Founder @Bermudabayzk | Strategy Director of @SecurityOak | Macro-Finance (PhD) | Regulation | Crypto | before @ecb, @DIW_Berlin
Joined April 2017
- Tweets 1,084
- Following 606
- Followers 423
- Likes 775
80 Photos and videos
Pinned Tweet
23 May 2025
We audit code.
But we also audit culture.
Because high TVL without internal security practices
is just a slower kind of vulnerability.
2
3
18
1,766
Jun 12
Privacy is a human right
── Dappcon 2026 Speaker ──
Banks have been told privacy and auditability are opposites. They're not.
🎙 Dr. @JphFritsche · @bermudabayzk
↳ "Enabling Institutional Adoption: Privacy, Auditability and Verification"
Jan will give a talk on how zero-knowledge proofs and selective disclosure dissolve the trilemma holding institutions back from public blockchains — making systems that are private by default, auditable on demand, and verifiable on proof, without retreating to permissioned chains.
1
2
13
739
── Dappcon 2026 Speaker ──
Banks have been told privacy and auditability are opposites. They're not.
🎙 Dr. @JphFritsche · @bermudabayzk
↳ "Enabling Institutional Adoption: Privacy, Auditability and Verification"
Jan will give a talk on how zero-knowledge proofs and selective disclosure dissolve the trilemma holding institutions back from public blockchains — making systems that are private by default, auditable on demand, and verifiable on proof, without retreating to permissioned chains.
3
6
913
Looking forward to speaking!
He brings a rare combination: Web3 cybersecurity, empirical research on regulation, and entrepreneurship.
Jan Philipp Fritsche (@JphFritsche) is co-founder of @bermudabayzk, the institutional privacy layer for the EVM, and Strategic Director of @SecurityOak, the Web3 cybersecurity firm behind 600 audits across the Ethereum Foundation, Arbitrum, Cosmos, and many more.
His earlier work tracked the implications of financial and economic policy for money markets, derivatives, and systemic risk, with a focus on financial infrastructure, as a researcher at the ECB, the European Parliament's Monetary Expert Panel, Deutsche Bank, the Bundesbank, and DIW Berlin.
He also hosts MetaMarkets, a podcast exploring the interface of regulatory and technical matters in Europe.
Join us in Berlin: luma.com/pb46re0a
1
1
6
294
Jan Philipp Fritsche retweeted
Jun 1
Unfortunately, there is a hack related to @gnosispay and the "delay module".
Please be patient while we try to contain the damage. Rest assured, Gnosis will cover all user losses.
63
140
766
174,500
Jan Philipp Fritsche retweeted
May 30
What issuers can now do, live today:
🚫 Act on one address, not the whole contract
⏱ Spending limits on autopilot
↩️ Clawbacks when legally required
🔑 Safe-native, multisig-ready out the box
🔓 Permissionless to set up
Targeted, not total. Compliance without surveillance.
5/6
2
3
4
339
Fair point.
With centralized stablecoins you have to assume the kill switch can be pulled. That risk is real.
So there are two honest options:
give issuers tools to freeze one address instead of the whole pool, or use decentralized stablecoins in the pool.
We built @bermudabayzk to support both.
1
1
3
589
Since Kohaku and privacy are finally all over my feed again:
@bermudabayzk already prepared an integration into Kohaku, plus a few more surfaces coming 👀
We've already built testnet demos on @base Sepolia & @gnosis_ inside @MetaMask Snaps, the @safe UI and more to make sure Bermuda runs natively in the environments users are already in.
Bermuda lets you transfer, swap, lend, earn yield, pay with x402, and run agents. All private, all compliant, all on a public chain.
🌴🛡️
#Kohaku #Privacy
2
2
8
316
Apr 23
After the hack: Can @aave still compete with traditional banks? We are joined by @bankofcanada co-author @FurkanDanismann.
Before the incident, Aave V3 had a 0% non-performing loan ratio.
A perfect record, better than that of Canada’s biggest banks.
