🔥Telegram İfşa

Hack a protocol, negotiate to return 90% of the funds and keep 10% as a "bug bounty". Same as hacking a database of PII and negotiating a "bug bounty" for the deletion of PII. It is literally demanding a ransom payment.

Finished dm course, over 400 hours in total now

Some sparring at the local dojo in Osaka 🇯🇵

planning out a more structured internship intake - security engineers and an internal LLM role, will post more details when it gets finalized

wrote a blog post for this

blog.sigmaprime.io/eigenlayer-sid…

We will be taking on 3-4 security interns this round. 6-8 weeks paid internship. I will be acting as one of the mentors Apply here

270 applications so far, reviewing them this week

We have manually reviewed all the applications and will be sending out 20 interview invites soon. To give an idea of the quality, the people who have made the cut have had 50+ H/M bugs in audit contests, multiple top finishes, private audit portfolio.

interview invites will be going out soon, stay tuned!

M4ML completed

Auditing the response from AI is part of the workflow, it also has the benefit of solidifying your own understanding of the code. For example if there is a complex function: - Let AI explain it. - Verify if the answer is correct. - If there was any hallucination, explain the

verify the output

We have wrapped up the first round interviews The interview had a short technical component which caught some candidates off guard, though I was surprised that some had a hard time despite their impressive backgrounds. Do you think these questions are fair game for every SR to

Nice list! Though this list is intended for dev positions. So I am wondering if people think security folks should also be expected to know all this, or at least the easy questions? Because sometimes SRs learn a new language on the fly during an audit, and rely on their

finished linear algebra

ERC4626 with low nSLOC, so plenty of existing findings to pattern match with, AI has better chance to perform well this type of codebase High rate of false positives ranging from 30%-100%. Therefore AI doesn't replace security engineers as the work becomes judging whether the

took a long time to go through the interview process but it was well worth it, we ended up taking on 6 interns which will be split up into 2 cohorts over the next several months