A very awaited personal win at the @UniswapFND contest on @code4rena. It was a tough codebase of one of the best DeFi protocols. I am glad I managed to secure my place at the top positions.🙏

One very important factor for being successful as a security researcher is starting every audit with a spark - the mindset of "I’m going to crush this and find all the bugs." I start almost all of my audits with that thought, and the results have been amazing. You have to be

Certora Champions 🦸‍♂️ Spotlighting the brilliant researchers who keep DeFi safe. This time: @0xlemonaudits Currently studying Informatics in Bulgaria, 0xlemon has already help secure @ether_fi, Chainlink, Unistaker & Usual ETH0.

Hadn’t participated in a contest in nearly 4 months, but felt the urge to jump back in. Pretty happy with the result!🔥

It’s officially been 2 years since I entered the Web3 space. Back then, I didn’t even know what a smart contract was or how Solidity looked. It’s been a journey full of ups and downs.📈 There were many days, countless, where I felt I wasn't good enough. Many and many failed

I used to be stuck in audits. Every contest, I found only basic, highly duplicated bugs. I asked top researchers what I was doing wrong They all said: Be patient. With experience, you get better They were right. It’s frustrating early on, but trust the process — I’ve been there

To demonstrate @burraSec's expertise, we’re offering a free full-day security review/consultation for projects integrating with LayerZero or Arbitrum—whether you’re already deployed or still in development. We’ll thoroughly review: LayerZero: Configuration (DVNs, Executor, and

Glad I could provide additional value through the mitigation review for @bakerfi_ . Found 1 vulnerability that was introduced by a fix and another one that was missed in the original audit.🫡

I’m incredibly happy to announce that I will be joining the great team at @CertoraInc as a Security Researcher! I’ve mostly done public contests solo until now, but it’s time to work with some of the best experts in the industry. Super excited for this🚀

A lot of people do shadow audits to improve, but I can never fully focus on them. Without real incentives, you don’t push yourself to perform at your best. My advice? Skip shadow audits and jump into real contests - you’ll level up way faster🚀

Just updated my portfolio with my best performing contests. You can check it out -

First invitational contest 🫡

Many people are putting many hours daily to become better SRs however it is very important that this time is spent wisely and as efficiently as possible. Remember, you get payed for the bugs you find, not for the time you stare at the screen with no thought.🧠

Trying to break a codebase from a reputable dev team can feel intimidating - you might think, "They’re too good; there can’t be any bugs" But that mindset is wrong. Always assume bugs exist, or someone else will find them while you’re second-guessing.🕵️‍♀️

Do you guys consider the Chainlink-related issues (e.g. missing stale price check, missing min/max answer check) low or medium severity?🤔

Diving into big, complex codebases gives you so much more knowledge. It’s tough at first, but once you understand them, it's the best feeling ever🔥 I’ve been guilty of focusing only on small, simple codebases, but I realized I was missing out on a lot📚

Diving into big, complex codebases gives you so much more knowledge. It’s tough at first, but once you understand them, it's the best feeling ever🔥 I’ve been guilty of focusing only on small, simple codebases, but I realized I was missing out on a lot📚

One of the most crucial skills for a security researcher is the ability to effectively defend their findings. Every contest I participate in reinforces just how essential this is🛡️

Just went to the bank because my card was blocked for some reason. Had to wait there, sign like a thousand documents just because the bank decided to change their payment network. This again reminded me why crypto is wayyy better and why we are all grinding to make it even better

Most of the money in audit contests is made at the end of the audit when you've reviewed everything and you think you''ve caught all the vulnerabilities. Then you do another review and experiment with the deep knowledge that you have of the protocol and then ... 💥BOOOM.