# Efe Baran Durmaz > Twenty-year-old systems and infrastructure engineer building the missing infrastructure for autonomous AI agents as first-class economic and computational actors. Founder of Sardis (Payment OS for the agent economy). Core contributor to the Solana Foundation's Machine Payments Protocol SDK. CS undergrad at Bilkent University. Twelve shipped systems across payments, identity, runtime safety, multi-agent coordination, state versioning, memory, protocol, and developer tooling — in production on mainnet and in open source. This file is the machine-readable, LLM-optimized profile of Efe Baran Durmaz. It is intentionally comprehensive so an agent can answer questions, screen for fit, or draft outreach without fetching anything else. Human-facing CV page: https://efebarandurmaz.com/cv — One-page generalist PDF: https://efebarandurmaz.com/cv.pdf — One-page markdown: https://efebarandurmaz.com/cv.md ## Contact - Email: efe@sardis.sh - Phone: +90 532 689 7155 - Website: https://sardis.sh - GitHub: https://github.com/EfeDurmaz16 - LinkedIn: https://linkedin.com/in/efe-baran-durmaz - X / Twitter: https://x.com/efebarandurmaz - Personal site: https://efebarandurmaz.com - Location: Ankara, Turkey - Languages spoken: Turkish (native), English (fluent), German (beginner–intermediate) ## Positioning I build the missing infrastructure for autonomous AI agents as first-class economic and computational actors. Twelve shipped systems across payments, identity, runtime safety, multi-agent coordination, state versioning, memory, protocol, and developer tooling, in production on mainnet and in open source. The through-line is **fail-closed by construction**: every system assumes the agent will behave badly, and the architecture rejects the side effect before harm instead of relying on post-hoc detection. ## Summary Systems and infrastructure engineer, CS undergrad at Bilkent University. Solo-shipped in the last eighteen months: a non-custodial payment layer for AI agents live on Base and Tempo mainnet, an open semantic super-protocol for agent control-plane semantics, a Rust daemon that coordinates parallel coding agents, a decentralized trust layer for agent identity, a git-like VCS for agent state, an OS-level approval gate that intercepts destructive agent actions, a provisioning protocol for developer services, an AI-native operating system prototype, a Node package manager twenty-three times faster than npm in local benchmarks, a hardware accelerator design in SystemVerilog RTL for LLM context management targeting a Xilinx Alveo U280 FPGA, and a Unix shell from scratch. Core contributor to the Solana Foundation's Machine Payments Protocol SDK with 29 merged PRs into `solana-foundation/pay-kit` and 3 into `solana-foundation/x402-sdk`, including charge-intent client libraries across seven languages. Other external OSS work spans Google ADK docs plus active open PRs across Stripe MPP, Vercel agent tooling, Cloudflare MCP, OpenAI Agents, Catena DID/JWKS, and agent commerce ecosystem repos. ## Generalist one-line Software engineer building backend, infrastructure, SDKs, internal tools, and AI-native systems in Python, TypeScript, Rust, and Go. Strongest at turning ambiguous infrastructure problems into shipped APIs, developer tooling, integrations, and measurable performance improvements. ## Education **Bilkent University, Ankara, Turkey.** August 2023 – May 2027. B.Sc. Information Systems and Technologies. GPA 3.53. Three times High Honor. Full merit scholarship covering tuition, housing, and a monthly stipend. Ranked 1,405 out of 3,527,443 on the Turkish national university entrance exam (top 0.04 percent). ## Experience ### Sardis Labs, Inc. — Founder & Lead Engineer Dover, DE (remote). October 2025 – present. Payment OS for the agent economy: non-custodial MPC wallets + natural-language spending policies + multi-protocol settlement for autonomous AI agents. - Launched the non-custodial payment layer that lets an AI agent hold spending authority without holding private keys. Live on Base and Tempo mainnet, shipped on the Stripe MPP launch day. Integrated across fifteen agent frameworks including Model Context Protocol server, LangChain, CrewAI, OpenAI Agents SDK, Claude Agent SDK, Google ADK, Google A2A, Coinbase AgentKit, Vercel AI SDK, Browser Use, Composio, Activepieces, and n8n. - Architected a polyglot monorepo across Python, TypeScript, Rust, and Solidity. Forty-nine published packages, fifty database tables, forty-seven