🛡️mechanical engineer turned to smart contract security researcher | helping to secure billion of dollars | 60+ vulnerability in public contest | I like NFTs
Land 7th place in
@chainlink
contest on
@CodeHawks
.
Happy to get the only valid medium of the contest and contribute to one of the backbones of crypto🙏
This is my second 5 digit payout 💵 of this year and hope many more to come, Now it's time to work even harder.
(1/10) To prepare for
@Uniswap
contest on
@cantinaxyz
, i went to all 142 uniswap v3
@solodit
issues related and i abstract everything for you guys.
You probably haven't seen anything like this so bookmark and retweet.
I did my first contest on
@cantinaxyz
, get a 5 digits payout.
I did my first contest on
@CodeHawks
, get a 5 digits payout.
I did 26 audit on
@code4rena
, barely my can get 4 digits payout sometimes.
Is it because
@code4rena
is the more competitive platform or just luck?
Is that true that
@mindfolkART
have one of the best arts and strong community in Solana space?? Follow all my
@mindfolkART
crows, the future is bright.
You so early to create wealth.
#ChopChop
I stated taking serious coding one year ago, studyng Web3, react and smart contract development. 4 month ago I stated in auditing for a recommendation of a good friend, now I'm getting my first 4 digits payout in my 5 contest, thanks
@code4rena
Study paid offf
If you are just starting in web3 sec, you have to understand that I'm 1.5 years ahead of you.
Don't get discouraged just keep studying and working everyday as much as you can, you going to thank me 1.5 years forward.
Finally I can afford an tridemensional
@FamousFoxFed
waiting for a so long time, even I thought that was gonna be impossible, now I'm holder of TFP
I want to see how strong is this community.
I get 7 valid findings in noya contest on
@code4rena
.
Also finally I reach 40+ vuln in public contest.
It's being a long way but all the efforts are giving some results.
Last two months was pretty sick in my web3 security carreer:
* 2 payouts of 4 digits.
* My first payout of 5 digits.
* 2 top 4 places in contest.
Today i receive my first payout of this mont and was 20 bucks xd
Solid reward in
@Wise_Lending
on
@code4rena
I couldn't put to much time in this one,I was so busy in my busines allowing me put just 2-3 hours at day in this contest.
Still pretty Happy with the payout.
I just added one more
@mindfolkART
don't lose your fate we passing a low Volume Nft Solana one month back we see a lot good projects doing his ath, now is the moment no grap some bluechips, or projects that will be Bluechip
I just read the whole 32 day solana course by
@RareSkills_io
I just read the whole thing never open an IDE, read all the text and the code (rust) and the test (Javascript/typescript).
I just did it for fun
After one week of doing
@immunefi
those are things that i would want i to know before I started (a thread 🧵)
(1/6) When working with forks you may encounter the next error:
"EvmError: NotActivated"
I just grap my third one, I'm so bullish in
@mindfolkART
one of the best art in whole NFT space. I have full conviction in this project, a big dao. The best PFP in the Solana space
Working 10-12 hours a day in my own construction small company, get home and spend the rest of my day studying and auditing until my brain is totally exhausted, I could manage to get 1 high and 1 medium in
@chainlink
contest on
@code4rena
NO EXCUSES
Keep adding more ducks to my collection I feel so
@LunaticsCNFT
since I bought my first duck, this art is pretty cool and I don't know but that black wings and the glasses looks pretty cool
#CardanoADA
#Quack
#Lunatics
I did this contest, spent 21 days auditing the codebase, when submitting my findings my mind trick me, thoughts disguised as laziness.
WORK ON YOUR REPORTS, I got this dup that was not valid for the qualities of my report.
Learn from the other mistakes.
🏆 The results of the $187,500 Reserve Core competitive audit are in!
Big congrats to everyone who submitted valid findings, especially to...
→ Team RadiantLabs (
@0xEV_om
,
@3DOCsec
) for earning >$92k in winnings, plus top hunter, gatherer, AND best QA report
→ The FOUR
The plus of doing the
@Uniswap
contest in
@cantinaxyz
is not only the pot, you open the possibilities to tons of projects that are going to build on top of uniswap v4.
After one year of grinding everyday, I didn't miss one day, I know that this is not too much but it's honest work.
Finally my first top 5 in
@CoinbaseWallet
audit on
@code4rena
.
Land 7th place in
@chainlink
contest on
@CodeHawks
.
Happy to get the only valid medium of the contest and contribute to one of the backbones of crypto🙏
This is my second 5 digit payout 💵 of this year and hope many more to come, Now it's time to work even harder.
Very proud to submit my first gas Optimization, and medium severity (hopefully is valid ) in
@code4rena
along journey devoring a lot medium articles, hours and hours everyday, and still I got to much for learn
Wow what a great day to be security researcher. premarket is currently in 0.66. that means that this airdrop will be more than 10k.
