Welcome to this edition of Coffee with Calyptus! Today, we’re chatting with Noah Passalacqua, a Fullstack Blockchain Engineer prev. at Transak. From developing decentralized KYC tools to ensuring secure DeFi protocols, Noah shares his journey in blockchain, insights on overcoming adoption barriers, and the importance of designing user-friendly systems for the masses. Dive in to explore his expert advice for navigating the world of blockchain!
You've worked on a range of Web3 projects from decentralized ID to DeFi. What first drew you to blockchain, and what keeps you passionate about it?
I first got into crypto in early 2017 when an old business partner of mine approached me about starting a crypto hedge fund. At the time, I didn’t know much about Bitcoin, Ethereum, or even what a blockchain was. But the idea that we could create a transparent, decentralized financial system really intrigued me. The possibility of building something that could disrupt traditional finance was exciting, and that sense of potential is still what drives me today. Every time I dive deeper into the space, I learn something new and exciting, and I think that sense of constant discovery is what keeps me passionate about blockchain.
In your recent role, you helped build decentralized KYC tools. Given the tension in Web3 between user anonymity and data ownership—especially with KYC requirements—what were the toughest challenges in creating secure, reusable IDs?
One of the biggest challenges in building decentralized KYC tools is dealing with the "chicken and egg" problem. The technology for self-sovereign identities (SSIs) exists and is largely ready to be used, but the real hurdle is getting third-party organizations to adopt it. There’s a lot of regulatory uncertainty, and the user base that owns these DID credentials is still relatively small, which makes integration a tough sell. On top of that, educating both users and institutions about the importance of new concepts like Decentralized IDs and how to use them properly adds another layer of complexity. But I think these challenges are part of what makes the space so exciting—once we overcome them, the potential for true data ownership and privacy is huge.
You’ve led teams working on both front-end and back-end in Web3. How do you stay up-to-date with new tech across different areas, and what’s your approach to leading teams in such a fast-paced industry?
Staying up-to-date with the rapid pace of change in the Web3 space can definitely feel like drinking from a firehose! I’ve found that the best way to keep up is to immerse myself in the community—whether that’s listening to podcasts, reading articles, or attending meetups and conferences. I also have a great network of friends who are Web3 developers, so we often swap ideas and discuss the latest tech stacks. Social media platforms like X (formerly Twitter) and Farcaster are great for staying informed, and I also subscribe to newsletters from key companies to get regular updates.
That said, in such a fast-paced industry, it’s important to have a community or network to share knowledge with. When I was leading teams, I encouraged everyone to stay engaged and share interesting discoveries. We’d often focus on the technologies that seemed the most promising and useful for improving our workflow, and that collaborative spirit helped us stay ahead of the curve.
You’ve built and upgraded key protocols. What’s your advice on creating secure, reliable smart contracts, especially for DeFi?
When you’re working with blockchains, one thing is certain: everything is public and, for the most part, permanent. That makes it crucial to ensure that your processes for deploying and interacting with smart contracts are just as secure as the contracts themselves. Over the years, the smart contract auditing space has matured, with new firms offering bug bounty programs and competition-based audits that help identify vulnerabilities before and after deployment.
Even with a well-audited protocol, there are always potential attack vectors—some creative hacks can even come from the frontend, like hijacking a Cloudflare API key or injecting false data into a protocol upgrade via tools like Gnosis Safe UI and hardware wallets. My advice to developers is simple: audit everything. Don’t just settle for one audit—get several, because different auditors may catch different issues. Beyond that, always use hardware-backed wallets, implement Timelocks for contract upgrades, and make sure your contracts are owned by a Safe or multi-signature setup, never by an externally owned account (EOA). In Web3, security isn’t a one-time effort—it’s an ongoing process of vigilance.
What do you think are the biggest barriers keeping Web3 from mainstream adoption, and how can developers help make blockchain easier for people to use?
Right now, the biggest barrier to Web3 adoption is education. For most people outside the tech world, blockchain is still a complex and abstract concept. While many technologies have become more user-friendly over the years, blockchain is still relatively new and constantly evolving. This makes it harder for people to grasp its significance, especially when the user experience isn’t as intuitive as traditional tech.
That said, I think we’re making progress. The more developers and engineers enter the space, the more improvements we see in terms of usability and adoption. A key focus for us as an industry should be improving UX design to make blockchain applications as easy to use as possible—so easy, in fact, that users don’t even need to think about the underlying technology. My personal goal is to help grow the industry to a point where everyone can use blockchain seamlessly, and while we still have a long way to go, I’m confident that we’re heading in the right direction.
Solidity Challenge 🕵️♂️
Would you delete an element from an array like this? Why?
Jobs 💼
We have over 200 roles on our platform from companies like Aave, Aragon, Balancer, Gnosis, etc. Check out a select few below:
Senior DevRel Engineer - remote, US timezones, fulltime - $150-270k
Fullstack Engineer - remote, US/Canada, fulltime - $150-175k
Senior System/DevOps Engineer - remote, US based, fulltime - $120-220k
Growth Marketing Manager - remote, GMT 0-7, fulltime - $80-150k
Solidity Challenge Answer ✅
Answer: No, deletion will leave an empty space. Length will not reflect the decrease in length caused by deletion.