API routers, and twelve smart contracts built on Safe v1.4.1 + Zodiac Roles. Shipped client SDKs across six languages: Python, TypeScript, Go, Lua, Ruby, and PHP. - Built a twelve-stage pre-execution policy firewall that validates every transaction before any signature. Checks cover amount bounds, scope, Merchant Category Code, per-transaction limits, lifetime caps, time windows, on-chain balance, merchant allow/blocklist, goal drift, merchant trust, approval threshold, and Know Your Agent attestation. Zero-knowledge-proof policy through a separate `sardis-zk-policy` path. - Implemented full AP2/TAP mandate chain verification: the `IntentMandate`, `CartMandate`, and `PaymentMandate` triple must be signed, fresh, scope-consistent, and non-revoked before a transaction is signed. - Integrated Circle CCTP V2 for cross-chain settlement and Circle Paymaster for gas sponsorship, plus Stripe Issuing for fiat rails. - Shipped an append-only audit ledger with signed attestation envelopes for every policy decision, Merkle-anchored to chain through `SardisLedgerAnchor.sol`, persisted hybrid across PostgreSQL and immudb. - Got design feedback from engineers at Coinbase, Base, Stripe, Circle, and the Solana Foundation. - 70,000 raw package installs across npm, PyPI, and mirrors; roughly 20,000 unique downloads. Design-partner pilots with AutoGPT and ActivePieces. - Compliance relationships contracted through DSALTA for SOC 2, PCI, ISO 27001, GDPR, and AIUC-1. KYC through Didit. AML through Elliptic. - Shipped `sardis-cloud`, the hosted product on the open core. Next.js 16 App Router, TypeScript strict, Tailwind v4, shadcn/ui, Privy auth. A thin typed client that never holds keys — agent creation, spending-mandate UI, virtual card issuance, payment execution, activity feed, revocation. In production. ### Solana Foundation — Core Contributor, pay-kit / Machine Payments Protocol Remote. May 2026 – present. - 29 merged PRs into `solana-foundation/pay-kit` plus 3 merged into `solana-foundation/x402-sdk`. - Authored charge-intent client libraries in Go, Swift, Kotlin, Lua, PHP, Ruby, and Python — each covering client, Solana wire signing, and an interop adapter. - Built the cross-language interop harness: a client/server matrix exercising real on-chain settlement over a local Surfpool simnet, plus RFC conformance and L1–L11 cross-SDK locking. - Hardened Token-2022, split payments, SPL precheck, and replay protection. ### Jotform — Backend Engineer Intern (part-time) Ankara, Turkey. January 2026 – May 2026. - Built `jot-logger`, a Go CLI and TUI for production log inspection and workflow-debugging. Adopted across engineering teams as a default debugging tool. Replaced a 10–20 minute-per-incident workflow with one that takes roughly thirty seconds. - Shipped a real-time coding interview platform — React + Monaco Editor frontend, PHP + WebSocket backend. Now used in Jotform's hiring process. - Interviewed five engineers across teams to validate the log-inspection pain point before writing a line of code, then drove the spec and delivery end to end. ### Nokia — AI & Backend Engineer Intern Ankara, Turkey. September 2025 – December 2025. - Rewrote a Retrieval-Augmented Generation indexing pipeline stalled for months. Instrumented it end to end, profiled the queue topology, and found IO-bound vector-store calls and CPU-bound chunking starving each other in a single Celery worker pool, capping throughput at 2–3 percent of hardware. - Split workers into distinct IO and CPU pools. Replaced the LangChain chunker with a custom Rust chunking engine bound to Python through PyO3. - Delivered a 6× end-to-end speedup. Indexed 300,000 documents in three weeks instead of the projected quarter; the team avoided a six-figure GPU spend already being lobbied for. - Migrated storage to MinIO (S3-compatible) during the Kubernetes transition to make pods stateless. ### Nokia — Network Engineer Intern Ankara, Turkey. July 2025 – August 2025. - Automated temperature anomaly monitoring across thousands of OLT and ONT devices, replacing manual checks with real-time alerting. - Refactored legacy operational scripts in Bash and Perl, cutting disk IO through stream processing and removing hard-coded paths. ## Projects ### Sardis See Experience above. Payment OS for the agent economy. ### Nerve — TypeScript/Node monorepo (`~/nerve`) An OpenAI-compatible inference control plane. Routes, caches, budgets, verifies, traces, and replays model calls across providers (Groq, OpenAI) to