The Aragon.eth 🦅 team has experimented the full "StErMi experience package"😁 Can't wait to work with them on the next project! x.com/StErMi/status/…

Writing is really hard 😭

I'm thinking about removing the whole severity categorization from my reviews. It makes sense just for "marketing" or for contest/bounties. In private security reviews I think that it's pointless. A finding can just be in two category: - must be fixed: the client must address

I find the OZ ERC4626 `max*` behavior incoherent. The `maxRedeem` returns the user's balance but `maxDeposit` returns INF and not `min(userUnderlyingBalance, userAllowanceToVault)` Should have they implemented it in that way? Is there a reason to avoid that?

it seems that Bartender 6 with macos tahoe 26 is a mess. Buggy as hell and it mostly never works. Do you have any alternatives?

Does Claude (vscode/cursor plugin) remember past conversations for the same project? It seems almost that it does not. Am I wrong or do I miss some config?

Am I crazy or are projects lately using more and more Hardhat compared to Foundry?

Ok I'm quite sure that CC is slowly degrading with the latest versions. And I really wish they could remember what they have done in the past. Plan mode is useless if I always need to repeat over and over why it's wrong.

I'm ashamed to share the Immunefi points I received😁 But you can't do everything and I had to give priority to my private client's reviews and my Spearbit work. I think that it's where I shine the most and give me pure enjoyment. Maybe next year, who knows!

Google should really burn down the Google Cloud Console and start from scratch. I just want something like OpenAI where I top up with X euro credits and call it a day. It's impossible to navigate that UI, and I'm quite sure they want my CC for "infinite allowance".

Building AI agents for Web3 security review is both frustrating and fun at the same time. At least you never get bored 😄

I need a contest or a security report with the following requirements - report must be public - foundry support - non trivial - has no external dependencies/integration or at most they must be as part of local dependencies (but better if none) I need to have a base testbench

I'm doing a security review and I can't really see how an AI agent could do what I'm doing right now. It would probably crash badly or explode. I really would love to see what would be the result of running it and compare it with what I'm discovering.

A couple of days ago a client said to me "I know that you ask a lot of questions [...]" I think that my approach could be seen by some clients as "overwhelming" but I also think that, as a client, you should be much more preoccupied by the level of interest and quality if the

Nice to see that three of the authors of "Mastering Ethereum: 2nd Edition" are Italians 🇮🇹