pashov (@pashovkrum) 's Twitter Profile
pashov

@pashovkrum

Smart contract security audits @PashovAuditGrp

ID: 1546814146385268737

linkhttps://www.pashov.net/ calendar_today12-07-2022 11:10:23

4,4K Tweet

24,24K Followers

1,1K Following

deth (@dethsca) 's Twitter Profile Photo

Around a year ago I started web3sec and it changed my life. My story. I first learned about auditing and the world of web3sec in 2022 from pashov's Bulgarian discord server. At the time I was getting ready to change jobs and I was studying NodeJS hard, preparing a

pashov (@pashovkrum) 's Twitter Profile Photo

I've surpassed $200k worth of angel investments into web3 startups. Company valuation average is ~$60M, might be a bit late to the party on most, but can still go big with some. ~3 years to fully vest all of my tokens, let's see if I lose everything or become a legendary angel✌️

pashov (@pashovkrum) 's Twitter Profile Photo

Looks like a great tech course/hackaton/accelerator related to UniswapV4 Hooks is coming. If I was currently a Solidity dev, I'd put a huge effort to get into this. I bet V4 Hooks will be crazy popular very soon, both for devs and auditors Link👇 atrium.academy/uniswap

Looks like a great tech course/hackaton/accelerator related to UniswapV4 Hooks is coming.

If I was currently a Solidity dev, I'd put a huge effort to get into this. I bet V4 Hooks will be crazy popular very soon, both for devs and auditors

Link👇
atrium.academy/uniswap
pashov (@pashovkrum) 's Twitter Profile Photo

Current stats for active contests on security contest platforms, sorted by monetary rewards size: 1. Cantina - 2 contests, ~$245k 2. Immunefi - 4 contests, ~$240k 3. Sherlock - 3 contests, ~$170k 4. Code4rena - 3 contests, ~$110k 5. Hats - 1 contest, ~$65k (excludes Euler CTF)

pashov (@pashovkrum) 's Twitter Profile Photo

🫡Feels good to be an angel investor and security services provider to BOB 🛬 🇰🇷 Great team, wish them only success and full security🤝

pashov (@pashovkrum) 's Twitter Profile Photo

This might be the best free place to follow crypto investment and funding rounds. Just today over $30M raised in crypto. Almost every crypto project raising funds needs security services✌️ cryptorank.io/funding-rounds

pashov (@pashovkrum) 's Twitter Profile Photo

The more you focus on security research and finding vulnerabilities instead of choosing/arguing severity, the better auditor you'd be. Time is the most scarce resource in web3 security, spend yours wisely - it can make all the difference for you and the protocols you audit✌️

pashov (@pashovkrum) 's Twitter Profile Photo

Not many know this, but I was also the guy who asked in DMs how to be a better security researcher, begging to get mentored. It's the 1st step of the hustle, the secret is to not quit - if people say "ping back in 6 months with your results", you should come back with progress✌️

pashov (@pashovkrum) 's Twitter Profile Photo

Another banger by RareSkills, this time on safe upgradeability in smart contracts OpenZeppelin's Foundry plugin. It explains how & why to use it and all checks that it does. I personally wouldn't write upgradeable contracts without this✌️ rareskills.io/post/openzeppe…

pashov (@pashovkrum) 's Twitter Profile Photo

The serious/big web3 security companies consistently do 20-25 audits per month in 2024. This shows serious demand for security audits. It's an industry on an uptrend, but it's almost all service based - not many products making it yet, so not always a great fit for fundraising.

pashov (@pashovkrum) 's Twitter Profile Photo

Wrote my 15th angel investing check yesterday. First time a company under $10M FDV - possibly because of the market? Investing is a game of beating your personal cognitive biases, making it fun. It's also the rare type of a long-term iterative non-zero sum one, worth playing.

pashov (@pashovkrum) 's Twitter Profile Photo

Solidity compiler version 0.8.27 is out! Looks like we have support for `require(bool, Error)` now even without using via-IR pipeline. Also, "transient" state variables are now a thing✌️

Solidity compiler version 0.8.27 is out!

Looks like we have support for `require(bool, Error)` now even without using via-IR pipeline. Also, "transient" state variables are now a thing✌️
pashov (@pashovkrum) 's Twitter Profile Photo

The question I've been asked more than "how to become a web3 auditor" is "is it too late to become a web3 auditor". Answering as a person who has web3 security 24/7/365 on his mind: you are not just not late, but you are very early. Still, don't waste time - get to it today✌️