We’re experts
 in real-world systems security.

Meet the Cubist Team

The Cubist team is uniquely qualified to build products that real people use to protect real things.

Let’s Discuss Your Needs

We’ve published more than 80 peer-reviewed papers about building and breaking hardware, operating systems, language runtimes, compilers, web browsers, and cryptographic protocols—and our security research actually makes it to the real world.

Prior to Cubist, our founders designed the low-level cryptography underlying Ethereum and Avalanche, shipped software sandboxing in the Firefox browser, identified high-severity security vulnerabilities in Google Chrome, and more.

Our sandboxing systems let browser developers use fast (but unsafe) third-party libraries safely. Our verification tools let companies run untrusted code without worrying about attackers or huge runtime costs. And our compilers let crypto engineers write code in convenient, high-level languages—without giving up on low-level performance or security.

CubeSigner doesn’t force teams to choose between security, performance, and convenience, thanks to the same trusty toolbox we’ve used before: information flow control, formal verification, compartmentalization, and intentionally simple cryptography.

We’ve seen this decision matrix before: it’s there when crypto engineers fight their compilers to write safe, constant-time code, and it’s there when browser engineers begrudgingly render PDFs with unsafe libraries.

As in these domains, the tradeoffs faced by Web3 teams reflect the limitations of existing tooling—they aren’t a fundamental law of nature.

We’ve spent decades pushing the boundaries of security.

We shipped the framework that protects millions of Firefox users from bugs in third-party libraries, built the first commercial system to isolate enterprise secrets from untrusted Node.js libraries, proved that production sandboxes actually keep users safe, and deployed privacy-enhancing tools to millions of Brave users.

We care about ecosystem security, too: our team members have authored IETF and W3C specifications, serve on the Bytecode Alliance board and (formerly) the Node.js Security Working Group, and received the IEEE Cybersecurity Awards for Practice and a Test of Time award for influential academic research on security.

We’ve discovered over two dozen high-severity, bountied, or CVE-carrying bugs in Chrome and Firefox.

We’ve developed exploits that exfiltrate passwords from Chrome’s Password Leak Detection tool and that reconstruct users’ browsing history in four major browsers.

Finally, we've discovered vulnerabilities in modern processors.

We were among the first researchers in practical zero-knowledge proofs, including the first hardware design and one of the fastest known provers.

We designed and standardized the cryptographic primitives that power Ethereum, Avalanche, and many other blockchains, deployed privacy-preserving airdrops, developed cutting-edge compilers for ZK proofs and MPC protocols, built the fastest GPU implementations of AES and SHA3, and created domain-specific languages that prevent timing side channels.

In short, our expertise runs the gamut from cutting-edge theory to low-level implementation.

To protect users from remote attackers trying to steal data or compromise machines, we’ve proven that parts of the Firefox just-in-time compiler and the Cranelift Wasm compiler do what they’re supposed to.

We've proven that software and hardware crypto implementations are resistant to side channel attacks. And, our team includes core developers of foundational tools for proving correctness, tools that companies like Amazon and Certora rely on.

Meet the Leadership

Riad Wahby
Riad Wahby
Co-Founder & CEO
Riad Wahby
Co-Founder & CEO

Riad is a member of the Electrical and Computer Engineering faculty at Carnegie Mellon University. He is an applied cryptographer and leading academic researcher on zero-knowledge proofs and their applications. He is a co-inventor of proof systems including Lasso, Hyrax, and Brakedown, and he has co-authored cryptographic specifications including RFC9380 and the BLS signatures standard used by Ethereum, Avalanche, and many other blockchains. 

Riad was previously a cryptographic researcher at Algorand, and spent a decade as an analog and mixed-signal integrated circuit designer at Silicon Labs. Riad received his SB and MEng in Electrical Engineering and Computer Science from MIT, and his PhD in Computer Science at Stanford, where he was supported by a Ripple Fellowship. His work was recognized with a Distinguished Student Paper award at Oakland 2016, a Best Paper award at USENIX ATC 2018, a Distinguished Paper award at WOOT 2023, and a Distinguished Paper award at Oakland 2025.

Close icon
Ann Stefan
Ann Stefan
Co-Founder & COO
Ann Stefan
Co-Founder & COO

Ann is an accomplished strategy executive who spent seven years as a fintech COO in a high-risk consumer segment. For the majority of her career, she has focused on new market expansion, product development, and rapid scaling in early-stage SaaS and fintech companies. She has a rare breadth of technical and management experience spanning risk, product, sales, marketing, customer support, and government contracts.

