Hongbo WenI am a Ph.D. candidate in Computer Science at UC Santa Barbara, advised by Yu Feng and working closely with Dahlia Malkhi and Yanju Chen. Before UCSB, I received my B.Eng. from Tsinghua University. I develop program analysis and synthesis techniques to secure complex software systems, with applications in LLM agent security, cryptography & zero-knowledge proofs, and AI-augmented vulnerability discovery. My work has been supported by Ethereum Foundation, Google Security, and a16z crypto. Email / Google Scholar / GitHub / CV |
|
Publications* Equal Contribution |
|
arXiv 2026
LLM Agent Security |
|
|
OOPSLA'25
Crypto & ZKP |
|
|
IACR 2025
Crypto & ZKP |
|
|
arXiv 2025
AI-Augmented Vuln Discovery |
|
|
arXiv 2025
LLM Agent Security |
|
|
ACM CCS'24
AI-Augmented Vuln Discovery pdf / bib / code |
|
|
USENIX Security'24
Crypto & ZKP pdf / bib / code |
Zero-Day Discoveries |
| LLM Agents | Filed 17 zero-day security advisories on OpenClaw/ClawHub agent skills, covering credential leakage, RCE, and PII exfiltration (e.g., clawhub#1911). |
| DeFi | Discovered 10 zero-day vulnerabilities on BNB Chain DeFi protocols using FORAY, with verified exploit traces matching ≥$21M in historical loss patterns (e.g., Discover). |
| ZK Circuits | Discovered zero-day vulnerabilities in widely-used Circom projects using ZKAP, including 0xPARC, Polygon-ZK, Axiom, iden3, and privacy-ethereum (e.g., circom-pairing). |
Invited Talks |
| Feb 2026 | Tabby: A Synthesis-Aided Compiler for High-Performance Zero-Knowledge Proof Circuits | SoCalPLS, USC, Los Angeles, CA |
| Feb 2025 | Tabby: Automated Programming of Efficient Zero-Knowledge Proof Circuits | ETH Denver, Denver, CO |
| Feb 2025 | Practical Security Analysis of Zero-Knowledge Proof Circuits | SoCalPLS, UCSD, San Diego, CA |
| Oct 2024 | FORAY: Towards Effective Attack Synthesis against Deep Logical Vulnerabilities in DeFi Protocols | ACM CCS '24, Salt Lake City, UT |
| Aug 2024 | Practical Security Analysis of Zero-Knowledge Proof Circuits | USENIX Security '24, Philadelphia, PA |
Grants & Awards |
| 2024 |
Ethereum Foundation Academic Grant, Cybersecurity and Privacy Track Topic: Sentinel — Adaptive Counter-Attack Synthesis for Mitigating Onchain Exploits Yu Feng, Hanzhi Liu, Hongbo Wen |
| 2023 |
Ethereum Foundation Academic Grant, Formal Verification Track Topic: Financial Model-Driven Attack Synthesis for DeFi Yu Feng, Yanju Chen, Hongbo Wen This grant led to the development of FORAY (ACM CCS'24). |
| 2022 | Academic Excellence Fellowship, UC Santa Barbara |
Experience |
| 2024 – Present |
Co-founder & Principal Architect, Riema Labs Led a 50-person engineering team through an AI-first development transformation, shipping cross-chain bridges, Bitcoin-native ZK infrastructure, and user-custody wallet systems serving 150K+ users. |
| 2022 |
R&D Engineer, Veridise Inc. Smart contract and zero-knowledge proof security. Discovered 30+ critical vulnerabilities in widely-used ZK projects. |
Service |
| 2025 | USENIX Security '25 Artifact Evaluation Committee |
| 2023 – 2025 | Teaching Assistant, CS162 Programming Languages, UC Santa Barbara |
|
Design inspired by Jon Barron |