Ananta Deva

@statemindio @statemindio may I know if you're still accepting application for fellowship. If not may I know when next time it will be open

Apply: statemind.io/fellowship

🚨 It's the great depression of Web3 security auditors. Auditors are reaching out to us daily asking for work. Everyone's talking about AI, and newer auditors are lost - they try it, start relying on it, then realize it produces false positives, exposes gaps in their fundamentals, and that 100% AI reliance is just a dead end. Don't forget the fundamentals guys. Stop trying to skip the learning and failing part - that's literally how you grow. Use AI, but don't lean on it too hard, especially in the beginning. You have to walk the walk. If you're not ready for the hard parts, this field isn't for you. Web3 security is hard. There's no shortcut around that. And now with contests almost gone, beginner and mid-level auditors feel stuck. But here's the reality: to get hired for a freelance audit or at a firm, you need to be worth hiring. You need to be able to make that company money. And the way you do that is simple - get good at finding bugs. That's your value. Build it. The game changes. It doesn't end. In Q1 2026 alone we saw ~$170M lost to protocol logic flaws and private key compromises - rugs, scams, and phishing excluded. Protocols are being exploited every day. The problem isn't going away. When contests disappear, you still have options: - Finding live bugs on bug bounty platforms. That's hard since these live contracts are often audited multiple times by top firms, so even Low/Medium will be a great achievement. Bounties aren't going anywhere unless crypto itself dies. - Finding bugs in live protocols that don't have a bounty, reporting them privately, and using that work as proof later. - Deep writeups of protocols you audited solo. - Reproductions of real exploits with explanations. - Clear threat models of existing DeFi systems. Find ways to be helpful. Contribute value and people will notice. Whatever you do - publish your work on GitHub. Firms will ask for it. Hustle hard now, establish yourself, and when the market picks up you'll be in a strong position. It's hard for everyone right now - auditors and firms alike. But moments like this are where the people who keep improving separate themselves from those who wait. Load your weapon. The demand will come back.

If you haven’t tried exploiting contracts on @battlechain yet: Here’s a 90 seconds walkthrough using the starter repo, covering the full attack flow. For this demo, my wallet is both exploiter and recovery. Normally these are separate and the bounty split is visible.

As of today, BattleChain testnet is LIVE. The pre-mainnet, post-testnet blockchain, where whitehats legally attack your smart contracts before they reach production. Deploy. Get attacked. Ship stronger. Here's why we built it, what it is, and how you can get involved 🧵

🥷One-shotting Threat & Trust models, invariants (stated & inferred), Git History & tests analysis and much more within a sub-10min run. This is the new "X-Ray" tool on pashov/skills. Free & Open Sourced. Let us know if we should keep building these🫡

@pashov Requesting access plz

New "efficiency and effectiveness boost" Skill coming to pashov/skills tomorrow. Threat & Trust modelling, invariants, documentation quality, diagrams, and some special additions. Free, built for devs & whitehats. Early access(today) on request. Hope the value is appreciated🫡

Excited to share that I secured 25th place 🏆 in the Panoptic Audit Competition with 1 High🔥 and 1 Medium severity finding! Glad to keep learning and improving in smart contract security #Panoptic #Web3Security #SmartContractAudit

@pashov This is amazing

More than a year ago. Some killer security researchers came out of this internship. Many got hired in big companies with good salaries - very welcome. If another internship cohort sounds interesting, do comment below - let's see if there are people that would want this

I put a lot of heart into my technical writing, I hope it's useful to you all. 📌 Here's a pinned thread of everything I've written. (much of this will be posted on the Claude blog soon as well)

Smart Contract Security Roadmap 2026 Free resources only. If I had to start from zero today, this is the exact path I’d follow:🧵 Most people waste months jumping between random resources, tools, and contests. If I were starting again in 2026, I’d focus on 4 things in order: • Foundations • Security fundamentals • Competitive auditing • Specialization Here’s the roadmap I wish I had.👇

Competitive audits… but better

A little late in posting this, but excited to share my first 2 valid Medium findings in my first audit contest. More than the result, I’m grateful for the learning, especially from what I missed. Shoutout to @PatrickAlphaC and @0xOwenThurm for the learning and inspiration. 🚀