count-sum

@pashov @cvetanovv0 🔥🔥

More than a year ago. Some killer security researchers came out of this internship. Many got hired in big companies with good salaries - very welcome. If another internship cohort sounds interesting, do comment below - let's see if there are people that would want this

My mind feels great after learning something new, almost forgot the feeling. 🧠 🤯

It's been a while, I know. But we're back!

@0xKaden Love this!! thank you!

✨Introducing evmresearch✨✨ A knowledge graph of nearly everything I've learned about the EVM in the past six years The graph structure emulates the brain, exponentiating research speeds for both humans and agents evmresearch.io

@windhustler Great take! Couldn't agree more.

How to thrive as a web3 security researcher in the age of AI - Tip 1 Mindset The world is full of pessimists. If you're fixated on the worst outcome, you're setting yourself up for failure. With every major technological shift, productivity goes up and new opportunities open. AI is no different. If you're wondering whether this is a good time to enter web3 security, there has never been a better time. What we're going to see in the coming years is a massive surge in projects building on the blockchain. Developer and product launch capabilities will at least double with AI, best case 10x. The crypto industry will likely 10x alongside it. That's 100x more apps being built. For every lending & borrowing market today, there will be 100 more. For every chain launching now, expect 100x more. Even if AI finds 95% of the bugs, you still need 100% bug-free project before launch. It will never be socially acceptable, let alone sufficient, to ship a project audited only by AI. That last 5% is where the exploits live. So prepare for abundance. Today is the best day to start your journey as a web3 security researcher.

@only01Essential @HackenProof Amazing! Well done!

Just earned 15k for a valid Critical bug on @HackenProof #hackenproofed #bugbounty

@pashov Incredible! 🤯

🤯A Security Researcher just got paid $3,000,000 for a single smart contract security vulnerability. Biggest payout we've seen in 3+ years. This certainly was a HUGE hack prevented. BIG win for the whole web3 community, props to the whitehat, Immunefi & the project itself🫡

@KannAudits Applied

We’re hiring Security Researcher Interns for Kann Audits! Interns will be paid weekly and should know at least one of Solidity, Rust, or Move. We’re looking for highly motivated hustlers eager to grow. Given how hard it is for new talent to get recognized, we’re launching our first official internship program to help interns build real portfolios, collaborate with others, and level up their skills. Apply here:docs.google.com/forms/d/e/1FAI… After applying, comment ‘Applied!’ below 👇

@yeahChibyke They are paying for queries in order to increase adoption on Glider imho

Started learning how to use Remedy's Glider today. Exciting stuff, but I am a bit lost on what exactly it is. Is it a tool to help in bug bounty hunting? If so, why exactly is Remedy paying for queries? I will appreciate anyone who has used it to help me with some clarification.

@yeahChibyke I think the general idea is that when you find a particular bug, you then use Glider to find the same bug in other contracts, and therefore increase your potential payout.

Profound words of wisdom from Alan Watts. "One day you'll realize you've already lived through some of the best days of your life and you didn't even know it at the time." "You were too busy chasing what's next, busy worrying about what's missing. Thinking happiness was something you'd arrive at one day." "But while you were waiting you were laughing with people who won't always be around. You were making memories in places you'll one day drive past and feel something you can't explain. You were standing in moments that didn't feel like the good old days until they were gone." "So stop waiting for life to start. You're already living it."

@PashovAuditGrp Expecting to see lots of alpha shared here 🔥

🚨JUST IN: Pashov Audit Group🤝Discord Welcome to our new community with technical topics around security, AI and dev. We live and breathe web3 technologies🫡 Join, RT and comment below for a chance to win 3x full-year Claude/GPT subscriptions👇 discord.gg/pashovauditgro…

@J4X_Security Will try to adopt this. Thank you!

So you‘re a new auditor, just in your first month of audits and are grinding every day? Sleep, audit, repeat? But somehow the results don’t really show up? What if I tell you that you‘re actually not helping yourself? I pretty much did the same at the start for months. Worked every single day and did nothing else besides sleep a bit. I thought the more hours I put in the more efficient I am. I was stuck in the mindset of my old „normal“ job where performance was measured in hours. But slowly over time I learned that taking breaks and giving yourself time to also work on other things got me better. Seems kind of counterintuitive. Less Work = More Output. But think about how you feel in the 10th or 11th hour of auditing. Or on the 3rd weekend you work through. Usually you‘re forcing yourself to sit there and in the end not much gets done as your brain is fried. You also wouldn’t go to the gym for 8h a day and just spam chest days. So why do you think the same approach works for auditing? It took me about half a year until I learned how important getting off the screen is. Taking a walk inbetween. Lying in the sun for a bit. Ending an evening early to go play pool with your friends. Spending the weekend with your gf and leaving the laptop at home. You won‘t imagine how charged you get back to work. Suddenly vulns pop up everywhere. To keep this simple for anybody new that might think like me and tend to overwork themselves try this and feel free to lmk how your performance has changed after a few weeks: 1. No work past 8pm 2. Gym 3 times a week 3. Sun every day 4. Sunday is off day, no work at all (besides twitter rants) 5. 1-2 weeks of full holiday every quarter 6. At least 3 social events every week (dinner with gf, beer with the boys, networking, clubs, etc.) 7. Do something creative/with your hands every few days (painting, woodwork, LEGOs, instruments, etc.) whatever you like, just something off screen 8. 7-8h of sleep every night

@anchabadze @GTE_XYZ @code4rena Well done!

The results of @GTE_XYZ contest on @code4rena are out! I got a lot of enjoyment from auditing this protocol. Just missed the top 10. Placed 11th. Will do better next time! Consistency is the key There is no plan B Success is inevitable #RoadToWeb3SecurityJobChallenge

@arsen_bt Thank you!! Amazing auditing alpha in that session. Looking fwd to the next one.

Hosted 1st live call in private community • 50+ auditors showed up • 45m live of attack distill • 15m of Q&A afterwards To everyone who joined, thank you. This is what a real security community looks like.

$14.31 USDT » 🏅 @badal_sharma09 $12.52 USDT » 🏅 @Immanux2160 $12.52 USDT » 🏅 _riazul $12.34 USDT » 🏅 @0xisboss $11.20 USDT » 🏅 sagetony224 $11.20 USDT » 🏅 @yeahChibyke $10.12 USDT » 🏅 @_count_sum $9.37 USDT » 🏅 @0xgo4ko $9.17 USDT » 🏅 @0xSach1r0 $8.64 USDT » 🏅 Josh4324

@WhiteHatMage @aviggiano That screenshot applies only to Cantina from what I see. My stats are below: hackenproof.com/hackers/count-…

@aviggiano Is that a bug, or the results are private or have not been loaded yet?

It keeps amazing me how every AI tool is getting millions in bounties, and when I check the last 90-day leaderboard on the top web3 bounty platform, it's always the same boring humans lol

TOP 3 researchers of this week: 🥇@cantinaxyz 🥈count-sum 🥉@keterka Want your handle here? Join active programs: hackenproof.com/programs

@J4X_Security Amazing! Thanks for sharing.

A key part of finding Solana bugs is finding missing constraints. My strategy is this: 1. Write down what should be constrained for each account 2. Cross out everything covered by anchor constraints 3. Go over additional checks in code and cross those out 4. Everything that is left is a bug 🎉 Ez bugs on every audit/contest 🎁