English
_Web3Angel
29 posts
training.valvessecurity.com
@ValvesSec is the "Failed to Load clusters" and "Service unavailable" when I am trying to connect my wallet just for me .. is it happening with atleast one other person
English
English
@0xapple_ @code4rena Good luck... something I find that helps is to think of those arguments while you are drafting the submission in anticipation of the battle that comes when the judges start invalidating. That helps frame the finding in a less "rejectable" way.
English
10 days auditing Monetrix on @code4rena
now 20 days of being a lawyer 😭
already drafting arguments for findings I know judges will try to invalidate
audit ends, the real work begins
at this point in contests, fighting a homicide case would've been easier 💀
English
@anchabadze Well done. You will achieve your goal in no time with the level of consistency you are on.
English
Exactly one year ago, I started my journey toward a Web3 Security Researcher position at a company.
At that time, I had already learned Solidity and was just beginning to participate in public contests. Since then, I’ve found dozens of bugs, earned thousands of dollars, accumulated around 2000 hours of auditing and skill development. My professional level, my understanding of web3 security, and attack vectors have grown tremendously over this year. I’ve developed my own auditing style and methodology. I actively use AI, which helps a lot in my auditing process.
I haven’t reached my goal yet and my journey continues. Yes, it’s not the best time to land a job as an SR right now - bear market, fewer contests, intense competition, AI audits - but I believe in myself. I know I don’t want to do anything else, and I will keep moving toward my goal.
Even for another year, if needed.
Consistency is the key
There is no plan B
Success is inevitable
#RoadToWeb3SecurityJobChallenge
Zurab Anchabadze@anchabadze
1 YEAR! 🎯 Day 365 of my #RoadToWeb3SecurityJobChallenge 🕰️ Hours worked: 5 hours 30 min 🔎 Focus: Auditing 🛠️ Practical work: - Started auditing @MonetrixFinance on @code4rena - Read and studied several reports from past audit contest - Studied different vulnerabilities using Anki cards
English
You can use Magic completely free, completely locally.
About 1.5 years of work to get to this.
You can easily extend it in one prompt with Claude or OpenCode.
Recon@getreconxyz
Recon Magic is now Open Source. Write Fuzzing suites 40 times faster than manual work. The repo gives you access to prompts, custom tools as well as a orchestration framework to make it all work. Clone Recon-Fuzz/recon-magic-framework Run uv tool install --editable . recon-magic-framework --workflow NAME Check prompts for the tool agnostic prompts Check and alter workflows to customize the automations
English
@0xfrsmln @BensonDynasty_ I get your point but I also don’t think it would be unreasonable to advise the protocols of the consequences of some of these design choices. It blurs the line between auditor vs consultant but it can save protocols and users from pain.
English
@BensonDynasty_ and the approach is to get stronger key management and opsec imo
its beyond the audit because of 'design choice'
English
when a protocol gets rekt because of a trusted role's misbehavior, some SRs will use it to justify their invalid reports about an admin being malicious and rekting users.
even if it is accepted in an audit contest, it would be:
1) worthless for SRs in terms of payouts, because there will be 100+ dupes.
2) worthless to the protocol team, because it is a design choice and highly unlikely to be fixed.
making admin mistakes a valid issue during an audit will not make this attack vector disappear.
so please stop, it would still invalid.
English
@d0rsky I believe people are running the same open-source tools, and therefore finding the same vulnerabilities.
English
Hey triage folks,
Is it just me, or are you all seeing the same pattern lately?
Once a new vulnerability is discovered - especially via some LLM prompt/skills/automation, we start getting a wave of duplicate reports within days.
Same root cause, slightly different wording.
It almost feels like:
1/ One person actually finds the issue
2/ Others re-run scans/prompts and “rediscover” it
Not saying this is always bad - but the timing is interesting.
Makes me wonder:
Are models like @AnthropicAI / @OpenAI indirectly leaking patterns through training or responses?
What concerns me more, is, if researchers can replicate these findings so quickly, what’s stopping blackhats from doing the same before the issue is fixed?