Thanks so much to
@zksync
@code4rena
Let's do my first thread 🧵, I got couple days thinking in how would be the world if it was working on Blockchain (talking about storage information and economics). (1/11)
If you are doing
@arbitrum
bold contest on
@code4rena
, i recommend you to go through this article issued by
@VitalikButerin
.
It explain the different layer two scaling solution, how rollups work, and the work that have to be made it.
My 4 audits on
@code4rena
I just starting to understand whole protocols and able to get some low-medium vulnerabilities and somes gas Optimization, each auditory it's giving me much to learn, serious question how many time take becoming an auditor?
Waiting a lot for mutation
@SimiansNFT
one of my favorite project in the nft space, the MOST UNDERVALUED PROJECT that I have been able to see , just much love, THANKS
Work on your reports.
Work on your reports.
Work on your reports.
It does not matter spend 30 days in an audit if the last 5 days submitting your issues you do a mediocre work.
Your mind always want to trick you, don't be lazy, DO YOUR FUCKING WORK.
reminder to myself.
Four valid findings (1H/3M) on size contest on
@code4rena
for a $20 payout.
Two of my findings that was already marked as high in other contest was invalidate in this one, reason why? Idk, judge does not event response all my QA comments.
The only thing to do is keep grinding.
Last year I didn't know nothing about solidity.
- Not technically background.
- Not much time available to study or audit(I currently have a remodeling business).
-Still manage to earn 2.5 k .
- 7 high, 7 medium.
@code4rena
is the only platform that pay you just for study.
It's incredible how
@ProgrammerSmart
do so well with this diamond of content, sometime you are struggling with some concepts like Acces controls, governanz, reveal and commit, multisig wallets, DEXES, flash loans. This channel teach you in the best way how t works
@SolidityScan
Clearly basic reentrancy attack keep the balance in a memory variable then update the state and then send the money.
Also the first require statement it's bad formulated it should be > instead of <
Awesome Alpha Launch!
@ADANinjaz
The game is really fun and intense. So much potential! Congrats to the team!
We DAISUKE will win the Clan War! just sayin ;)
#Gamefi
#CNFT
#NFT
#NFTgaming
100% of royalties go into the
#DaoMind
#TheRenaissance
Only 7% listed on a 10k collection
and we haven't even started yet 💎🙌
Do your math følks !
@mindfolkART
Come and participate in the creation of the most valuable DAO on
#Solana
👉 🪵🪓
My Mondays are not boring any more, my weekend are not more exciting than the rest of the days, All my days are the same of exciting, all my days are weekends for me.
Thanks web3 security for gave me that kind of freedom
The best thing to Audit contest upgrades like
@reserveprotocol
on
@code4rena
, or like cppi contest on
@CodeHawks
is that you can audit and hunt on
@immunefi
at the same time.
This upgrades still conserve a lot of the onchain code which make easy to switch in between version.
@trust__90
It's gonna be more centralize when big companys, big banks and even government start developing their smart contract, but it's gonna be fun anyway
Hey
@code4rena
how people who has not any rental documents can pass the KYC by provenance, the only thing that I have is my bill phone and bank statements and those are not acceptable.
@JP_Courses
Another vulnerability that I see is that you putting the price of the NFT as a input in the function and it's compared for the msg.value, so you are buying a NFT and you are deciding the price, at least that the function was a private but anyway there are lot mistake like this
@KoolexC
@immunefi
It happen to me that a project said that was a duplicate and already know, after two days, they made a new commit, acknowledging the issue in the code, i made and scalations but the
@immunefi
team said that show some proof, (i never saw that proof)
I don't think conditional pot is a bad practice.
If you going with the mentality that "if there is no bug then is not worth it". Then you will do nothing.
Be the man that go with the mentality that you are going to find all the bugs even is hard and strong audited codebase.
If you are planning to join UniswapV4 contest on Cantina, you should read this.
UniSwap Foundation had a contest on Code4rena before for their Staking Contract, I managed to secure the 2nd position in it, but the judging process involved a lot of things.
The contest was
@AlleyKatzCNFT
are calling the attention from the whole NFT word crossing borders, I thought that this is new even in whole crypto space, this the beginning of the multichain NFTs. There is something big here. Don't lose the opportunity to create wealth.
YOU SO EARLY
@PaladinCharles
I started in code4arena like completely beginner (I knew just some common attack vectors), 4-5 month later I submit for dopex contest 1 critical with proof of concept in foundry an bunch of medium some of them about logic errors and the other more general
@gjaldon
@code4rena
@sherlockdefi
The true is that nothing is easy, when I enter I didn't know the dimension of all that you need to learn now I have more than 4 months studying almost 4-5 hours at day. The more I study, the more I realize what I'm missing. Its a long process but if is your passion you gonna make
I was studying between yesterday and today aprox 6 hours studying this blog and taking notes of it, really good contact and understand it a lot real problem that you need to look up,
Thanks a lot
@DevDacian
let's talk about the future of web3 Imagine create a token that represents a physical asset, Now the physical object is keep it in store and put it in and just the owner can access to the vault just scanning the QR this is the future that I want