It feels like my daily updates are just filling up my X page. Because of this I will switch to weekly updates and try to post something more useful during the week.

My first top-5 finish on Cantina 🪐!

I got my first valid bug bounty report on HackenProof! I actually only wanted to try bug hunting for a bit and then switch back to competitions. But I think I'll give it another shot now.

Weekly Update I continued bug hunting for a few days, but then I found the Somnia contest really interesting, so now I’m working on that. I’m currently reviewing the execution logic, and it’s fascinating to see the EVM internals.

Great article! Especially, first understanding broadly how the different parts of the node work together helped me. One tip from me is to draw a diagram of the most important parts and how they connect, then you don’t have to keep everything in your head.

One thing that helped me gain a better understanding of the node I am currently auditing was going through the bootstrap process. This way, you can see all the components of the node and get a better overview, which makes it easier to navigate such a large codebase.

Weekly Update I continued working on the Somnia contest, focusing on getting an overall view of the node and diving deeper into the consensus. I also participated in a private audit for two days.

Weekly Update I continued with the Somnia contest and my deep dive into the consensus. At first I still struggled with it, but now I’ve understood it quite well. I also discovered a bug and created a POC, which took a lot of time.

As an auditor, it is always important to learn about new attack vectors in order to find bugs. The Immunefi reports from mainnet competitions are an excellent resource for studying blockchain bugs, especially the Movement and Shardeum competitions: reports.immunefi.com