Elias Bou Zeid

Elias Bou Zeid




Cybersecurity Intern

Jack Chan
January 19, 2022
End Date
April 30, 2022
On Call


In his own words

I am in pursuit of my Cybersecurity Bachelor's degree with SANS Technology Institute. Cybersecurity is a field that has always fascinated me, naturally, because of the unknown inherent flaws in programs and protocols, which can be exploited at anytime, from anywhere, by anyone(kind of). And the fact that I love solving elusive problems like a detective and catching the perpetrators. Prior to embarking on this learning journey, I was a Project Manager with Webcor Builders in San Francisco. My main role focused on Electrical, low voltage (networks), and access controls project management. I was involved with a Facebook high-rise and the Salesforce Transbay Transit Center. Before Webcor, I was an electrical estimator/PM in SF, and, before that I was a Project manager/builder of high-end residential projects in Belmont, CA. Before my stint in construction, I was in the U.S. Marine Corps for four years (2010-2014) as a team leader, and have been twice deployed to Afghanistan. https://www.linkedin.com/in/elias-bouzeid/

Apr 30 Evaluation Notes

Aaron Li 🏁

I strongly support Elias to be given more challenges and responsibilities in the areas related to security. Elias had a critical role in resolving ongoing theft incidents. He made critical contributions in collecting theft victim information and performing initial analysis, authoring articles for best security practices, acting as the point of contact with theft-victims, and summarizing the response team meetings and action items.

  • The initial information gathered by Elias substantially reduced the workload of the response team by at least 30-60 minutes per person per case. As a result, the team is able to focus on the most critical matters and make decisions quickly on which cases to prioritize.
  • Based on community feedback and follow-up AMA in Twitter space, the article authored by Elias was well-received by people in the community and met the intended goals of raising security awareness and deterring further thefts.
  • Based on victim chat conversations and feedback, it is apparent that Elias’ thorough communication won back the trust from the victims, and gave them the confidence that their cases would be handled in a fair, orderly manner. Without Elias, some of the dissatisfied victims may cause widespread fear and panic.

Overall, Elias demonstrated a very good understanding of wallet security issues in practice, strong sense of initiative, and a commitment to the goals he set as well as doing the best he could for the victims. There is no doubt that Elias will be able to create a much stronger positive impact should he be given more responsibilities.

Jack Chan 🏁

Elias continues to be a huge contributor to the Chrome Wallet Response team. He began by immediately owning the process to manage the alleged victim reports, cares a lot about our “customers” (Harmonauts), resourceful in trying to connect with his Professor’s cybersecurity contacts, Coalfire, and provided 1-on-1 hand-holding of each alleged wallet theft victim which help reassured that they are being taken care of.

He is highly disciplined and attended 95% of the meetings, and the missed sessions were due to his course exams or personal commitments, upon providing a heads up. His humble persona, strong sense of ownership, and obsession over Harmonaut’s wellbeing, is highly admirable. This is a strong fit to Harmony’s culture, with a 10x potential impact to the Harmony initiative as a whole.

Forward looking: May 2022 onwards, Eli can help close out trailing issues from wallet victims, project manage our Immunefi alongside alignment with our Gitcoin security bounty programs, and help coordinate testing threat vectors for our upcoming 1Wallet rollout.

Strong Yes — for him to continue with the team.

Daniel Pagan

May 2022 deliverables


April 2022 deliverables

  • Develop and run a wallet security campaign as a public service announcement (PSA)
  • Coordinate all victims to help schedule to help unblock to recover funds (12 sessions)
  • Continue tracking investigation into wallet thefts and provide closure to vetted victims

Timesheet: https://tinyurl.com/y5voeqpy

March 2022 deliverables

  • Help organize and coordinate letter of acknowledgements for victims prior to announcement
  • Continue processing the theft report intakes and sorting them to highlight during meetings
  • Help confirm and KYC alleged victims of wallet thefts (20+ cases)

Timesheet: https://tinyurl.com/yag8r359

Feb 2022 deliverables

  • Track meeting notes from wallet security team & follow up @mandatoryprogrammer’s report
  • Create dedicated Telegram channels with all alleged victims to streamline communications
  • Follow up with victims on their usage, streamlining theft report intake flow, assist blog report

Timesheet: https://tinyurl.com/y7h776t5

Jan 2022 deliverables

Timesheet: https://tinyurl.com/y9hzgvbw

3-Month Milestone

  • Help review social media channels (Discord, Telegram, security@ email) and cross-reference — with Harmony Explorer, Staking Dashboard, Etherscan, Bridge — to onboard victims through a funnel to gather info. ✅
  • Perform follow ups with reports of wallet compromises, as an attaché to forensics team for follow-ups with victims, act as an interface for Harmony with security auditors. ✅
  • Project manage the vulnerability fixes and assemble a report based on findings from sources such as forensics experts, auditors and self reviews. ✅