Josef Gattermayer - Security Council candidate Mar 2026

GM Arbitrum community,

new election, so here I go again!

I’m Josef Gattermayer, CEO of Ackee Blockchain Security. I’m applying for the Arbitrum Security Council.

About me:

• Founded Ackee Blockchain Security in 2021
• Currently serve on Lido’s Dual Governance Emergency Committee
• Professor at CTU Prague (Ph.D. in Distributed Systems)
• Fully doxxed, based in Prague, Czech Republic

Security work:

I lead Ackee Blockchain Security where I’ve personally supervised 100+ audits. Our team has audited 200+ protocols and found 102 critical vulnerabilities, securing over $180B in TVL including Lido ($39B), AAVE ($42B), and Safe ($100B+). We’re whitelisted in the Arbitrum Audit Programme and as OP Superchain providers.

Selected audit reports I supervised:

• Lido CSM
• Safe Smart Account
• Aave Umbrella

Emergency governance experience:

I serve on Lido’s Dual Governance Emergency Committee during the protected deployment phase (first year post-launch), with the Community Staking Module in scope - a component we audited at Ackee. The committee can trigger emergency mode to block governance execution or perform emergency resets when critical vulnerabilities threaten the protocol. I understand how emergency governance works when billions are on the line.

Open source contributions:

Good auditors audit, the best auditors create tools for others (that’s my quote). Wake Framework started as a master’s thesis at CTU under my supervision, evolving into the industry-leading Python framework for Solidity security researchers.

• Wake Framework - Python-based Solidity development/testing/fuzzing (Coinbase grant)
• Solidity (Wake) VS Code extension - 40k+ downloads (Optimism grant)
• Trident - Rust-based fuzzer for Solana (Solana Foundation grant)

Selected talks:

• Fuzzing vs Formal Verification panel @ Web3 Security Summit Belgrade 2024
• Wake Framework @ SecureFi Brussels 2024
• Advanced Fuzz Testing using the Wake Framework @ TUM Blockchain Conference 2024

Educational leadership:

• Blockchain course at CTU: Training next-gen security researchers
• IEEE research: Enhancing Smart Contract Security through Static Code Analysis
• School of Solana: Trained 2500+ developers (Solana Foundation grant as Educational Partner)

Why I’m applying:

I’ve been securing protocols since 2021. Now I want to help protect Arbitrum itself - not just the projects building on it.

We’re already securing your ecosystem through our whitelisted audit work. Time to double down and protect the core infrastructure.

Ready to bring my experience to Arbitrum.

Links:

• Website: https://ackee.xyz
• X/Twitter: https://x.com/josefgattermayer
• LinkedIn: Josef Gattermayer - Ackee Blockchain | LinkedIn
• GitHub: Ackee Blockchain · GitHub

LFG. Happy to answer any questions.

Josef

Subject: Question regarding Economic Logic & Liquidity Deadlocks

​GM Josef,

​Impressive track record with Ackee and your work on the Lido Emergency Committee. As the Arbitrum ecosystem expands, we are seeing more complex ‘Logic Collisions’ between nested protocols.

​I have a specific question regarding the Security Council’s role in Economic Risk Mitigation:

​Many audits focus on smart contract vulnerabilities (code bugs), but we are seeing a rise in ‘Economic Deadlocks’ or ‘Whale Choke’ scenarios—where highly leveraged entities can cause a mathematical deadlock in liquidation engines during extreme volatility, freezing vault states and threatening the peg of associated assets.

​As a member of the Security Council, how would you approach an emergency reset or intervention if the threat isn’t a ‘hack’ in the code, but a systemic logic failure in a major protocol’s liquidation mechanics that puts Arbitrum’s systemic liquidity at risk?

​Specifically, do you believe the Council should have pre-defined ‘Circuit Breaker’ parameters for such economic logic failures?

​Looking forward to your perspective.

​Eklavya (Independent Risk Researcher)