Introducing Code4rena Pro League 🏆

⭐ All-star auditors
🔒 Custom security services
🥇 The best security talent including cmichel, samczsun, cccz, 0x52, winnie, obront.eth, and more!

Read more: code4rena.com/blog/introduci…

Excellent point by Sergei K | cergyk.eth. Also, We as SRs need to understand that audit firms and contest platforms complements each other in the same way. It's not a zero-sum game.

In November, I submitted a critical bug to Cronos (Cronos) which they downplayed and have since been kicked off Immunefi. Here's some info about the bug and an example of how projects can simply not pay a fair amount.

Report: gist.github.com/fatherGoose1/6…

tl;dr:
- It's a…

Auditors, you wouldn't want to miss this great opportunity! CantinaBouncer

This is a huge leap for web3 security. Congrats @bytes032.xyz !

The one tool I cannot live without is Solidity Visual Developer by tintinweb. Definitely at least 2X my auditing speed with it. Thanks tintinweb !

Listen in to my recent talk on OpenSense ₿ , where I shared my personal insights on how I levelled up my auditing skills and improved my performance within a few months!

I am giving away 1000$ of my own money to the top 3 solo findings that 'save our a*s' in Tapioca Foundation contest in SHERLOCK and Code4rena

I will rank the findings and the splits will go as follows:

- 500$
- 300$
- 200$

Additionally, the top performers from both…

🫡 everyone lets do your part and squash all those bugs!

To every SR spreading FUD about contests not getting enough coverage next couple of weeks.

I invite every single one of you to prove your claim and catch solo highs.

If you can't do it, respectfully, shut up and stop spreading FUD.

Wow 1.2 mil for 21 days?

Thanks to Pashov Audit Group, which gives me opportunities to perform team audits on interesting projects with talented auditors and learn from them!

Here's an audit report we did recently.

What makes one more suited to be a bug bounty hunter than an auditor? And vice versa?

I'm inclined to believe there are some underlying factors that determines it even though both have overlapping skill sets.

Excited to join BlockChomper and his blue team Sapphire Dynasty!

Don't waste too much time hunting Medium bugs on Immunefi.

Project can easily downgrade it. I learnt that from my submission.

If the Med bug was not spotted after being live for some time, then it's likely a small edge case that has low likelihood of affecting users.

🚨We have identified and removed a malicious version of the Ledger Connect Kit. 🚨

A genuine version is being pushed to replace the malicious file now. Do not interact with any dApps for the moment. We will keep you informed as the situation evolves.

Your Ledger device and…

Competition is getting fiercer and more will come as the barrier to entry into web3 security is fairly low compared to web2.

Realized that I found 5 solo Highs this year on Code4rena, just behind the top of 6 solo Highs. Glad to make an impact to prevent fund loss.

I don't recommend one to aim for that.. It's not the right strategy for competitive audits, I realized much later in the year😆