Feels like the window between “first discovery” and “mass awareness” is getting dangerously short.
English
🎯 Day 338 of my #RoadToWeb3SecurityJobChallenge
🕰️ Hours worked: 3 hours
🔎 Focus: Learning
🛠️ Practical work:
- Read several web3 sec articles
- Read and studied several bug bounty writeups
- Studied different vulnerabilities using Anki cards
Zurab Anchabadze@anchabadze
🎯 Day 337 of my #RoadToWeb3SecurityJobChallenge 🕰️ Hours worked: 2 hours 🔎 Focus: Learning 🛠️ Practical work: - Read and studied several reports from past audit contest - Studied different vulnerabilities using Anki cards
English
@Ehsan1579 It's unhelpful that there isn't a lot of transparency around bounties and their payments. Some protocols share the amount of bounties paid so far. For the majority, it's a complete blackbox. At least when you know that the protocol rewards, it's motivation to spend time on it.
English
Was going to write something like this post months ago, injective was horrible during a crit I found in their protocol 3 months ago and was approved to be at leat High by Immunefi.
But I don't like to publicly shame projects, I just see their slow and unresponsive and dismissive behaviour especially with reasons that don't make sense and move on and not even bother looking at their codebase.
f4lc0n@al_f4lc0n
I Saved Injective's $500M. They Pay Me $50K. I like hunting bugs on @immunefi . I'm decent at it. - #1 — Attackathon | Stacks - #2 — Attackathon | Stacks II - #1 — Attackathon | XRPL Lending Protocol - 1 Critical and 1 High from bug bounties (not counting this one) Life was good. Then I found a Critical vulnerability in @injective . This vulnerability allowed any user to directly drain any account on the chain. No special permissions needed. Over $500M in on-chain assets were at risk. I reported it through Immunefi. The next day, a mainnet upgrade to fix the bug went to governance vote. The Injective team clearly understood the severity. Then — silence. For 3 months. No follow up. No technical discussion. Nothing. A few days ago, they notified me of their decision: $50K. The maximum payout for a Critical vulnerability in their bug bounty program is $500K. I disputed it. Silence again. No explanation for the reduced payout. No explanation for the 3 month ghost. No conversation at all. To be clear: the $50K has not been paid either. I've seen others share bad experiences with bug bounty payouts recently. I never thought it would happen to me. I can't force them to do the right thing. But I won't let this be forgotten. I will dedicate 10% of all my future bug bounty earnings to making sure this story stays visible — until Injective pays what I deserve. Full Technical Report: github.com/injective-wall…
English
@ZeroK_____ @asen_sec Agreed. At the same time it reduces the number of bounties significantly as there are only 2 platforms that share this info and few protocols within these platforms that actually share the data.
English
@soliditors Hi - How can I get in? I messaged a while back but don't think I made the cut.
English
_Web3Angel retweetledi
1/ Introducing The Mentorship Series
0xsimao.com/blog/introduci…
I’m personally mentoring a small, hand-picked group of auditors in 2026. 1st announced tmr.
3 months of 1-on-1 mentoring with me each.
Targets:
0 → 4 figures
4 → 5 figures
Step 1: Like and repost this post.
English
@radcipher Hi - Is there a location where we could read about these findings?
English
3 critical vulnerabilities we’ve stopped recently:
- Reentrancy loop that could drain funds
- Broken access control exposing admin functions
- Price oracle manipulation risking liquidation events
Every one of these = millions saved before launch.
English
@0xCharlesWang Just to clarify, I am not specifically talking about this scenario but more broadly.
English
@0xCharlesWang Can't talk much about private audits but competitions seem to have restrictions and things considered out of scope that would be valuable to include in scope for end-to-end testing. That can narrow the field quite a bit too.
English
The recent exploit wave is just different.
Protocols that got audited multiple times get exploited via super sophisticated edge-cases.
There is not really much that one can do here. More audits likely won’t help here much unless they get conducted by the top 0.001% individuals and this is economically not feasible for protocols.
English