Sandra🪩

if you don't surrender to what life wants for you, life will feel banal and empty if you don't work to create the life you want, life will feel stagnant and dull the most satisfying balance is in the integration of these opposites

Near the end of 2024, around November to December my entire life turned upside down. I never expected what happened next, and for more than a year I planned to never talk about it. But I think I need to, because it affected me deeply, both in life and as a hunter. 2024 was the best year of my life. It was the year I finally found myself. I discovered value in what I do. Being a security researcher and hunter in Web3 stopped feeling like “just a job”, it became something much bigger to me. People started recognizing my work. I met incredible researchers and hunters I genuinely respect and look up to. I built amazing friendships and connections. The feeling was indescribable. I was truly happy, and I enjoyed every single moment of it. At the beginning of 2024, I set a goal for myself: make $100k. People around me in real life laughed at that goal. They told me it was impossible. Some even said I should stop wasting time and look for a normal job that pays $150/month at mos. “Being rich is not for us,” they said. To them, $100k was something unreachable. So I distanced myself from those people, even though some were my friends. Not because they were bad people, but because we had completely different mindsets and goals. I had to choose myself. That same year, I seriously started hunting on @immunefi. I had a bad experience on another platform before, so I decided to give Immunefi a chance. I knew nobody there. No hunters, no team members. But the process felt professional from day one. Then I got my first $2k bounty. I was insanely happy 😂 I kept hunting, joined the Discord, and met amazing people from the Immunefi team and the community. I learned a lot, worked on many BBPs, and eventually Immunefi introduced Boosts (now contests) and Attackathons. That’s where my life completely changed. Then the Fuel Attackathon happened. I saw the $1M reward pool and a completely new language I had never touched before, and I told myself: “This is my chance.” I pushed hard. During that time I also landed another bounty. Eventually I made around $15k from bounties and around $86k from Fuel. I should’ve gotten second place, but some things happened and I secured fifth instead. And here’s the strange part… I felt nothing. No happiness. No excitement. No celebration. Just emptiness. I felt confused, mentally exhausted, almost like something inside me had shut down. I kept asking myself: “Why aren’t you happy? You achieved your goal. You proved everyone wrong. Why do you feel nothing?” Before I could answer that question, the second worst thing happened. My father had his first brain stroke. We rushed him to the hospital trying to save him. Then another stroke happened. Then another. I spent countless nights in hospitals, mentally destroyed. I became deeply depressed in a way I had never experienced before. At one point, I seriously thought about quitting Web3 and bug hunting entirely. I remember opening my phone late at night planning to delete everything I built. Then somehow I saw one of @lonelysloth_sec’s posts talking about patience, not giving up, and how hard this journey is. I don’t even remember the exact words anymore, but that post stopped me from making a huge mistake. Because people like him, @WhiteHatMage, and others became role models to me in this space. So I decided to wait instead of quitting. Meanwhile, my father’s condition kept getting worse. Eventually doctors told us there was nothing more they could do. We just had to fulfill his wishes and stay beside him until the end. And when he passed away in 2025… I felt nothing again. No tears. No breakdown. Just emptiness. The same emptiness I felt after reaching my biggest goal. That completely broke my understanding of myself. I forgot who zeroK really was. Months later, something incredible happened: @0xjonah1 messaged me saying I got accepted into All Stars. That gave me hope again. But even then, something still felt missing for almost a year and a half. I couldn’t figure it out. I tried convincing myself I was overthinking. year passed, Doing my best every day just to make sure I deserve my place at Immunefi and among the All Stars. Then, a few weeks ago, I got a clue about what was missing when I DM’d @WhiteHatMage asking for some advice related to working as hunter. While reading his messages, I felt like my brain was trying to reconnect with something I had lost for almost a year and a half... something that shaped who zeroK is both in real life and in the Web3 space. But at the time, I still couldn’t fully understand it, and I kept telling myself, “Maybe I’m just overthinking it.” Then Firedancer happened. I participated a bit, got overwhelmed, submitted only one bug, and honestly felt lost again. Then Infosec team reminded me that I should trust myself, that being part of All Stars already proved I belonged here. And suddenly it clicked. I finally realized what I had lost. It wasn’t motivation. It wasn’t discipline. It wasn’t skill. It was my ability to enjoy the journey. That was always the best part of me. Enjoying the process. Smiling during hard times. Helping people. Learning. Connecting with others. Being curious. Building something meaningful. I realized I never truly wanted $100k for the money itself. I wanted proof that I had value. Proof that I belonged somewhere. Proof that I could become the person I always wanted to be. And once I reached it, I didn’t know what came next. Now I finally understand it. Money matters for survival, yes. But chasing money alone made me miserable for an entire year. Now I’m chasing something different: my dreams, my growth, my journey, the people I meet, the things I build, the impact I leave behind. That’s what actually makes me happy. Being recognized for meaningful work. Protecting people. Saving users from exploits. Being good at what I do. Being kind while doing it. I’m glad I found myself again. And I’m deeply grateful to the people below who helped me rediscover that part of me, even without knowing what I was going through: @lonelysloth_sec @DecentralDisco @PappaPug @WhiteHatMage @minato7namikazi @0xMackenzieM @0xjonah1 @MartinMarchev @thisisgrey, who built my profile picture, the interview we did helped me remember part of who I really was. And many other amazing people too that I might not remember while writing this post. The only reasons I posted this are: 1. I want people to know that the joy of a goal you set for yourself ($100k, $500k, $1M, $10M, building something, buying something, achieving something) is not in the moment you finally reach it, it’s in the journey and the path you go through. 95% of the joy is in the process, not the destination. 2. I just wanted to talk a little bit lol.

