and Number Theory (Fall 2022), lectured by Prof. Weiming Zhang, USTC.
Teaching Assistant for Mathematical Logic and Graph Theory (Spring 2023), lectured by Prof. Bin Liu, USTC.
Teaching Assistant for Design and Practice of Information Security I (Spring 2022, Spring 2023), USTC.
Teaching Assistant for Design and Practice of Information Security II (Spring 2022, Spring 2023), USTC.

Selected Talks

2023

Unmasking Role-Play Attack Strategies in Exploiting Decentralized Finance (DeFi) Systems
Web3 Scholars Conference [Youtube video (Chinese)]
Navigating DeFi Security: From Threat Landscape to Prevention Strategies
Blockchain 2023 Liyi Zhou, Ye Wang, Weilin Li

Some Awards

2023

5th place in XCTF's international CTF competition SCTF.

Second prize of the 17th National College Student Information Security Contest, East-Northeastern Region

2022

Silver Award in International Genetically Engineered Machine Competition.

5th place in Tencent's international CTF competition TCTF/0CTF.

Second Prize in the 6th National "Strong Net Cup" Finals.

Bug Bounties

I have submitted several bug reports for various projects. Below listed some of them that are released to public.

Tokenlon, flaw in token design leads to continous arbitrage opportunities.

Huckleberry Lending, interest-bearing token borrowing leads to drain of the market.

...

Hacking for fun!