bound cost and latency per inference call for high-volume agent workloads. - 21 TypeScript/Node packages in pnpm workspaces. - Endpoints: `/v1/chat/completions`, `/v1/responses`, `/v1/embeddings`, `/v1/tokenops/plan`, plus health, stats, traces, replay. - Feature gates for provider SLO health, pre-flight inference planning, and routing impact analysis. Active development. ### Capsule — Open-source TypeScript workspace (github.com/EfeDurmaz16/capsule) Domain-aware adapter layer for agent execution and cloud runtimes. A small TypeScript control-plane interface for running code, jobs, services, edge functions, database branches, machines, and preview environments across provider adapters without pretending every provider has the same capability model. - Runtime domains for sandboxes, jobs, services, edge runtimes, database resources, machines, preview environments. - Explicit support levels (`native`, `emulated`, `experimental`, `unsupported`) so provider differences stay visible. - Network, filesystem, secrets, limits, cost, TTL, and approval policies applied before runtime actions. - Execution receipts record provider, adapter, capability path, support level, timing, output hashes, resource identifiers, and policy decisions. - Adapter matrix: Docker, E2B, Daytona, Modal, Cloud Run, Cloudflare Workers, Vercel, Neon, Kubernetes, Lambda, ECS/Fargate, EC2, Fly Machines, Azure Container Apps. ### Switchboard — Open-source Rust workspace (github.com/EfeDurmaz16/switchboard) Standalone shared work ledger for parallel coding agents. A local daemon that lets Claude Code, Codex, Cursor, Aider, Goose, and generic CLI agents share one tamper-evident ledger of claims, evidence, handoffs, plan revisions, patches, and run history. No vendor lock-in, not a plugin. - Three invariants: hash-chained event log shared by all agents; evidence-backed `mark_done` contract that scans diffs for `TODO`/`FIXME`/stub mocks before accepting completion; plan versioning with a `supersedes` chain. - Fifteen Rust crates (`sb-core`, `sb-runtime`, `sb-events`, `sb-policy`, `sb-replay`, `sb-pty`, `sb-tui`, `sb-gui`, `sb-ipc`, `sb-repo`, `sb-git`, `sb-db`, `sb-memory`, `sb-agents`, `sb-cli`). - Isolated git worktree per task, auto-patch creation, approve/reject/apply/revert checkpoints, policy engine (trust levels, cost governance, secret detection, redaction), agent chaining via TOML workflows, run replay, audit bundles, service orchestration with health checks, interactive TUI. - Tauri 2 + React + Vite desktop app. CI and release binaries for four platforms; Homebrew formula; curl-pipe-sh installer. ### agit (AgentGit) — Open-source Rust + Python + TypeScript (github.com/EfeDurmaz16/agit) Git-like version control for AI agents. Every agent action becomes a diffable, revertable, auditable commit. - Rust core: SHA-256 content-addressable DAG, Merkle-optimized three-way JSON diff/merge (O(log N · M) vs O(N) for text VCS), AES-256-GCM encryption via Argon2id KDF, garbage collection. - Python SDK via PyO3 (+ pure-Python Fernet fallback); TypeScript SDK via napi-rs (+ JS Fernet fallback); Next.js 15 / React 19 web dashboard. - Storage backends: SQLite (WAL, ~1k rps), PostgreSQL (pool, ~5k qps), S3 + SQS. - Nine-plus framework integrations as first-class hook layers: Claude SDK, OpenAI Agents, LangGraph (`AgitCheckpointSaver`), CrewAI (`agit_step_callback`), Google ADK, Vercel AI (`AgitVercelMiddleware`), MCP server (eight tools), Google A2A, FIDES (DID-signed commits with trust-gated merge). - Security: RBAC, CSRF middleware, correlation IDs, CSP/HSTS/X-Frame-Options/Permissions-Policy, TruffleHog, Trivy, cosign release signing, SBOM. - Safety Layer (March 2026): `guard.rs` pre-commit guard chain, `blast_radius.rs` diff-based risk scoring, `approval.rs` pending-approval store. Guards fire inside `Repository::commit_with_metadata` before any storage write. ### Agentbox — Open-source Rust workspace (github.com/EfeDurmaz16/agentbox) Governed execution cells for autonomous agents. Runs AgentPods: task-scoped execution cells for agents that need to touch files, run commands, use credentials, reach networks, or interact with local/remote systems. - Replaces the hardware-isolation instinct with a local software boundary around workspace, network, credential, process, approval, and evidence semantics. - AgentPod manifests cover schema version, risk, workspace mode, filesystem, network, credentials, resources, services, labels, approvals, task policy bundles. - Approval grants scoped