Her core expertise centers around payment processing, online payments fraud prevention, and anti-money laundering programs, gained from years of building and running a fintech risk team and product in-house. She received a BS in Chemical-Biological Engineering from MIT in 2008.

Close icon
Fraser Brown
Fraser Brown
Co-Founder & CTO
Fraser Brown
Co-Founder & CTO

Fraser is an Assistant Professor at Carnegie Mellon University’s Software and Societal Systems Department. She is an expert in software correctness: her research focuses on systems security, automated bug finding, and formal verification, from verifying (parts of) production systems like browser JITs, to finding exploitable bugs in real codebases. Her tools have found many zero-day bountied bugs and CVEs in the Chrome and Firefox browsers and multiple operating systems. 

Fraser also works on compilation; in collaboration with CEO Riad and others, she developed the CirC compiler for cryptographic proof systems. Fraser received her BA in English and MS and PhD in Computer Science from Stanford, where she was supported by an NSF graduate research fellowship. Her work has been recognized with Distinguished Paper awards at Oakland 2023, WOOT 2023, and Oakland 2025, two Pwnie nominations for leading attack work, and a CSAW applied research award nomination.

Close icon
Deian Stefan
Deian Stefan
Co-Founder & Chief Scientist
Deian Stefan
Co-Founder & Chief Scientist

Deian is an Associate Professor of Computer Science and Engineering at UC San Diego, where he co-leads the Security and Programming Systems groups. His research lies at the intersection of security and programming languages; he is particularly interested in building secure systems that are deployed in production. He was a co-founder of Intrinsic, a runtime security startup acquired by VMware in 2019.

His work has been recognized with a Most Influential Paper award (ICFP 2022), a Cybersecurity Award for Practice (IEEE 2022), Distinguished Paper awards (POPL 2019, USENIX Security 2020, ICFP 2020, POPL 2021, IEEE Security & Privacy 2023, ASPLOS 2023, IEEE MICRO Top Picks 2024), an NSF CAREER award, and a Sloan Fellowship. He received his BE and ME in Electrical Engineering from Cooper Union and an MS and PhD from Stanford, where he was supported by an NDSEG graduate research fellowship.

Close icon
Jon Webster
Jon Webster
Head of Sales
Jon Webster
Head of Sales

Jon leads Go-To-Market at Cubist. He is an expert in the early-stage software sales playbook, having grown a variety of venture-backed companies from first sales employee to high-performing global team. Most recently he was at Solidus Labs, where he sold trade surveillance software to compliance teams at centralized crypto exchanges.

He received a B.Sc. in Computer Science at Western University in Ontario, Canada and has spent his career driving break-out revenue growth for emerging technology products with technical buyers.

Close icon
John Renner
John Renner
Founding Engineer
John Renner
Founding Engineer

At Cubist, John currently leads the front end engineering team. He received his PhD in Computer Science from UC San Diego, where he developed programming languages and tools to provide automated security guarantees to developers; during this time, he created CT-Wasm, a standards-track proposal to bring secure cryptography to WebAssembly.

John has also worked on internal developer tools at Google and on language-level testing support as a member of the Rust team at Mozilla.

Close icon
Aleksandar Milicevic
Aleksandar Milicevic
Founding Engineer
Aleksandar Milicevic
Founding Engineer

At Cubist, Aleksandar co-leads the back end engineering team. Previously, he worked as a Principal Software Engineer at Microsoft, where he led the development of various low-level Linux-specific solutions like process sandboxing and filesystem virtualization. He was also a key contributor to a novel build system that leverages those solutions to automatically add caching and distribution to any existing build.

Aleksandar received his PhD in Computer Science from MIT in 2015. His thesis focused on designing declarative programming paradigms with the goal of building correct and robust software more easily.

Close icon
Andres Nötzli
Andres Nötzli
Founding Engineer
Andres Nötzli
Founding Engineer

At Cubist, Andres co-leads the back end engineering team. He has worked on compilers and databases, and is an expert in the design and implementation of SMT solvers; during his PhD at Stanford, Andres was one of the core developers of the cvc5 solver, an automated reasoning tool that is used extensively in industry and academia.

Prior to Stanford, Andres received his MS in Computer Science at EPFL. He has also worked on verification tools at the Amazon AWS Automated Reasoning Group, and contributed to Facebook's RocksDB, a high performance key-value store.

Close icon

Our Investors

Learn how our approach to security drives key management forward.
Meet CubeSigner