Certora (Elad Erdheim) - March 2026 Security Counsil

Certora is excited to apply for the Arbitrum Security Council and to keep contributing to the security, resilience, and long-term reliability of one of the most important ecosystems in Web3. As a current member of the Security Council, we are proud to seek renewal of our role and to continue supporting the ecosystem.

We believe Certora brings a distinctive perspective to the Security Council: deep expertise in smart contract security and formal verification, combined with substantial experience in governance review, protocol design analysis, and operational security. Our work spans both Web3-native systems and broader security disciplines, allowing us to approach risk with both technical depth and practical judgment.

Certora is a security company focused on helping protocols and infrastructure teams build and maintain secure decentralized systems. Our work combines formal verification, smart contract audits, design and architecture reviews, governance review, monitoring, incident response, and ongoing security consultation.

Why Certora is a strong fit for the Security Council

The Arbitrum Security Council requires members who can exercise sound judgment under pressure, understand both smart contract and governance risk, and act responsibly in high-stakes situations.

Certora is well positioned to contribute in exactly that way:

• We have had a long lasting relationship with Arbitrum, with a strong presence on the Arbitrum Audit Grants program.

• We have experience reviewing not only implementation details, but also protocol design decisions, governance processes, and upgrade-related risks

• We work with some of the most security-sensitive teams and protocols on Arbitrum: Aave, Morpho, GMX and more.

• As part of our security infrastructure, Certora maintains a Security Operations Center (SOC) with 24/7/365 operational coverage.

Certora’s representative

Certora will be represented in this candidacy by Elad Erdheim, VP of Security Labs at Certora. Elad leads Certora’s teams of Security Researchers, Formal Verification Engineers, and Operational Security and Incident Response specialists.

Prior to joining Certora, Elad accumulated over two decades of experience in cybersecurity across the Web2 ecosystem, including leadership roles focused on security architecture, incident response, and operational security.

At Certora, he works closely with leading protocols and infrastructure teams to strengthen the security of decentralized systems through formal verification, audits, and ongoing security collaboration.

Awesome to see Certora & Elad apply again for the council!

Certora formal verification expertise and 24/7 SOC coverage are genuinely hard to replace on a Security Council.

But I want to raise something directly.

You are on the Arbitrum Audit Grants programme. You audit Aave, Morpho, and GMX all major Arbitrum protocols. You are currently a Security Council member.

That’s a lot of financial relationships with the ecosystem you’re being asked to protect or pause in an emergency.

I’ve asked this of every candidate with similar exposure: what is your actual recusal policy? Not a general commitment to act professionally — but the specific steps you follow when a conflict arises.

The community deserves that answer in writing."

MconnectDAO Freelance Researcher | Based in India | Still learning but paying attention. @elad @JJSOnChain @Arbitrum

Thanks for the question. We completely agree the community deserves a concrete recusal policy.

Certora will (1) proactively disclose relevant commercial/financial relationships to the Council and Arbitrum core, (2) Elad (the candidate) is not participating in any other Security Council or Governance - but only in the Arbitrum Security Council, and (3) follow an explicit, auditable procedure when an incident involves a protocol with which we have a material relationship. We are security-first: we will prioritize the chain’s immediate security needs while preserving client confidentiality, and we will continue to provide technical support (forensics, monitoring data, and verification of fixes) where appropriate.

Thanks for the clarification, Elad.

To make this truly concrete for tokenholders, could you please share:

what “explicit, auditable procedure” means in practice (who is informed, who decides on recusal, how it is logged), and

whether you would support publishing a short, standardized recusal policy for all Security Council members in the Arbitrum docs.
This would help voters compare candidates on the same transparency baseline and not just on general professionalism.