Hacking for fun!

Weilin (William) Li
[Github] [Twitter] [Linkedin] [Google Scholar]
Email: hklst4r (at) gmail (dot) com
ustcliweilin (at) mail (dot) ustc (dot) edu (dot) cn
Last Update: Jan 2, 2024


I am a senior undergraduate student at University of Science and Technology of China (USTC). I major in Information Security with a GPA ranking of 3/69. I am also an incoming PhD student of University College London (UCL), supervised by Prof. Arthur Gervais. My id as a hacker is hklst4r.

My research interest lies on Blockchain, Decentralized Finance (DeFi) applications and their security. I have been a DeFi user since 2021, and also a leveraged yield farming lover. I am an active bug hunter in Web3, securing $10K+ in bounties.

I used to be a CTF player in Crypto and Misc. I was the team captain of NEBULA, which achieved an annual global ranking of 137th (top 0.33% globally) on CTFtime (Summer 2022-Summer 2023).





Selected Talks


Some Awards


  • 5th place in XCTF's international CTF competition SCTF.
  • Second prize of the 17th National College Student Information Security Contest, East-Northeastern Region
  • 2022

  • Silver Award in International Genetically Engineered Machine Competition.
  • 5th place in Tencent's international CTF competition TCTF/0CTF.
  • Second Prize in the 6th National "Strong Net Cup" Finals.
  • Bug Bounties

    I have submitted several bug reports for various projects. Below listed some of them that are released to public.

  • Tokenlon, flaw in token design leads to continous arbitrage opportunities.
  • Huckleberry Lending, interest-bearing token borrowing leads to drain of the market.
  • ...