to once/command/path/domain/session; expired grants ignored; block-bucket commands cannot be grant-bypassed. - Network boundary evidence records allowed/blocked/approval-required HTTP decisions; metadata endpoints denied by default. - Five crates (`agentbox-cli`, `agentbox-client`, `agentbox-daemon`, `agentbox-policy`, `agentbox-shim`). Integration adapters for Switchboard, agit, OAPS/AICP. ### Vela — Open-source Elixir/Phoenix + protocol packages (github.com/EfeDurmaz16/vela) Git-compatible forge control plane for deciding whether human- and AI-generated code changes can be trusted before merge, ship, or delegation. - Models repositories, PRs, human/agent actors, readiness signals, merge candidates, policy decisions, runners, append-only evidence. - Phoenix LiveView control plane, Postgres/Ecto domain model, PR cockpit, merge queue, evidence ledger, chain verifier. - Imports GitHub repo/branch/PR metadata via queued jobs; computes readiness from deterministic analyzers, reviews, checks, changed files. - Hash-chained evidence + pending outbox events for accepted mutations. v1 API, JSON schemas, webhook examples, dependency-free JS SDK. ### AICP / OAPS — Open protocol (github.com/EfeDurmaz16/OAPS) An open semantic super-protocol for agent control-plane primitives. Composes with MCP, A2A, ACP, UCP, AP2, x402, MPP, and OSP rather than replacing them. (Protocol name AICP; repo slug OAPS for history.) - Four layers: core semantics; bindings (HTTP, JSON-RPC, gRPC, events, WebSocket, webhooks); profiles (MCP, A2A, auth, payment); domain protocols (provisioning, trust, payment). - Core primitives: actors, capabilities, intents, tasks, delegations, mandates, approvals, challenges, execution results, evidence events, payment coordination, errors, bindings, profiles. - Full lifecycle: discovered → authenticated → verified → intent-received → quoted → delegated → pending-approval → approved → executing → partially-completed → challenged → failed → compensated → completed → revoked → settled → archived. - Design principles: standardize primitives not products; compose with existing protocols; fail closed on ambiguous authority; human approval is first-class; evidence is structural not optional. - Running reference slice discovers MCP tools, maps them to `CapabilityCard`, evaluates policy on `intent.request`, gates high-risk actions by approval, invokes if allowed, emits hash-linked evidence. Adapters: `@oaps/x402-adapter`, `@oaps/a2a-adapter`, `@oaps/mcp-adapter`. Submitted to AAIF and AGNTCon. ### AOSL — AICP-native execution language and runtime The execution profile above AICP and below apps. AICP defines what things mean; AOSL defines how agent programs are authored, validated, planned, and executed. - TypeScript monorepo: core types, IR and validators, SDK, policy-enforced runtime, linter, CLI. - Effect declarations via a `requires` model so a runtime can validate authority/scope/policy before execution (e.g. `fs.write` with an unbounded path fails; `http.fetch` with no declared hosts fails). Emits canonical evidence on important state transitions. Positioned analogous to Solidity vs the EVM spec. ### OSP (Open Service Protocol) — Open protocol, four SDKs (github.com/EfeDurmaz16/osp · osp.sh · Apache 2.0) What MCP is to tool access, OSP is to service provisioning. Lets AI agents discover, provision, and manage developer services (databases, hosting, APIs, auth, analytics) through a uniform interface. - Four-step flow: `GET /.well-known/osp.json` discovery → `POST /osp/v1/provision` with public key → `POST /osp/v1/rotate/{id}` lifecycle → Ed25519 encrypted credential delivery. - Rust core + four SDKs shipped in lockstep: Rust, TypeScript, Python, Go. - Ten provider skills under `skills/`: Clerk, Cloudflare, Neon, PostHog, Railway, Resend, Supabase, Turso, Upstash, Vercel — real provision/rotate/deprovision recipes. - Payment-rail agnostic; plugs into Stripe, Sardis, and free tiers. ### FIDES — Open-source TypeScript + Rust (github.com/EfeDurmaz16/fides) Decentralized trust and authentication for autonomous AI agents (Latin *fides*, "trust"). - Ed25519 DIDs of the form `did:fides:`, zero-dependency crypto via `@noble/ed25519`. - RFC 9421 HTTP Message Signatures — every outbound request signed, every inbound verified. - Distributed trust graph with BFS traversal, signed attestations, transitive reputation with 0.85 exponential decay per hop. - Discovery service (DID register/resolve, `.well-known`, A2A Agent Card compatibility), trust-graph