@ZeroK_____ ZeroK, this space is lucky to have you. Thank you for sharing. You have a big heart and the talent to go far. I’m really glad our paths crossed and I get to be a part of your journey. I’m very sorry about your father🤍 Rooting for you, keep going friend💜

It’s an honor just to be nominated

The longer you delay building the life you actually want, the more likely you are to normalize a weaker substitute. Drift hardens into identity faster than people realize.

Hey, I'm open-sourcing Clicky. Go forth into the wild and build the future of education and the future of AI interfaces, my friends. I'm happy to have given a spark. Enjoy! github.com/farzaa/clicky

Today is a monumentous day for quantum computing and cryptography. Two breakthrough papers just landed (links in next tweet). Both papers improve Shor's algorithm, infamous for cracking RSA and elliptic curve cryptography. The two results compound, optimising separate layers of the quantum stack. The results are shocking. I expect a narrative shift and a further R&D boost toward post-quantum cryptography. The first paper is by Google Quantum AI. They tackle the (logical) Shor algorithm, tailoring it to crack Bitcoin and Ethereum signatures. The algorithm runs on ~1K logical qubits for the 256-bit elliptic curve secp256k1. Due to the low circuit depth, a fast superconducting computer would recover private keys in minutes. I'm grateful to have joined as a late paper co-author, in large part for the chance to interact with experts and the alpha gleaned from internal discussions. The second paper is by a stealthy startup called Oratomic, with ex-Google and prominent Caltech faculty. Their starting point is Google's improvements to the logical quantum circuit. They then apply improvements at the physical layer, with tricks specific to neutral atom quantum computers. The result estimates that 26,000 atomic qubits are sufficient to break 256-bit elliptic curve signatures. This would be roughly a 40x improvement in physical qubit count over previous state-of-the-art. On the flip side, a single Shor run would take ~10 days due to the relatively slow speed of neutral atoms. Below are my key takeaways. As a disclaimer, I am not a quantum expert. Time is needed for the results to be properly vetted. Based on my interactions with the team, I have faith the Google Quantum AI results are conservative. The Oratomic paper is much harder for me to assess, especially because of the use of more exotic qLDPC codes. I will take it with a grain of salt until the dust settles. → q-day: My confidence in q-day by 2032 has shot up significantly. IMO there's at least a 10% chance that by 2032 a quantum computer recovers a secp256k1 ECDSA private key from an exposed public key. While a cryptographically-relevant quantum computer (CRQC) before 2030 still feels unlikely, now is undoubtedly the time to start preparing. → censorship: The Google paper uses a zero-knowledge (ZK) proof to demonstrate the algorithm's existence without leaking actual optimisations. From now on, assume state-of-the-art algorithms will be censored. There may be self-censorship for moral or commercial reasons, or because of government pressure. A blackout in academic publications would be a tell-tale sign. → cracking time: A superconducting quantum computer, the type Google is building, could crack keys in minutes. This is because the optimised quantum circuit is just 100M Toffoli gates, which is surprisingly shallow. (Toffoli gates are hard because they require production of so-called "magic states".) Toffoli gates would consume ~10 microseconds on a superconducting platform, totalling ~1,000 sec of Shor runtime. → latency optimisations: Two latency optimisations bring key cracking time to single-digit minutes. The first parallelises computation across quantum devices. The second involves feeding the pubkey to the quantum computer mid-flight, after a generic setup phase. → fast- and slow-clock: At first approximation there are two families of quantum computers. The fast-clock flavour, which includes superconducting and photonic architectures, runs at roughly 100 kHz. The slow-clock flavour, which includes trapped ion and neutral atom architectures, runs roughly 1,000x slower (~100 Hz, or ~1 week to crack a single key). → qubit count: The size-optimised variant of the algorithm runs on 1,200 logical qubits. On a superconducting computer with surface code error correction that's roughly 500K physical qubits, a 400:1 physical-to-logical ratio. The surface code is conservative, assuming only four-way nearest-neighbour grid connectivity. It was demonstrated last year by Google on a real quantum computer. → future gains: Low-hanging fruit is still being picked, with at least one of the Google optimisations resulting from a surprisingly simple observation. Interestingly, AI was not (yet!) tasked to find optimisations. This was also the first time authors such as Craig Gidney attacked elliptic curves (as opposed to RSA). Shor logical qubit count could plausibly go under 1K soonish. → error correction: The physical-to-logical ratio for superconducting computers could go under 100:1. For superconducting computers that would be mean ~100K physical qubits for a CRQC, two orders of magnitude away from state of the art. Neutral atoms quantum computers are amenable to error correcting codes other than the surface code. While much slower to run, they can bring down the physical to logical qubit ratio closer to 10:1. → Bitcoin PoW: Commercially-viable Bitcoin PoW via Grover's algorithm is not happening any time soon. We're talking decades, possibly centuries away. This observation should help focus the discussion on ECDSA and Schnorr. (Side note: as unofficial Bitcoin security researcher, I still believe Bitcoin PoW is cooked due to the dwindling security budget.) → team quality: The folks at Google Quantum AI are the real deal. Craig Gidney (@CraigGidney) is arguably the world's top quantum circuit optimisooor. Just last year he squeezed 10x out of Shor for RSA, bringing the physical qubit count down from 10M to 1M. Special thanks to the Google team for patiently answering all my newb questions with detailed, fact-based answers. I was expecting some hype, but found none.

