Ask the Expert: Camden Smallwood
Welcome to our Ask the Expert series, featuring profiles from our employees across all teams and offices! Previously, we introduced Peiyu Wang. Let’s meet another one of CertiK’s expert engineers: Camden Smallwood.
Camden is a code-tinker by nature, self-taught to become a C, and C++ expert, experimenting with everyday-life and sophisticated machines back in early 2000. His curiosity about how things work on an internal level led him to domesticate a plethora of high-level languages including but not limited to: Python, Rust, Solidity, and WebAssembly.
He developed a hacker-mindset from the very beginning of his journey and always tried to tap into whatever he’s using before actually using it, whether that’s an XBOX game machine or an IBM computer.
Q: Why did you want to become a security engineer?
A:
As far back as I can remember, I have always wanted to understand how things work. This has always been tightly coupled with a deep desire to help people and to do the right thing.
The crypto field in particular is very interesting to me because it incorporates many concepts that I’m familiar with from my prior software engineering experience, but introduces a whole new classification of interactions and potential issues that can arise.
The nature of the ecosystem requires one to stay on their toes and doesn’t allow any room to grow stale, which is part of the attracting aspect of the work. Plus, I love to learn new engineering concepts and improve my own workflow as much as possible. Having the opportunity to work with people of multiple different backgrounds and highly critical mindsets is a great setting for that.
Q: What does your daily work look like?
A:
* Communicating with business development and the professional services engineers daily
* Scoping projects for complexity, amount of coverage required, potential design issues
* Assessing Solidity, Rust and C++ code for specification conformance and security vulnerabilities
* Help advise and coordinate other engineers on their engagements, reviewing reports for correctness and quality
* Improving internal assessment and reporting procedures wherever possible
Q: What are some of your challenges and accomplishments?
I was 13 in 2003, and I noticed that many people were throwing away their old tan Dell and IBM desktop PCs in the area I lived at the time. Having a healthy curiosity, I decided to drag around 10 of them back to my house, where I learned that none of them would power on, so dismantled them in my backyard.
From there I found all of the similar pieces and started swapping them out in a single desktop, until a few days later one of them somehow magically powered on. It had Windows 98 on it, and only lasted for a couple weeks before it decided to not power on again. This was my introduction to the computer world.
By 2005, we had regular internet in our home and I met a few people in online forums who introduced me to the concepts of programming with HTML and JavaScript briefly, then VB.NET and C#. At this point I became addicted to programming and wanted to learn as much as I could. I would check out language manuals from the library, read as many online tutorials for things as I could find, pester other more experienced people with my questions. (Sorry to you folks!)
C, C++, Python, Common Lisp, Scheme, Ada, Haskell, Rust, Nim, Solidity, Yul, WebAssembly, X86 Assembly, PowerPC Assembly, ARM Assembly, Data Analysis and Reverse Engineering (IDA, Ghidra, Radare2, hex editors)
Q: What do you do in your spare time?
Learn more about current Ethereum ecosystem issues, expand my knowledge on finance concepts, work on internal tooling or personal programming projects, play guitar and learn more about music theory, play games with friends, and hang out with my cat.
