Andrew Kozlik is Head of Research and Development at Trezor and a seasoned cryptographer-engineer with seven years of focused experience building secure hardware wallet firmware and core cryptographic libraries. He combines a PhD-level mathematical background from Charles University with hands-on contributions to high-impact open-source projects within Trezor—improving WebAuthn, CBOR/CTAP handling, ChaCha20-Poly1305, Shamir secret sharing, and storage subsystems to harden device security and reliability. As a former Senior Cryptographer and ongoing consultant, he bridges academic rigor and production engineering, teaching cryptography courses and seminars at Charles University while shipping real-world security features. Known for pragmatic fixes—like deterministic DRBG integration and robust parameter checking—he emphasizes both correctness and exploit-resistant design. Based in Prague, he pairs deep theory with practical embedded development and an unusual earlier life on stage, giving him strong communication skills for complex technical topics.
7 years of coding experience
3 years of employment as a software developer
High School, High School at The English College in Prague
Doctor of Philosophy (Ph.D.), Algebra, Theory of Numbers and Mathematical Logic, Doctor of Philosophy (Ph.D.), Algebra, Theory of Numbers and Mathematical Logic at Charles University in Prague
Contributions:730 reviews, 711 commits, 285 PRs in 3 years 7 months
Contributions summary:Andrew's contributions primarily focus on enhancing the Trezor Firmware Monorepo, particularly within the context of the WebAuthn (Web Authentication) protocol. Their work includes implementing type checking for CBOR command parameters, adding length checks to the CTAP HID protocol and refining the handling of invalid or missing parameters, and integrating new features such as support for specifying the non-inclusion of signatures (the no_script_type setting). Furthermore, the user has been tasked with improving the overall robustness and security of the WebAuthn implementation by addressing potential vulnerabilities and simplifying the authentication flow for the end-users.
:lock: Don't post issues/PRs to here, use the new monorepo:
Role in this project:
Back-end Developer
Contributions:91 commits in 3 years 6 months
Contributions summary:Andrew primarily contributed to the development of Trezor's common library, adding new messages and features related to WebAuthn and SD card protection. They modified protobuf definitions, integrating new message types and handling related functionalities. Furthermore, they added support for features such as ownership proofs, CoinJoin authorization, and also introduced new request types while making improvements to existing code.
monorepolocktrezorbitcoinprs
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Andrew Kozlik - Head Of Research And Development at Self-employed