High-agency people genuinely believe that reality is negotiable in a "there are always more levers to pull" way. It's about having this bone-deep conviction that if you keep poking at something from different angles, eventually something will give.

Congratulations on your failure, most people don’t even try. The more you lose, the more you win.

@pxng0lin Yess, confirming it’s me :)

@DecentralDisco it is you that messaged me on Discord right?

In just a few days after launch, Shield My Bags is taking off: $4M+ in assets reviewed 9,000+ users onboarded 10k is coming fast. Shield My Bags is powered by IMU, and the token sale ends in 4 hours. Now is the time to get in.

Shield My Bags v0 is live. Check your wallet address to see if your bags are secure or not. Comment 🫶 to get access and receive Shield Points through referring other users and posting your security card.

LISTEN UP DEGENS 📣 Shield My Bags v0 is live. Are your DeFi bags safe, or are you not gonna make it? Comment 🫶 to get access to the app and farm Shield Points. How? Refer friends [100 pts/fren] and make sure to share your security score card on X. Easy. We’re still in beta, lots to build. New features coming soon.

Today, we’re releasing the Immunefi Security OS roadmap. Many have asked about the Security OS. Is it live? Yes, most know it by the name Immunefi Magnus. It already has 170+ early access members, including Chainlink, Optimism, Avalanche, ENS, Lido, Polygon, Aave, etc! and protects more than $81B in assets. Soon, it's going to protect *everything*. Join us on this journey.

No single security company can create the best technology in every single category. That’s why we invented Immunefi Magnus. It brings the best in the business together into a single command center, creating the biggest security juggernaut ever seen to protect the decatrillion crypto future. And it’s all powered by the $IMU token. 👉 @ChainPatrol for real-time brand-protection & threat detection 👉 @threesigmaxyz for smart contract audits and secure protocol design 👉 @sigp_io for in-depth blockchain security assessments 👉 @osec_io for smart contract audits 👉 @getfailsafe for onchain monitoring 👉 @NexusMutual for providing the best decentralized cover in the industry 👉 @fuzzland_ for automated fuzzing and smart contract analysis 👉 @rv_inc for formal verification More coming soon.

🚨 The Immunefi Foundation is launching its community token sale on @CoinList. With the next decatrillion coming onchain, security will be the biggest market in crypto. Sale goes live on Nov 12, 17:00 UTC. coinlist.co/immunefi

@Ehsan1579 @immunefi @SruthiManthenaa Thank you for the shoutout🥺🥺 Always a pleasure to help ser🫡💜

Wanted to give special thanks to @immunefi team specifically to @SruthiManthenaa and also @DecentralDisco for mediating many of my reports and resolving them. People often don’t understand the sheer volume of reports the team manages daily, but I got to experience firsthand how exceptional they are. Grateful for all the hard work and the smooth experience. Been on a one week break, will be back again this week, we got a lot of work to do.

Today is the big day. Are you ready? Livestream @ 12pm London/7pm Singapore time. immunefi.foundation

Hello world. Please check out our website. immunefi.foundation

Stablecoins are now at $200b, Wall Street is ready, and trillions are waiting to come onchain, but they’re SCARED. This is why the Immunefi Foundation (@immunefiFdn) just launched today. Visit the Foundation site below to watch the upcoming livestream announcement that will fundamentally change Web3. 📅 Date: Sept 30 🌴 Location: Immunefi Alpha Night, Token2049, or online