Alhamdulillah, i have won the @InfraredFinance contest. Its been a while since my last posted win😅. 2nd consecutive contest and win, is it the rise?. Some stats:.- Time spent: 7 days.- was the only one to find all high severity issues.- Found the only solo in the code. The

RT @0x15_eth: Toxicity is normalized in the web3 sec industry.

Those type of people are really harming the industry, DEVs will opt out of BB and running a contest if it continues the same way, effect on contests has been already seen.

After a lot of thinking, I'm officially open for private audits. What i have achieved?.- 2x🥇, 1x🥈, 1x🥉 and 9x Top 10 finishes.- 34 on cantina all-time leaderboard.- 41 on CodeHawks all-time leaderboard.- 63 on HackenProof all-time leaderboard (through DD). If you are building.

RT @chrisdior777: Hot take on the audit competition industry. Thoughts?. I don’t think it was always like this. Early on there were genuin….

RT @0xT1MOH: @ustas_eth If auditor participates a lot, he becomes treated unfairly in both positive and negative forms.

Taking into considerations what is happening:.- A daily reminder to me that i should mute the noise and keep improving my knowledge stack.

Initially, I didn't believe contract-based audit firms could have auditors who never appear during engagements. Recent feedback From a friend protocol shocked me. I'm not pointing fingers but seeking a consistent market solution. I believe the contract-based auditor model has.

Some Contests Pot/nSLOC is so small that i wouldn't accept it as a private solo auditing offer. New comers really have to chose shadow audit instead from here. faster feedback, and almost no money on both any ways😃. Leverage those times till we get those 100K - >1M xyz.

At this point, i assume that cork protocol had an audit with Out Of Scope part having a bug exploited😕.

RT @Infosec_us_team: ~ Bug bounties are overhyped. Contests and private audits are harder. After 26 web3 bounties in live protocols and 49….

chainLink as a company is kinda always the best contest launcher. - announce very early to get in some good auditors schedule .- always $/nSLOC is at skyrocket position.- duration of the contest itself is overly long (and this is controversial one tho)

so it was a frozen heart one?. CC (. Long but simple video about the idea remember, knowing the idea != finding an exploitation. so for sure, impressive work by our sloth

not really trying to get involved, but i have been remembering this exact part and die in laughing. its really next level bully, why not just close the report in piece?😂

so, deal() in foundry sets the balance of the address not increasing it. Meaning that old balances are overridden by the new value passed to it. while being an easy information, me confusing it cost me alot of times debugging a valid bug reverting on PoC🥲.

today, almost every protocol has external protocol integrations, you just setup your failure if you are this guy

RT @0xHuntoor: @T0__Socrates Most of the time you would be lacking the bigger picture like:.- protocols integrating with a dex (you would n….

Infra contests generally have low participation (we are early on it). would be really good opportunity to force yourself learning cosmos-SDK and try to snag that LSW.

Sadly, alot of auditors don't understand that lost opportunities are wins in other ways. During a contest, i was discussing a very small scope private audit that would be done during the last days of the contest, we didn't come to agreement and i went back to the contest.