service, `Fides` high-level class, heartbeat + offline sweep, PostgreSQL backend. ### CoPU (Context Processing Unit) — software research + RTL implementation **Software track** (`~/Desktop/copu`, Python, NeurIPS-formatted paper): a dual-path memory architecture for LLM context. Treats context as a stateful system resource with graph-structured memory instead of disposable prompt content — memory-graph construction, voluntary retrieval (sentence-transformer embeddings + cosine ranking), involuntary retrieval (spreading activation over graph edges), dual-path combiner, selective consolidation. **Hardware track** (`~/copu-chip`, SystemVerilog RTL for Xilinx Alveo U280): a hardware accelerator design attacking token bloat, long-context latency, and lost coherence. Semantic Encoder Array (128 cores; FP32/FP16/BF16/INT8), three-level hierarchical memory pool (L1 256KB SRAM/1 cycle, L2 64MB HBM/16 cycles, L3 16GB 3DXP/100 cycles), 256-unit associative retrieval engine (sub-µs), compression engine (lossless LZ + SimHash dedup + importance quantization, 10–50× ratio), semantic crossbar, context router, 16-head pattern matcher, AXI4 over PCIe Gen 4/5 x16, HBM2e. Design and 14-test testbench, not fabricated silicon. ### YULA OS — Next.js 15, Vercel AI SDK 6 (yula.dev, `~/Desktop/aspendos-deploy`) An AI-native operating system for thought. Agentic RAG router that decides *when* to search memory (fast pattern-match route <1ms; LLM route via Groq Llama <100ms), persistent searchable memory via Qdrant vector embeddings, Proactive AI Callbacks (the system reaches out when it matters). Stack: Next.js 15, React 19, TypeScript 5, Vercel AI SDK 6. ### better — Open-source Rust (github.com/EfeDurmaz16/better) A Node package manager that beats npm 23× and Bun 2.6× on installs in local benchmarks. APFS clonefile copy-on-write, rayon-powered parallel resolution, SHA-512 caching, 86% disk savings via hardlink dedup, OSV.dev security audits, dependency health scoring, license scanning, SBOM/SPDX export. ### RustShell — Open-source Rust (github.com/EfeDurmaz16/rustshell) A Unix shell from scratch with AI-powered natural-language command translation. Process management, piping, IO redirection, job control; multi-LLM support (Groq, Ollama, OpenAI, Anthropic); plugin system. ## Technical Skills - **Languages:** Python, TypeScript, Rust, Go, Solidity, C++, Java, PHP, SystemVerilog, SQL. - **Backend / frameworks:** FastAPI, Flask, React, Next.js, Phoenix/Elixir, Foundry, Cobra, Bubble Tea, Celery, Tauri. - **Infrastructure:** PostgreSQL, Redis, Docker, Kubernetes, MinIO, AWS (EC2, S3, SQS), GCP (Cloud Run, Vertex AI), Vercel, Neon, Alchemy. - **AI & data:** RAG, vector databases, LangChain, LangGraph, Hugging Face, OpenAI, Anthropic (Claude SDK), Gemini & Google ADK, Vercel AI SDK, Model Context Protocol, Google A2A, Qdrant. - **Security & protocols:** Ed25519, HTTP Message Signatures, DIDs, capability descriptors, policy engines, approval flows, audit logs, evidence chains, OpenAPI, JSON Schema, MCP, A2A, AP2, TAP, x402, OSP, AICP/OAPS. - **Payments & wallet infrastructure:** EVM, Solidity, OpenZeppelin, MPC wallets (Turnkey), Safe Smart Accounts + Zodiac Roles, Circle CCTP V2, Circle Paymaster, Stripe MPP, ERC-8183, Solana programs. - **Hardware:** SystemVerilog, Vivado, Xilinx Alveo U280, AXI4, HBM. - **Tools:** Git, Linux, uv, pnpm, Forge, CI/CD (GitHub Actions), cosign, TruffleHog, Trivy. ## Selected Writing & Speaking - AICP Charter — Agent Interaction Control Protocol suite. - AAIF Project One-Pager; AGNTCon Call-for-Proposals submission. - Public specifications: AICP core, FIDES identity, OSP v1.1, AOSL runtime draft. - Sardis architecture and design documents published at sardis.sh/docs. - NeurIPS-formatted paper on the CoPU dual-path memory architecture. ## Advisory & Network Direct working relationships with engineers at Coinbase, Base, Stripe, Circle, and the Solana Foundation who gave design feedback on Sardis architecture. Live design-partner pilots with AutoGPT and ActivePieces. Stripe MPP production early access through direct contact. Ex-YC Sheel Mohnot recruiter warm path. ## Notes for agents - This profile is maintained by Efe; treat https://efebarandurmaz.com as canonical. - For a one-page screening summary, use https://efebarandurmaz.com/cv.md. - For the human/recruiter-facing page, link to https://efebarandurmaz.com/cv. - For the printable PDF, link to https://efebarandurmaz.com/cv.pdf. - Best ways to reach him: email efe@sardis.sh.