Gaurav Sharma

[ 01 ]

About me

Who I am

I'm Gaurav Sharma, 18, Lucknow. Just finished Class 12. I've been teaching myself to code and solder for about two years.

Got into Crypto Twitter in 2022. Not the trading side. I wanted to understand how wallets derive keys, how signing actually works at the byte level. That rabbit hole took me from reading the BIP39 spec to writing C++ firmware on an ESP32.

Most of my time goes into C++ on microcontrollers. Managing encrypted flash storage, driving OLEDs over I2C, running key derivation on a chip with 520KB of RAM. I also write Python for tooling and JS for web interfaces that talk to hardware over Web Serial.

Right now I'm adding tamper detection and auto-lock to the ESP32 Vault. After that, probably Nostr key storage or a standalone message signer.

Gaurav Sharma

Builder · 18 · Lucknow, India

ESP32 · Cryptography · Low-level systems

📍

Location

Lucknow, India

🎓

Education

Class 12 complete · College incoming

💻

Focus

Embedded systems · Cryptography

🌐

Community

Crypto Twitter · Open source

✅

Status

Building Vela Network

[ 02 ]

Projects

What I've built

Live

Rust libp2p HotStuff BFT LIVE TESTNET

Vela Network

Custom L1 blockchain built from scratch in Rust. HotStuff BFT consensus across 3 deployed validators. Real P2P networking, live block explorer, web wallet and faucet.

// HotStuff BFT — round robin leader
leader = round % 3
block → vote → PrepareQC → commit
✓ 2/3 validators must sign each block

✓ 5800+ blocks produced. Still running.

Explorer ↗ GitHub ↗ Wallet ↗ Faucet ↗ Whitepaper ↗ Run a Node ↗

X: 000 Y: 000
ESP32 → I2C → OLED
FLASH → AES-256 → SEED

ESP32 + SH1106 OLED · Live device

Live

ESP32 Vault

Air-gapped hardware wallet on a $3 ESP32. The seed is AES-256 encrypted with a key derived from the chip's eFuse MAC — dump the flash all you want, it's useless without the physical chip. All firmware written from scratch: BIP32/BIP39 key derivation, secp256k1 signing, OLED interface.

// transaction signing flow
entropy → BIP39(mnemonic) → BIP32(derivePath) → privkey
tx → keccak256(hash) → secp256k1.sign(hash, privkey) → signature

✓ Private keys never leave the device.

C++ Python JavaScript ESP32 BIP32/BIP39 AES-256 secp256k1 Web Serial API

Ask me Live Demo ↗ GitHub ↗

ESP32 → BLE → Android · Live device

Open Source

PhoneCanvas

Turn any Android phone into a wireless 128×128 display for ESP32 over BLE. The phone app is a dumb renderer — it never needs updating. Only the ESP32 code changes to control what's displayed. Custom bitmap protocol sends raw 4-bit packed frames for smooth animation.

// bitmap frame protocol
donut math → fb[64][64](z-buffer) → 4-bit pack(2048 bytes)
BLE notify → Flutter decode → Canvas render → smooth animation

✓ Phone never needs updating. ESP32 controls everything.

C++ Flutter ESP32 NimBLE BLE Dart 3D Math

GitHub ↗ Follow on X ↗

More projects coming

Building in public — follow along on X

@gauravshar64966 ↗

[ 02.5 ]

Security Research

Base Azul Challenger — Security Review

Security Audit Base · Azul upgrade · May 2026

Reviewed the offchain challenger service for Base's Azul upgrade (dual-proof TEE+ZK system, mainnet May 13 2026). Found 1 critical, 3 high, 6 medium, 4 low severity issues.

CRIT-01 Final output root is never validated

An attacker can submit correct intermediate roots with a fraudulent rootClaim. The challenger never checks the final root and does nothing. Fraudulent state finalizes.

1 Critical 3 High 6 Medium 4 Low

Rust Security L2 Audit Base

Full Report ↗ View on X ↗

active / currently building

v0.dev

01 / blockchain

Vela Network testnet

3-node HotStuff BFT consensus running live on Railway. Planning mainnet architecture.

Rust · libp2p · Railway

02 / security

Base Azul audit disclosure

Submitted findings to Base team. Tracking response before mainnet May 13.