0xApple

Ranked 9th in the Mellow Protocol contest! Found a bug where minting logic exponentially compounded fees, causing significant share dilution. Secured my first four-digit payout.

Imagine CEO of a security firm showcasing 6 of his "best" auditors running an 11-week audit and missing 11 highs, 17 meds, then running it as a success story for their automated scanning tool. All these finds are superhuman? Prove it. Humans didn't have time to find them? Then you heavily underscoped required effort. Doesn't strike as a confidence booster to clients paying deep 6-figures for an audit and expecting reasonable coverage. At TrustSec we'd rather lose the deal than ship a report we can't defend, but maybe that's just us.

0 findings across the board for @OpenCover contest no bugs, no weird edge cases +$100 secured💯

JUST IN: Trader accidentally swaps $50 million $USDT for $36,000 $AAVE on Ethereum.

Was waiting for someone to say it!

Nope. Fewer deployments ≠ less need for security. Market’s just down.

@0xdmanwalking @InverseFinance @sherlockdefi Congrats ser!!

Proud to achieve first place on the @InverseFinance competition in @sherlockdefi. Pushed super hard on this one and sometimes things just click. Turns out stablecoins is my favorite thing to audit after working on one for 2+ years! Excited for the next steps coming soon 👀

@Uddercover Nice work!

6th place in this one and I found the only high issue. Pretty cool. All the glory goes to Yahweh 🙇‍♂️

@thongtrungtran Nicely done!

to celebrate the Year of the horse 💪

This is sadly a very likely outcome after a hack, according to our research.

Step Finance shuts down following $40 million security breach theblock.co/post/390964/st…

@PiyushShukla__ Please kindly check dm sir

Good to see that everyone is now focusing on security impact and trying to fix issues at their own level. Companies like OpenAI and Claude are launching security solutions. Definitely, none of them can fully solve the problem yet, but it’s a strong addition to the efforts of whitehats who have been securing the ecosystem for a long time..

@eddie_pumpin Browser?

Last year, each judge always complain about my report. Some said it lacks details, some said they don't understand it. So, I decided to work on that this year. I am happy I am seeing improvement.

@0x3b33 What about the ones at @spearbit, making $20k per week

Web3 auditor salary breakdown: Junior: $1000 - $2500 a week Mid: $2500 - $6000 a week Senior: $7000+ a week What determines the difference: - How good you can break the code - How good you can sell your skills (most people underestimate this)

@RealJohnnyTime Only one Planck time. Does that qualify me to work as an intern hacker at GingerSec👀

So… how much time did it take you?

Redacted audit report dropping in a few days. If you care about: • Real-world audit findings • Private audit workflows • Learning beyond contests Bookmark this tweet.

Soon, I’ll publish a redacted audit report. Same bugs. Same reasoning. Same impact. Just without exposing the protocol.

For the last 3 months, my timeline went quiet. Not because I stopped auditing. But because I went private. 👀 Now that work is coming public, redacted, but real. Beginner auditors should see this 👇