BREAKING: The Bank of Canada published a report on Aave.
It concludes that lending without traditional intermediaries is technically and operationally viable, with the system running continuously, transparently, and at minimal overhead.
2
2
3
381
Jan Philipp Fritsche retweeted
It is important to get the most out of the paper without falling into propaganda. Also, reminding of the first page of the paper:
"The views expressed in this paper are solely those of the authors and may differ from official Bank of Canada positions."
BREAKING: The Bank of Canada published a report on Aave.
It concludes that lending without traditional intermediaries is technically and operationally viable, with the system running continuously, transparently, and at minimal overhead.
1
3
206
Apr 21
After the largest DEFI hack of 2026, @arbitrum decided to freeze the funds. @griffgreen framed it as "Hacking North Korea."
Is this the fall of decentralization and the beginning of institutional crypto?
x.com/arbitrum/status/204643…
The Arbitrum Security Council has taken emergency action to freeze the 30,766 ETH being held in the address on Arbitrum One that is connected to the KelpDAO exploit. The Security Council acted with input from law enforcement as to the exploiter’s identity, and, at all times, weighed its commitment to the security and integrity of the Arbitrum community without impacting any Arbitrum users or applications.
After significant technical diligence and deliberation, the Security Council identified and executed a technical approach to move funds to safety without affecting any other chain state or Arbitrum users.
As of April 20 11:26pm ET the funds have been successfully transferred to an intermediary frozen wallet. They are no longer accessible to the address that originally held the funds, and can only be moved by further action by Arbitrum governance, which will be coordinated with relevant parties.
1
2
307
Jan Philipp Fritsche retweeted
Apr 3
After the panel and cocktail hour, @JphFritsche ushered us to a lovely private dinner with @oh_sum, the other panelists, and close friends of @SecurityOak, including @bermudabayzk, @turtledotxyz, and others!
Lots more good connections were made, plus two new @zodl_app downloads!
1
4
88
Feb 12
@bermudabayzk and @CantonNetwork are at opposite ends of a spectrum.
Canton is a new ecosystem. Bermuda provides invisible enterprise-grade privacy on the EVM.
@jon_helgi @monerium and I dug into what institutions actually need from privacy on our podcast.
We also discussed @aztecnetwork, the privacy OG chain, @fhenix, the FHE heroes, and @SecretNetwork, the private AI maximalists.
1
1
3
440
Feb 12
Institutional privacy will be the big narrative in 2026
Listen in:
open.spotify.com/episode/4zZ…
1
1
63
Feb 12
If you want to learn more about privacy & security, also listen to:
x.com/SecurityOak/status/202…
Feb 12
Assume exploits will happen. Design so they don’t matter.
On Cyphertalk (Ep. 1: Security & Privacy in 2026), @pumpkinGMI and @beyer_st discuss zero trust architecture and why real security isn’t paranoia, it’s limiting impact when humans make mistakes.
1
1
199
Jan Philipp Fritsche retweeted
12 Nov 2025
Excited for our joint event with @bermudabayzk at Devconnect! Crazy, timely lineup and the highest-caliber partners.
feat. @jbaylina, @safe, @web3privacy, @winprivacy, @ziskvm, @rakymnft & @PG_CDG!
Security and privacy are symbiotic; they're worthless without each other.
1
8
16
1,640
7 Nov 2025
Balancer 100M Hack should be a wake-up call.
Here’s what the protocols with the best Web3 security do right.
1
2
6
354
7 Nov 2025
At @SecurityOak we’ve always emphasized redundancy.
We often encourage teams to work with multiple auditors.
Different eyes. Different threat models. Different blind spots.
You can even involve auditors at the design phase
to review a core component and raise the security awareness of your team.
1
1
6
789
7 Nov 2025
If you want “best in class” Web3 security, start early:
Write the spec.
Define the threat model.
Document roles and invariants.
Do a real internal review.
Test and fuzz until you’re tired of it.
Then bring in auditors.
That’s how you get maximum value from every audit hour.
1
5
76