moboutig

Bun v1.3.14 releases tomorrow. If we do merge the Rust rewrite, this would be the last version in Zig

Big news from Immunefi: we just shipped Proof of Duplicate, and it's *the* feature I've been wanting to see for a long time. For years, one of the most frustrating experiences a whitehat could have was submitting a report, putting in the hours of research, the careful write-up, the working PoC… and getting back a one-line "duplicate, closing." No justification and no transparency. No way to push back. That era is over. Starting now, when a submission is closed as a duplicate, it points to the original report. The researcher can read the original. They can compare the reports for themselves... and if they believe the call was wrong, they get a formal dispute button. Verdict upheld means the report stays closed. If the verdict is overturned, the report gets reopened and goes back through triage like nothing happened, including reward eligibility. This matters beyond the feature itself. The whitehat community is the immune system of crypto. Every protocol secured, every exploit prevented, every billion in TVL that didn't get drained. For this immune system to keep working, things have to keep improving for whitehats. Proof of Duplicate is just one piece. There will be more. SR Summer 2026 is coming.

@MitchellAmador Tnx bro

@Abacusylws @itsaaroshi Data colection bro

As a dev, what's your favorite localhost port?

@GrizMeta Why don't we have one app to do all this ?

What app do you open first?

@nalinrajput23 Claude will code for me ineed to go to sleeep

What’s stopping you from getting this tattoo?

@MitchellAmador @piquopiquo Dont use ai on dups , h1 fail on this

@piquopiquo We are researching this presently; tldr is yes if we can find a clean solution.

Real talk: we should have shipped this earlier. Starting now, duplicate submissions on Immunefi will no longer count against a security researcher's standing on our platform. If your report happens to be a dupe, it won't be held against you in the automated restriction system. Period. Dupes are a normal part of bug bounty work. Two researchers can independently find the same issue within hours of each other. Penalizing the second submitter discourages exactly the people we need most: the ones hunting hard, moving fast, and reporting in good faith. The researcher experience on Immunefi is the single most important lever we have for keeping crypto safe and secure. Every friction point we leave in place is a tax on the people protecting billions in user funds. We owe them better, and we're going to keep tightening this until the platform feels like it was built by researchers, for researchers. A whole lot more changes in this direction coming. Keep the feedback coming. SR Summer is coming on Immunefi.

@MitchellAmador Ai agents its not a tool anymore

The Future of On-Chain Security Is Human. Crypto security platforms are abandoning security researchers for AI. A lot of the platforms that built their name on security researchers are pivoting hard into AI. It is an understandable move. AI auditing is a real opportunity, the teams pursuing it are serious, and proprietary tooling has a clear commercial story. We are not against AI. It will play a meaningful role in the future of this industry. But the shift has come at a cost. Contests are smaller. Communication is thinner. Researchers who spent years building reputations on these platforms have been deprioritized as the roadmaps point elsewhere. We are making a different bet. Independent security researchers have prevented billions of dollars in losses across crypto. Every major class of vulnerability we now consider "standard knowledge" was first surfaced by a person. The frontier has always been pushed by humans working in the open. That is not an argument against AI. It is an argument about what AI cannot do alone. In fact, the best researchers are already using AI as leverage. Since AI tooling became more accessible, we have seen a clear rise in both the volume and quality of serious submissions. Yes, spam has increased too. But over the past two years, we have seen serious hunters submit stronger work, earn larger payouts, and outperform their own pre-AI baselines. We have seen new researchers appear almost overnight and climb to the top of leaderboards by using AI to move through codebases faster, ask better questions, and hunt at a scale that was not possible before. And we have seen already-elite researchers become even more dangerous with it. @Riptide was exceptional before AI. With AI as leverage through @therealgregoAI, he is operating at another level. Researchers find what nobody has seen yet. The two are complementary, but only one of them scales adversarial creativity. We think crowdsourced security is still the strongest security foundation crypto has. AI isn’t diminishing crowdsourced security; it’s making it even stronger, more effective, more critical. Bug bounties. Audit competitions. Shared knowledge. Researchers compensated fairly for the value they create. That is the bet we have always made. That is the bet we are doubling down on now. We are scaling crowdsourced security in ways this industry has not seen before. The protocols that will survive the next decade are the ones being tested by thousands of adversarial minds in the open. Supercharged by AI, absolutely, but non-negotiably human at their core. If you are a security researcher and the past year has felt different, you are not imagining it. Come build with us. We are going somewhere new, and we want you with us when we get there.

@ZeroK_____ Hh dont try pleas

Update about this: AI does indeed suck at catching bugs…only if you don’t know what you’re doing, how to use it, or how to build and guide it properly. But once you understand how AI works and how it’s supposed to be used, it can actually help you find some worthy bugs.

@Abdulljs English

As a developer, what programming language would you recommend to a newbie in the space to learn first ?

@ZeroK_____ Why

Hmmmm, many ppl might hate me to say this, but i’m start believing that contest is not best option for project anymore 😔 I will post about why i think about this like that, then we can discuss about it and i hope someone prove me wrong 🙏🏻

@moncif Maghribi ?

Hit my codex limits and went for sunset, Morocco 🇲🇦 is truly beautiful

@ZeroK_____ Hhh dont try

AI sucks at catching bugs, at least for me, if you used AI to catch bugs in bug bounties or contest, I’d genuinely love to know how you use it! And please don’t DM me trying to sell your $1K/month AI tool that produces ton of false positives bugs.

@immunefi Claude mythos

Crypto's most controversial Security Researcher is coming on The Immunefi Show. Who do you think it is?

@immunefi @therealgregoAI I wish I could get real money instead

The AI agents are coming for all your $IMU. @therealgregoAI just received another pledge of 100,000 $IMU. The pledgers are betting on agents finding more bugs. Pledge here: immunefi.com/pledge/gregoai/

Claude code leaked already btw

I FUCKING LOVE this story

bro u didnt say "make no mistakes"

Current state of Web3 Security x AI

@kaxm231 @chiefofautism this Not a tool bro

@chiefofautism i beleive those tool will only hack host machine the dumpass who think he can hack something

CLAUDE CODE but for full-kill-chain HACKING its called Decepticon, 5 AI agents named after transformers you give it a target ip and it just... port scans, finds vulns, pops shell, drops a sliver C2 implant, harvests creds, moves lateral, all inside a KALI sandbox no human in the loop, open source