Alexander Scherbatyuk

357 posts

Alexander Scherbatyuk banner
Alexander Scherbatyuk

Alexander Scherbatyuk

@AlexScherbatyuk

🛡️ Smart Contract Security Researcher • 🐛 Blockchain Developer @ZkNoid • ⚔️ Alum @CyfrinUpdraft &🦄 UHI8 @AtriumAcademy • 🕵️‍♂️ Intern @KannAudits

Storage, 0x40 Katılım Mart 2016
234 Takip Edilen97 Takipçiler
Sabitlenmiş Tweet
Alexander Scherbatyuk
Alexander Scherbatyuk@AlexScherbatyuk·
A protocol's safety is not measured by how long it has lasted, but by how long until it is breached. Be cautious to stay safe!
Alexander Scherbatyuk tweet media
English
0
0
0
4K
Bryan_Conquer.eth
Bryan_Conquer.eth@Bryan_Conquer22·
Auditors need to connect more now than ever. Drop a comment and connect with other security researchers and developers.
Bryan_Conquer.eth tweet media
English
32
1
69
3.4K
CD Security
CD Security@CDSecurity_io·
client: “we need the audit ASAP” our auditors at 3am:
CD Security tweet media
English
2
0
8
501
Kann Audits
Kann Audits@KannAudits·
New security audit report published for @mystic_finance 2 days audit of their Plume staking logic. Identified 1 Medium severity issue, 2 Low severity issues, along with 2 informational findings. Check the full report below 👇 github.com/Kann-Audits/Ka…
English
6
8
44
1.9K
Alexander Scherbatyuk retweetledi
Kann Audits
Kann Audits@KannAudits·
You realize you’ve built Kann Audits into a respected name in Web3 security when major protocols start asking for your help on the architecture and design choices behind their most complex systems. We will continue helping, advising, and securing. Thanks for your trust 🫡
English
8
16
75
2.5K
contract.dev
contract.dev@contractdotdev·
We're hiring at contract.dev. We're building the testnet devs actually want: a private, real-time copy of mainnet, with built-in devtools. Open roles: – web3 engineer (smart contract exp) – full-stack engineer (Typescript, Go) – product designer $2000–$2500/month. remote. We're passionate about the future of smart contracts. DMs open | Reply below | Tag talented people👇
contract.dev tweet media
English
314
42
898
71.6K
Alexander Scherbatyuk
Alexander Scherbatyuk@AlexScherbatyuk·
@PashovAuditGrp It would be great to see PAG creating an MCP server that allows startups to integrate it with GitHub Actions and validate security with up-to-date security data on each push. It could solve many modern security issues, including supply chain attacks.
English
1
0
1
21
Pashov Audit Group
Pashov Audit Group@PashovAuditGrp·
Deploying more human capital - steady lads
pashov@pashov

🚨🤯BIG NEWS - @asen_sec(the AI Security master) joins PAG🔥 Today, non-AI-native security is a guaranteed failure. Asen had the most findings on the Monad public contest (>1600 participants, >160k lines of code), and has many bug bounties confirmed. Time to win, together🫡

English
2
0
21
1.2K
pashov
pashov@pashov·
You know what they say about the teams that grow in the bear Welcome @0xFireFist, can't wait to see your open source contributions for this beautiful web3 space, we all need you🫡
Pashov Audit Group@PashovAuditGrp

Our "Open Source" role is now filled - @0xFireFist joined Pashov Audit Group. He already contributed the insane `x-ray` Skill to github.com/pashov/skills, with v2 coming soon. His open source work & efforts will serve web3 builders for years to come. Let's crush it together🫡

English
6
0
78
7.5K
Alexander Scherbatyuk
Alexander Scherbatyuk@AlexScherbatyuk·
Great internship! ✅ Covered 5 protocols on both Move and Solidity. ✅ Learned several new techniques to strengthen my attacker mindset. ✅ Significantly improved my manual code review skills. ✅ Enhanced my use of LLMs in combination with other tools. ✅ Added Certora to my security toolkit. Big thank you to @KannAudits team!
Kann Audits@KannAudits

