bock

An audit → launch → hope nothing breaks. That’s not how security works. Security is a continuous process, not an event. At @Fidesiumapp we’re building tools for: * manual audits * automated analysis * autonomous protocol protection The future of Web3 security.

Interesting. Right now I would have to say it still depends on the SR. The AI models are coming along, but there is still a skillset around getting the most out of whatever AI model you are using. So not necessarily SR skills but AI model using skills. So yeah, put in the work.

Security Researcher + AI >= Security Researcher But is AI >= Security Researcher? You'd say "depends on the SR". What if it "depends on the AI"? Few are executing right currently, make sure you fully utilise the new technologies - put in the work🫡

UK karaoke takeover night in Cannes @SuperteamUK

Cannes rooftops = best rooftops.

Excited for the @arbitrum side event starting in 10 minutes.

Huge thanks to @Starknet & the Foundation for the amazing events at #EthCC Stark Café, the party, and all the great side sessions were top-tier! With the BTC bridge live, Starknet is an exciting playground for smart contract security research. Cairo + STARK proofs securing real BTC value.

@czamaru HaPpEr tOoTiE!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Turning 42 this week 🕯️ Celebrating a life well-lived over some vintage wine, in vintage cars

❤️🎥 Thank you to everyone that attended the first screening of Lights in Dark Room at @EthCC We are so grateful for your commitment to spread awareness about scam compounds and human trafficking. Together we have raised $5000 for NGO’s and Activists! Details below 👇

@Ricburton Are these April Fool's numbers?

Anthropic Mythos Benchmarks 🤯

Traditional automation still outperforms pure AI in smart contract vulnerability detection. Longer to build, but quicker to use. Why? Static analysis, AST-based tools, and mature fuzzing deliver deterministic, reproducible results with far lower false positives and no hallucinations. They provide precise data-flow, control-flow, and gas-aware insights that scale reliably on massive codebases. AI agents are fast at pattern matching, but they struggle with novel logic flaws, state complexity, and context limits. Smart auditors combine both, still not willing to bet millions on AI alone.

An interesting chat at the Clawbot side event yesterday. How should bug bounty sites manage the influx of AI slop from contributers. HakenProof had some very cool insights, they being on the front lines of fighting this particular problem.

At the Stark Cafe and another great conversation about how agentic AI is transforming smart contract security in Web3. Some great examples on how autonomous agents can now detect complex vulnerabilities like reentrancy & unbounded arrays possibly catching exploits worth millions before they hit mainnet. The downside? They can still hallucinate false positives or miss novel zero-days that human auditors spot intuitively. Wasting dev cycles chasing incorrect findings. Hybrid human+automation = workflow wins.

Interesting to see opinions on AI split a bit more this EthCC. From solution to force multiplier. A much more nuanced set of conversations now that the fever has died from the hype a bit. We may yet make it.

I mean if you are going to have to network anyway....

The Hakenproof talk at the Clawbot side event was a knowledge dump of epic proportion.

What a wonderful day for a game of touchbutt at EthCC @pashov

First event at @EthCC the @tezos event. Nice vibe.

@pashov Why not both?

Who will win in web3???

@pashov Only 2 audits going right now so plenty of time for touchbutt!

6 security audits ongoing, starting 2 more tomorrow somebody has to hold the wall while yall play touchbutt in Cannes

Londonmaxing It is currently snowing in South London.

Excited to announce that @Fidesiumapp will be attending EthCC[9] in Cannes! March 30 – April 2 at the Palais des Festivals. DM us, let's talk code, audits, and keeping things safe at scale. See you on the French Riviera!