Infrastructure Engineering · Nikhil Padala
Fixed-scope audits. Or hours when you need them.
Ex-Gemini SRE. Ex-Akuna Capital crypto infra. Built a TEE enclave signing platform from scratch, a 1,000-test systematic trading engine, and a deployed CFO OS.
Fixed-scope audit
Article 14 Gap Audit
$7,500 · 10 days
Gap analysis across 4 Article 14 control patterns. Written report, remediation roadmap, walkthrough call.
See scope and reserve →Fixed-scope audit
Signing Latency Audit
$5,000 · 7 days
p50/p99 measurement under load. Compared against TEE, CloudHSM, KMS, and colo HSM.
See scope and reserve →Shipped work. May 2026
Fixed-scope audits.
Known scope, fixed price, defined delivery date. No ongoing commitment required. Each audit delivers a written findings report and a 60-minute walkthrough call.
EU AI Act compliance
Article 14 Gap Audit
$7,500 · 10 days
Gap analysis across 4 Article 14 control patterns. Written report, remediation roadmap prioritized by Aug 2 enforcement date.
See scope and reserve →AI agent infrastructure
AI Agent Readiness Assessment
$7,500 · 2 weeks
Human oversight controls, agent authorization, attestation, deterministic safety nets. Article 14 gap analysis if applicable.
See scope and reserve →Signing infrastructure
Signing Latency Audit
$5,000 · 7 days
p50/p99 measurement under load. Compared against TEE, CloudHSM, KMS, and colo HSM baselines.
See scope and reserve →HFT infrastructure
HFT Infrastructure Audit
$10,000 · 2 weeks
Signing latency, NUMA/CPU isolation, kernel config, failover, observability gap analysis. Severity-ranked findings report.
See scope and reserve →Crypto custody
Crypto Custody Architecture Review
$12,000 · 3 weeks
Key lifecycle, HSM/TEE architecture, signing authorization, disaster recovery, attestation. Threat model walkthrough.
See scope and reserve →Not sure which fits?
Free 20-min fit check
Describe the problem. I'll tell you which audit applies, or whether a retainer makes more sense.
Infra failures are not engineering failures.
They're visibility gaps. The team that ships a signing system without a threat model isn't bad at writing code. They're good engineers shipping under pressure, without one person whose only job is to see what breaks before it breaks. When the audit lands, or the incident hits, or a regulator asks for evidence of key management controls, the real cost isn't the retainer you skipped. It's the remediation sprint, the delayed raise, and the customer who quietly goes elsewhere.
The window where fractional works is specific. You're past the founding prototype but you haven't yet hired a VP Eng or a CISO. You have three to fifteen engineers. You're making bets. Which cloud, which key management architecture, which signing library. That will compound for three years. Hiring a full-time technical leader costs $300-500K all-in. Hiring the wrong one costs more.
What you actually need is an experienced person to own the decisions that are too expensive to get wrong, at a scope that matches your current size. That's the job. No equity negotiation, no recruiting pipeline, no six-month onboarding. Week one, we find the highest-severity gap. Week three, we fix it.
Why this engagement is different.
I didn't advise on this. I built it.
I've built a TEE signing platform at 42µs
Most fractional CTOs advise on infrastructure. I've built it. ZeroCopy's AWS Nitro enclave is the reference implementation you'd otherwise hire a 3-month consulting firm to scope and design.
Both sides of the latency gap
Akuna Capital + Gemini Exchange
Prop shop crypto infra at Akuna. Exchange-scale SRE at Gemini. I know what institutional-grade signing looks like because I built and ran it. Not because I read the whitepaper.
AI does the parallel work. I own the judgment calls.
Automated where safe. Human where it matters.
Code review, test generation, dependency scanning, documentation: automated. Architecture, security, anything where being wrong is expensive: that’s mine.
Full-time VP Eng / CISO
$300-500K
per year, fully-loaded
Wrong architecture decision
$200K+
remediation sprint, delayed raise
Three engagement intensities.
Advisory, Fractional CTO, and Embedded. Scope and pricing determined after a scoping call. Most teams start with an audit, then move to Advisory or Fractional.
Work product, not credentials.
Three shipped systems with real operational outcomes.
TEE Infrastructure
ZeroCopy Systems
42µs deterministic signing. 3,095× faster than AWS KMS. AWS Nitro TEE enclave from scratch.
Read case study →Systematic Trading Infra
Quantfund Engine
1,000+ tests. Shadow mode live on production. Kill-switch, kill-chain, Telegram alerts. All wired.
Read case study →How we work.
Five stages, 30 days, one concrete outcome. No discovery theater.
Kickoff
Architecture walkthrough, codebase access, risk register template. We identify the highest-severity gap in the first session.
Infra Audit
Full stack assessment: signing latency, key management, TEE posture, CI/CD, dependency graph. Written report with severity rankings.
First Artifact
One concrete deliverable by day 10. A working PoC, a hardened signing pipeline, or a remediated critical CVE. Proves the engagement works.
Go-Live
The fixed item ships to production. AI-assisted parallel work continues - tests, documentation, runbooks - reviewed and signed off before merge.
30-Day Review
Quantified outcome report. We decide together: extend, expand scope, or hand off cleanly. No lock-in.
On AI orchestration
I run a production orchestration system using Letta and BAML. Agents handle code review against my checklists, test generation from spec, dependency scanning, and documentation drafts. I handle architecture decisions, security-critical paths, and everything where being wrong has real consequences. This is the same boundary I'd hold inside any trading firm: AI accelerates what's safe to accelerate, and humans own the rest.
Questions.
What does "fractional" actually mean day-to-day?
You get a senior engineering leader without the full-time overhead. I join your Slack, attend two or three standups per week, review PRs on critical paths, and own the technical roadmap alongside your founders.
My team is 3 engineers. Are we too small?
That's often the right time. Technical debt and architecture decisions made at 3 engineers follow you to 30. If you're making infra bets that matter. Signing systems, TEE, latency-critical paths. Getting them right early costs a fraction of what rearchitecting later costs.
What industries do you work in?
Crypto exchanges and prop shops (ex-Akuna Capital, ex-Gemini Exchange). AI agent platforms. EU AI Act Article 14 conformity is the forcing function right now. Any team where infra failure has legal or financial consequences: fintech, healthtech, legal tech.
How does AI fit into your engagement?
I run a production AI orchestration system - primarily Letta and BAML - for tasks where AI does well: code review against my own checklists, test generation from spec, dependency vulnerability scanning, documentation drafts, and parallel architecture diagram generation. AI handles the parallel scope work; I handle architecture, judgment calls, security-critical code paths, and anything touching production systems with capital at risk. The throughput gain is real, and so is the discipline around it.
How quickly can you start?
Discovery call this week, contract next week, first artifact in week three. The 30-day onboarding sprint has five stages: Kickoff → Infra Audit → First Artifact → Go-Live → 30-Day Review. By day 30 you have a working system, a risk register, and a roadmap. No six-month ramp.
Tell me what you're dealing with.
Three questions. I read every submission and reply within 24 hours if there's a fit. Or book directly: calendar.app.google/W1CEqo8GsoGtjJX49