KannAudits Internship Program completed ✅ During the program, interns audited 5 protocols and uncovered some very interesting findings. Their performance exceeded all expectations. This shows how much talent is still out there waiting to be discovered. 🫡

English
2
0
11
925
Alexander Scherbatyuk
Alexander Scherbatyuk@AlexScherbatyuk·
High shoutout to @KannAudits for the opportunity. Very interesting protocols, both on Move and Solidity. There wasn’t much feedback on each finding. Probably due to the high number of participants and reports, but the feedback that was provided was helpful. I’ve learned a few things and hopefully helped improve the security of those protocols. 🙏
English
0
0
6
286
Kann Audits
Kann Audits@KannAudits·
KannAudits Internship Program completed ✅ During the program, interns audited 5 protocols and uncovered some very interesting findings. Their performance exceeded all expectations. This shows how much talent is still out there waiting to be discovered. 🫡
English
7
8
109
5.9K
Alexander Scherbatyuk
Alexander Scherbatyuk@AlexScherbatyuk·
Officially accepted into the @KannAudits Internship Program! 🚀 Super excited to learn, contribute, and grow with such an amazing team. Let’s go!
Alexander Scherbatyuk tweet media
English
0
0
6
250
Alexander Scherbatyuk
Alexander Scherbatyuk@AlexScherbatyuk·
Have you onboarded or do you plan to onboard Uniswap, Aave, or any major DeFi platforms? Many new protocols require integrations in order to operate, as their main processes rely on interactions with these protocols. If protocols were to deploy mocks with real liquidity, it would not be real — it would still be mocks, which can be less secure and easier to attack.
English
1
0
0
38
Patrick Collins
Patrick Collins@PatrickAlphaC·
The @battlechain testnet is now LIVE. Come enter the ultimate red-team platform. Give us feedback so we can launch mainnet very soon, and fix web3 security.
English
52
80
575
72.2K
Alexander Scherbatyuk
Alexander Scherbatyuk@AlexScherbatyuk·
@cyfrin What about copycat attacks? How would protocols deal with bots and attackers that would repeat exploit actions and keep their cut, in case the initial attack did not drain all the funds? For example, would it require KYC to bridge funds?
English
1
0
0
101
Cyfrin Audits
Cyfrin Audits@cyfrin·
BattleChain fixes this. Bug bounties: "find a vuln, write a report, we'll pay you (maybe)." BattleChain: "find a vuln, exploit it, keep 10%, return the rest." You stole the money. You sent it to the recovery address. You keep your cut. No politics. No discretionary payouts. On-chain Safe Harbor agreements make it legal.
English
10
8
99
8.6K
Cyfrin Audits
Cyfrin Audits@cyfrin·
As of today, BattleChain testnet is LIVE. The pre-mainnet, post-testnet blockchain, where whitehats legally attack your smart contracts before they reach production. Deploy. Get attacked. Ship stronger. Here's why we built it, what it is, and how you can get involved 🧵
GIF
English
66
105
478
120.9K
Alexander Scherbatyuk retweetledi
pashov
pashov@pashov·
🥷One-shotting Threat & Trust models, invariants (stated & inferred), Git History & tests analysis and much more within a sub-10min run. This is the new "X-Ray" tool on pashov/skills. Free & Open Sourced. Let us know if we should keep building these🫡
English
11
20
131
14.7K
Hari
Hari@hrkrshnn·
Is there a bug you think an AI can never find?
English
10
0
13
3.9K
pashov
pashov@pashov·
New "efficiency and effectiveness boost" Skill coming to pashov/skills tomorrow. Threat & Trust modelling, invariants, documentation quality, diagrams, and some special additions. Free, built for devs & whitehats. Early access(today) on request. Hope the value is appreciated🫡
pashov tweet media
English
20
5
82
3.6K