More Places for web3 audit reports : (Part 1) 1. Veridise - veridise.com/#reports 2. Quantstamp | We’re Hiring! - certificate.quantstamp.com 3. SlowMist github.com/slowmist/Knowl… 4. CertiK - certik.com 5. Secure3 github.com/Secure3Audit #bugbounty #Infosec #Blockchain

Agreed. Keep building, learning, and enjoy the process. Distractions are everywhere

A small group of really smart people are already working in 2030. They will own the future. Here are 28 terms that get you up to speed (starting today):

I'm going to have a heart attack. This is the greatest World Cup game I've ever seen.

One of the hardest things for new auditors is getting your head around a code base. I remember feeling like I was aimlessly jumping in circles. Based on the DMs I've been getting, seems like this is a common experience. Here's the process I now use for every audit...

Hello 2023

Reentrancy alone led to $81.2M stolen in 2022!! How are there still so many basic exploits in the wild? Lack of talent? Negligent protocols? Both? Blockchain Threat Intelligence @DefiyieldSec

🚨🚨 How to get 10x better responses with this secret ChatGPT Prompt Hack 🚨🚨 ✅ It will guarantee to give you better answers in ChatGPT 🧙🏻‍♂️ Follow these 7 steps: 🧵 Thread, Let's dive in

hack first negotiate later #HFNL

Since the @optimismFND contest rewards were announced, a bunch of people have asked me about the logistics of working with Trust. How did we share information? How did we support each other? I've experimented with this a lot so figured it might be useful to share publicly.

BREAKING: Circle $USDC stablecoin falls under $0.90

That's why, in competitive audit contest, it's kind of low benefit to use it, as many are doing it (even the protocol dev before asking to be audited)

1/12 [Interim Update of User Swap Incident] At 4am UTC, our team was alerted to a trade that encountered an unusually low return on the user’s swap. x.com/spreekaway/sta… Our team is working hard to resolve this unfortunate matter. Summarized details below ⬇️

People are saying all kinds of terrible things while being uninformed so allow me to share more details. I've initiated coordination privately with Immunefi officials 3 hours before the white-hack. 90 minutes later, I realized the asset is currently used by the frontend and

thought experiment: how do you responsibly disclose a bug in a smart contract that was either a) deployed anonymously and has no known/reachable devs b) deployed non-anonymously but is immutable and the devs have explicitly stepped back to maintain an arm's length relationship

Failed two escalations in a row. Definitely need to consider my time management when trying to commit in an open audit contest

Keep your eyes open for anything, you never know when your luck knock on your door