What does `uint256 x = (a ? 1 : 0) << 8;` evaluate to if `a` is `true`?

If you are stuck and unable to find any issues in a codebase, the following checklist can definitely give you some direction to think towards: github.com/transmissions1…

I've been in the Web3 security space for almost 2 years. Here are 4 easy steps on how to successfully not become a Web3 security researcher: 1- Skip the basics: Why bother with fundamentals? Dive straight into auditing protocols! Practice matters!!! 2- Twitter > Learning: Spend

If you are struggling to start with auditing, here is a great article from Pyro that I personally follow from the beginning. Must read 🫡 mirror.xyz/0x3b.eth/9W5vh…

Sent these podcast to a friend who is learning web3 security, better check them out if you haven't already peakbolt - youtube.com/watch?v=5I-MP6… MiloTruck - youtube.com/watch?v=DySpPB… sorryNotsorry - youtube.com/watch?v=nr13lT… dravee.eth - youtube.com/watch?v=kORcOh…

Known attacks from ETH and How they carry over to Solana + auditing methodology 🤔 🦀 Check this out - Solend Auditing Workshop 👇 Link:docs.google.com/presentation/d…

One of the best contract diff tools that I found lately. You can quickly and easy check contracts on different chains and see the changes. contract-diff.swiss-knife.xyz/?contractOld=0…

Solana Security Workshop 🦀🫡 By learning how to find and exploit different types of issues, you'll be able to write more secure contracts as you'll know what to watch out for. workshop.neodyme.io/workshop.html

My first Web3 article is live! 🚀 I wrote about 10 must-know DeFi projects that every Solidity developer, auditor, and crypto enthusiast should understand. Perfect for anyone looking to level up their Web3 knowledge! medium.com/@cdsecbg/top-1…

While auditing, ask yourself the following questions when you encounter a for loop: 👇👇👇 1 - What if I pass an empty Array? 2 - What if I pass the duplicate item to the Array? 3 - what if I pass the default value to the array

#cantinapectra

What would you do with $16,000,000? Today, Usual is announcing the largest bug bounty in the history of the world: A $16,000,000 reward for discovering a single critical vulnerability in Usual's codebase. Hosted on Sherlock, in partnership with Nexus Mutual.

This is still one of the most fun places to study bugs. If you ever find yourself bored, just roll a few findings and study them in depth. Use it instead of any mindless scrolling social media apps and you'll improve much quicker. onebugperday.com

Why Sherlock currently has no active contests? It's not an easy post to write, but our dedicated Sherlock community deserves to know. 1. Collaborative audits are increasing > With Blackthorn, we've been doing more and more collaborative audits. > Sherlock's business grows

Our brain is such a lazy ass Once you realize that all those persuasive thoughts telling you to stop, you’re tired, you’ve done enough, just check your phone for a sec, are just your lazy brain trying to take the easy way out… you’ll level up like x10 When you feel like you

Ngl SHERLOCK needs to remove that threshold rule. So many SRs including mine have their legitimate payout funds stuck there. I really dont see the need for it. Offer a service and get paid. That's how its meant to be. I dont see any reason to gate the SR's payment. The

🚨Ethereum Developers: you can now install your first AI Auditor in 1 minute - fully autonomous, available 24/7, with multiple sub-agent helpers. Open Source. FREE to use (with your AI model) and already finding vulnerabilities in smart contracts. Link below🫡

x.com/i/article/2037…

x.com/i/article/2038…