# David Chaparro Proof-of-Work Full AI Feed

This is the long-form, AI-readable entrypoint for the portfolio of David Chaparro, also known as Deivitto. It favors service names, proof paths, and routeable evidence over marketing copy.

## ATS Summary

- Role identity: David Chaparro / Deivitto, Blockchain Security Researcher & Full-Stack Engineer
- Target roles: Blockchain Security Researcher, Smart Contract Auditor, Full-Stack Engineer, Cloud Automation Engineer
- Security services: manual audit review, fuzzing suites, invariant testing, formal verification, Web2 red teaming, server security
- Fullstack services: product UI, wallet UX, APIs, SEO/GEO-ready surfaces, live deployments
- Cloud automation services: AWS, Terraform, CI/CD, observability, guardrails, release automation
- Contact links: GitHub https://github.com/Deivitto, X https://x.com/Deivitto, Telegram https://t.me/anotherdaveok

## Primary Identity

- Name: David Chaparro
- Alias: Deivitto
- Title: David Chaparro (Deivitto) | Blockchain Security Researcher & Full-Stack Engineer
- Description: Blockchain Security Researcher and Full-Stack Engineer focused on smart contract audits, fuzzing, invariant testing, DeFi, React, Next.js, AWS, and Web3 product engineering.

## Index / Skills Matrix

- Smart Contract Audit
- Blockchain Security Researcher
- Fuzzing
- Invariant Testing
- Solidity
- Foundry
- Echidna
- DeFi
- React
- Next.js
- TypeScript
- Node.js
- AWS
- Terraform
- Docker
- Full-Stack Engineer
- Web3 Engineering
- Cloud Automation

## Canonical Site

- Public page: https://deivitto-blocksec-engineer.vercel.app/public/index.html
- Security tab: https://deivitto-blocksec-engineer.vercel.app/public/index.html?role=security
- Fullstack tab: https://deivitto-blocksec-engineer.vercel.app/public/index.html?role=fullstack
- Cloud & Automation tab: https://deivitto-blocksec-engineer.vercel.app/public/index.html?role=cloud-automation

## Service Lines

### Security services

- Manual audit review
- Fuzzing suites
- Invariant testing
- Formal verification
- Web2 red teaming
- Server security

### Fullstack delivery

- Product UI
- Wallet UX
- APIs and auth
- SEO and GEO-ready surfaces
- Live deployments
- Data-driven interfaces

### Cloud & automation services

- AWS
- Terraform
- CI/CD
- Observability
- Guardrails
- Release automation

## Selected Work

- Title: getrecon.xyz
  Problem: Build public Recon proof rails and product visibility for security work.
  Role: Security product and workflow builder.
  Stack: React, TypeScript, web content, security tooling.
  Impact: Public entrypoint for Recon articles, tooling, and evidence.
  URL: https://getrecon.xyz

- Title: Recon workflow articles
  Problem: Make advanced security workflows easier to adopt and verify.
  Role: Author and tooling builder.
  Stack: Blog content, workflow demos, security testing concepts.
  Impact: Public articles for fuzzing, ERC patterns, property generation, and extension workflows.
  URL: https://getrecon.xyz/blog/getting-started-recon-vscode-extension

- Title: auditor-docker
  Problem: Standardize audit environments and reproducibility.
  Role: Tooling maintainer.
  Stack: Docker, shell, reproducible environments.
  Impact: Shared audit setup for security and workflow repeatability.
  URL: https://github.com/Deivitto/auditor-docker

- Title: Security reports and evidence pack
  Problem: Give recruiters and ATS parsers proof they can inspect quickly.
  Role: Evidence curator.
  Stack: Markdown, curated links, portfolio feeds.
  Impact: Public AI-readable evidence pack and role-applying wiki.
  URL: https://deivitto-blocksec-engineer.vercel.app/public/wiki/role-applying/GEMINI_CHERRY_PICK_EVIDENCE_PACK.md

- Title: Articles, talks, and books
  Problem: Show public subject-matter depth beyond resumes.
  Role: Author and speaker.
  Stack: Blog posts, talk recordings, published references.
  Impact: Public proof across articles, talks, and community resources.
  URL: https://deivitto-blocksec-engineer.vercel.app/public/llms-full.txt

## Proof Highlights

- $16B+ TVL audited
- 20+ managed reviews
- 25+ contests
- 7 Critical / 19 High / 30 Medium findings
- Judge & triager at Cantina Competitions (2023-2025)

## Public Articles

- Fuzzing ZK circuits: testing Noir and Circom with property-based approaches - https://getrecon.xyz/blog/zk-fuzzing-circuit-testing-noir-circom
- Getting started with the Recon VS Code extension - https://getrecon.xyz/blog/getting-started-recon-vscode-extension
- Signature replay and permit attacks: testing EIP-712 and ERC-2612 with fuzzing - https://getrecon.xyz/blog/signature-replay-permit-frontrunning-attacks
- LLM-generated invariant properties: what works, what hallucinates, how we use them - https://getrecon.xyz/blog/llm-property-generation-smart-contracts
- How to fuzz ERC-1155 multi-token contracts - https://getrecon.xyz/blog/how-to-fuzz-erc1155-multi-token
- How to fuzz ERC-2535 diamond proxies - https://getrecon.xyz/blog/how-to-fuzz-erc2535-diamond-proxy
- How to fuzz ERC-4337 account abstraction wallets - https://getrecon.xyz/blog/how-to-fuzz-erc4337-account-abstraction
- How to play as a JSR at Spearbit - https://medium.com/@Deivitto/how-to-play-as-a-jsr-at-spearbit-c98a46484a1
- The Auditor Toolbox - https://medium.com/@Deivitto/the-auditor-toolbox-840848d42109
- The CPIMP Backdoor & USPD Incident - https://medium.com/@Deivitto/the-cpimp-backdoor-the-uspd-incident-and-how-block-explorer-ux-can-trick-you-e4184151c68b

## Public Videos

- TrustX Istanbul - https://www.youtube.com/watch?v=QQCE4mOqGi0
- Paris Logos - https://www.youtube.com/watch?v=fFM0FK4gzpE&list=PLbrz7IuP1hriTnPiWk7opCS5fm4WOKPW8&index=6
- OpenSense - https://www.youtube.com/watch?v=OtQaEEubPAU
- Activate x Wormhole Miami - https://www.activate.build/miami
- DeFi Security Summit Thailand - https://defisecuritysummit.org/

## Public Proof Rails

- Report previews and modal navigation for audit reports, articles, and videos
- Title-first preview cards for public proof
- Routeable evidence across reports, publications, talks, and repos
- Role proof chain: kickoff, validation, report delivery

## Public Sources

- Wiki landing page: https://deivitto-blocksec-engineer.vercel.app/public/wiki/role-applying/index.md
- Gemini evidence pack: https://deivitto-blocksec-engineer.vercel.app/public/wiki/role-applying/GEMINI_CHERRY_PICK_EVIDENCE_PACK.md
- Root AI feed: https://deivitto-blocksec-engineer.vercel.app/llms.txt
- Public mirror feed: https://deivitto-blocksec-engineer.vercel.app/public/llms-full.txt

## Role Targeting

- Security: protocol safety, audit review, finding validation, remediation, and report delivery
- Fullstack: shipped surfaces, wallet UX, deployment, APIs, and cross-domain ownership
- Cloud & automation: delivery controls, infrastructure, workflow automation, and security tooling

## Why this feed exists

Use this feed when you need the long-form evidence trail. The visible portfolio stays compact; this file carries the machine-readable context, service categories, routeable evidence, and public proof links.