loved the Code4rena swag, thanks! cap is my favorite :)

We are proud to have contributed to bringing Starknet's best aggregator to the Scroll network. It was a pleasure working with Fibrous team and we look forward to many more collaborations! 🤝

Our co-founder pessimist identified a medium severity issue in Beanstalk Farms 🍃

just getting started :) crit found — portfolio updated github.com/WardAudits/por…

Second bounty in a row. 🫡 I wouldn't recommend spending time on Stride (stride.zone), they will give the lowest possible reward. Portfolio updated: github.com/WardAudits/por…

Some projects may still want to fork AAVE v2 governance, which is time-tested and reliable. I've found an edge case that doesn’t have much impact but could cause confusion if it happens. (Got permission to open the issue) 👻👻👻 github.com/aave/governanc…

Our team kicked off the year with an outstanding performance, earning bug bounty rewards from three Cosmos ecosystem projects in January, with a few more reports still pending resolution. github.com/WardAudits/por…

Ward is a "W" for our industry. 🏆

I wish it could be counted as points in Island 2, but I reported it before :) Immunefi #ImmunefiIsland2 immunefi.com/s/ss/?severity…

So true, you got yourself a legendary cap of crits. It’s super effective.

Big thanks to Triaging & Whitehat Success teams at Immunefi <3 Immunefi #immunefitribe immunefi.com/s/ss/?severity…

Youngest but definitely far from the last 😎✨ Great job pessimist

Last month, I reported a critical severity vulnerability in a Cosmos SDK-based blockchain project and was awarded a $20,000 bounty. Thanks to WhiteHatMage for the advice on handling communications in private bug bounties.

Since this rant is a roller-coaster of topics, I will divide it into four sections. 1-) How do the best bug bounty hunters deal with problematic project teams? Spoiler: they are mortals like us and can't magically fix anything. I think that by listening/chatting with the best

As I observe the growing use of AI on both the development and security sides -- and therefore the increasing density of low-quality commits or updates -- I become more convinced that if we had liquidity that was truly decentralized at the level of DeFi Summer, we would all got

If the process regarding my three pending bug reports ends badly, I may take a break from bug bounty work -- either until the bull market starts to come back or until the number of AI spammers decreases and project teams start to act more ok towards bug bounty hunters again. This