Behkish Nassirzadeh

PhD Candidate at the University of Waterloo

Toronto and Waterloo, ON, Canada





Main Topics & Areas of Interest

Applications of Blockchain


Computer Security




Machine Learning and AI


Program Analysis


Embeded Systems




Farsi (Persian)


Favorite Quotes

“Be your own hero, it’s cheaper than a movie ticket.”
— Douglas Horton

"If you don’t build your dream someone will hire you to help build theirs."
– Tony Gaskins

"Everything will be okay in the end. If it's not okay, it's not the end"
– John Lennon

Related Courses

ECE 650 - Methods and Tools for Software Engineering

Fall 2022

Instructor: Prof. Ganesh

MSCI 752 - Behavioural Decision-making

Spring 2022

Instructor: Prof. Onay

MSCI 607 - Applied Economics for Management

Spring 2022

Instructor: Dr. Tanehkar

ECE 750 - Computer-aided Reasoning

Fall 2021

Instructor: Prof. Ganesh

ECE 657A - Data and Knowledge Modeling and Analysis

Spring 2020

Instructor: Dr. Amar

ECE 653 - Testing, Quality Assurance, and Maintenance

Spring 2020

Instructor: Prof. Ganesh

ECE 720 - Cryptographic Computations

Winter 2020

Instructor: Prof. Hasan

ECE 606 - Algorithms

Fall 2019

Instructor: Prof. Tripunitara

ECE 652 - Safety-critical Embedded Software

Spring 2019

Instructor: Prof. Fischmeister

ECE 657 - Tools of Intelligent System Design

Spring 2019

Instructor: Dr. Amar

About Me

My name is Behkish. I am a PhD Candidate in Computer Engineering at the University of Waterloo under the supervision of Professor Vijay Ganesh and Professor Anwar Hasan. My research focuses on the applications and security of blockchain.

I'm designing and implementing different methods in various areas of Blockchain including security vulnerabilities of Smart Contracts, and Decentralized Oracles using techniques like runtime analysis, whitebox fuzzing, optimized binary search, and game theory. I've also recently started researching applications of AI and the intersection of Large Language Models (LLM) and Blockchain security. In this research, we use LLMs to generate code that helps us test and verify the security of smart contracts.

I have over 6 years of experience working in different computer software fields, including Graduate Student Researcher, Sessional Lecturer, Project Lead Developer, Full-stack Software Developer, Web Admin, and Information Security Coordinator.

I received an MASc in Computer Engineering and a BASc in Electrical and Computer Engineering with distinction from the University of Waterloo. You can use my LinkedIn or my email to contact me.


The Intersection of LLMs and Blockchain Security
Aug 2023 - Current
Advisers: Prof. Vijay Ganesh and Prof. Anwar Hasan

Static analysis tools are particularly popular because of their scalability, ease of use, and the wide variety of vulnerabilities they can detect. However, a noticeable limitation of static analysis methods is their high rate of false positives. On the other hand, fuzzing techniques generate no false positives, but are incomplete and may require considerable amount of tedious manual work. Hence, many smart contract auditors prefer to use static analysis tools to zero-in on (i.e., localize) potential vulnerabilities and then follow that up with manual analysis or write some code to fuzz the potentially vulnerable code. Although this approach saves many man-hours compared to auditing the contract manually, it still requires a lot of manual work. Our tool is an LLM that takes as input a smart contract and the report generated by a static analysis tool and generates a contract that can be fed to a fuzzer to verify the results of the static analysis tool. This way, we can generate a fully automated system by connecting static analysis and fuzzing and eliminating manual work.

Middleman Verification Problem
May 2019 - Current
Advisers: Prof. Vijay Ganesh and Prof. Anwar Hasan

A middleman is an agent, or company intermediate between the producer of goods and the retailer or consumer. Middlemen are an important part of the transactions in many fields such as the automotive industry, film industry, and online advertisement. Online advertisement is a billion-dollar industry that has many potentials and challenges. One of the greatest challenges of online advertisement is transparent accounting.
This research is on implementing a reliable and intelligent platform to test the fairness and honesty of the middleman. The main focus of the research is on online advertisement. Decentralized oracles and APIs, Game theory, dand distributed systems are the main parts of this research.

Understanding CBDCs
Jan 2022 - Dec 2022
Adviser: Prof. Vijay Ganesh

Over the last few years the Governments of Canada and USA have taken great interest in the concept of Central Bank Digital Currencies (CBDCs) and are exploring the possibility of issuing them for use by the general public. This raises profound questions for society as a whole, such as, can we provide a secure, safe, and privacy-protecting architecture for CBDCs, can we make CBDCs programmable, how will CBDCs co-exist with current paper money and how do CBDCs fundamentally transform the nature of money itself? The focus of this project is to explore these questions and provide meaningful definitions and an architecture for CBDCs and all that it entails.

Gas Gauge: A Security Analysis Tool for Smart Contract Out-of-Gas Vulnerabilities
Jan 2020 - May 2022
Adviser: Prof. Vijay Ganesh

A smart contract is an executable program that enables the building of a programmable trust mechanism between multiple entities without the need for a trusted third-party. It is an application of blockchain and is meant to store rules and agreements made by several parties, automatically detects when certain conditions have been met, and Self-execute an agreement based on the conditions they automatically detect.
The focus of this research is to develop a tool that scans smart contracts to find potential blocks of code vulnerable to DoS with Gas Limit and suggest a repair. Loops are the main pattern of this vulnerability and hence the main target for this tool. This tool utilizes static analysis, white-box fuzzing, and run-time verification. A lot of optimization is used to make the tool extremely accurate and reasonably fast. An optimized binary search approach, Static analysis, and run-time verification are the main methods used in this research.


University of Waterloo
2021 - Current (Expected 2024)

Doctor of Philosophy - PhD, Computer Engineering (Computer Software)

University of Waterloo
2019 - 2021

Master of Applied Science, Computer Engineering (Computer Software)

Thesis: Security Analysis Methods for Detection and Repair of DoS Vulnerabilities in Smart Contracts

University of Waterloo
2014 - 2019

Bachelor of Applied Science, Computer Engineering


2020 UBRI Innovator / Ripple Impact
Oct 2020

Research Breakthrough in Blockchain