The Puffer Finance 🐡 Boost is finished, whitehats are paid, and the leaderboard results are live!

Fantastic job to everyone who participated.

The top three whitehats are:

🥇 Code Sentry | DM For Audit
🥈 0xSmartContractSamurai🥷| DM for Security Audit ⚔️
🥉 0xdeadbeef

See results here:

immunefi.com/bounty/pufferf…

I am back after long break of 1 year. I am loving bug hunting. Excited to see boosted bug bounties on Immunefi .

Just reported a critical bug on Immunefi, but it turned out to be a duplicate. Would have loved to be the first whitehat to uncover it. Nevertheless, let's continue working together to strengthen the security of the DeFi space!.

Just reported an impactful bug on Immunefi. After weeks of unsuccessful hunting, I took a break and approached it with a fresh mind. Thrilled to share that the bug was accepted, and I've received a $20,000 reward! The time invested has truly paid off.

Having worked on both Immunefi and SHERLOCK, I've noticed a difference in approach. Immunefi requires patience to find bugs in stable projects, while at SherlockDefi, finding bugs in new projects is satisfying. Both offer rewarding experiences in #DeFi security.

Just a few days back, I reported a bug on Immunefi , but project team deemed it not an issue. OK. Now project is vanished from immunefi platform. Is it moving to SHERLOCK or Code4rena? This audit should be fascinating to watch. #Security #BugBounty

Here's my top 5 resources to help you become a 10x web3 security researcher:

1. pashov 's auditing repo
2. Posts from pashov
3. Curated resources retweeted by pashov
4. pashov's interviews with Andy Li
5. My DMs with pashov

I'm currently ranked 29th on the SHERLOCK leaderboard . With less than two months since my first participation, I'm very near to be in the top 10% . In just six contests so far, I've achieved the 1st, 2nd, 6th and 9th positions. Looking forward to climbing up the leaderboard

Got another one! It's not about the rank, it's about making the list. SHERLOCK #achievement #Security

I've been caught up with some matters. However, I'm back now and excited to participate in upcoming audit competitions. See you there! #Security #Web3

Sushi's RouteProcessor2 contract has an approval bug; please revoke approval ASAP. We're working with security teams to mitigate the issue.

Challenges in low-quality public audit contests:
- Numerous high/medium findings
- Rewards shared among many due to easily discovered bugs
- Skilled auditors not fairly rewarded when finding elusive bugs
Focus on high-quality projects to ensure greater rewards!

🛡️ Use etherscan.io/tokenapprovalc… to check the allowances granted by your wallet. Easily monitor and revoke unnecessary permissions to keep your assets safe. 🔒

Stay secure with your tokens! 🛡️ Use etherscan.io/tokenapprovalc… to check the allowances granted by your wallet. Easily monitor and revoke unnecessary permissions to keep your assets safe. 🔒

It appears that the
Sushi.com
RouterProcessor2 contract has a bug related to approvals, resulting in over ~1800 ETH for
0xsifu. Look at all txs here
etherscan.io/token/0xc02aaa…
If you've approved this contract: etherscan.io/address/0x044b……, please REVOKE immediately!

Code4rena Wardens have already audited some of the biggest names in the space: ENS, Opensea, zkSync, Blur, AAVE, the list goes on. Who will be next? 👀

Today’s stETH rebase is going to be delayed due to an edge case bug in the off chain oracle code.

There are no funds at risk and all rewards are still going to be accounted for.