Prince Allwin

Welcome... to the new largest competition in history with @eulerfinance! 💰 $1,250,000 USDC 🗓️ May 20th - June 17th 📍 @cantinaxyz Invite only. Don't have one? Details below:

Auditing becomes very *very* fun once you're over the hump. Still trying to break through that barrier? Just follow these steps in order: 1️⃣ Learn The Basics I covered it all for you, get all the basics down with the following playlist: youtube.com/playlist?list=… After that, you know everything you need to get started. 🫡 2️⃣ Start Competing In Contests Here are some platforms to try out: - @CodeHawks (First flights to start) - @code4rena - @sherlockdefi - @cantinaxyz - @HatsFinance Now let's set the expectations before you dive in, contests will be hard, that's expected. Rising through the ranks and gaining mastery is extremely time-intensive and in the beginning... quite brutal. In the beginning: • You'll feel overwhelmed in a new codebase • You'll struggle to uncover solid high findings • You'll struggle to uncover solo findings • You'll find it hard to even learn from each audit We need to get out of this beginner phase ASAP. This is where the majority of folks get stuck. Let's not get stuck. 3️⃣ Absorb From Someone Who's Already Done It To rocket out of the beginner's phase let's learn from the experience of those who have done it before us. We can absorb years of Web3 Security experience in weeks just by working alongside a security veteran. Not only that but having a partner to audit with can drastically accelerate your rate of understanding a codebase. → Consult the code → Consult your partner → Understand the code more Do anything you can to get around and learn from someone who's put in the time and done the head-banging for you. Offer to: • Write reports • Write articles • Create PoCs • Create Fuzzing or Test Suites Anything you can do to provide value and get your foot in the door. Spending just 1 week with a Web3 Security veteran can outperform months of work. It's about learning what you don't know that you don't know. 4️⃣ Partner Up! Web3 Security gets tough! If you have a partner you're much more likely to stick it through and see the fruits of your labor on the other side. Not only that but having a partner to audit with can drastically accelerate your rate of understanding a codebase. → Consult the code → Consult your partner → Understand the code more 5️⃣ Get The Feedback Loop Right Your feedback loop is everything when it comes to mastering a new skill. Auditing is no exception. If your feedback loop is off you can spend months working without making any noticeable progress...😨 You can gauge the effectiveness of your feedback loop by your contest results: Clearly increasing with a stair-step effect? Yes → You got the feedback loop down No → You need to go back to the drawing board If you aren't seeing a clear stair-step effect in your contest results here's what might be happening: You do a contest, wait weeks for the findings to come out, see what you missed and study that. Here's what's wrong with that: • The loop is too slow If you're waiting more than a day or so to get feedback on your work, you're wasting time. Plain & simple. Drag your future into the present and figure out a way to shorten that feedback loop. • Auditing is not flash cards You can't memorize findings and then copy-pasta them into new codebases. The worthwhile findings don't function that way. Start seeing real improvements by getting actionable feedback on your auditing approach, not the outcome. A fantastic way to do this is by consulting someone ahead of you or auditing in a team and observing how others come to new findings. 6️⃣ Gain Credibility Security review demand is driven by credibility. Clients are trusting you with millions of $TVL. However, to get credibility you must have secured millions of $TVL already. We have a bit of a chicken & egg situation.🥚 There are several ways to tackle this, here's a favorite of mine: Find a new open-source project being launched by a big name in the space. Learn everything there is to know about it and spend an entire month auditing it. Present your findings to the team in a comprehensive report, and ask for nothing in return. Now you have a fantastic report for a big name in your portfolio of work. Chicken & Egg → Solved. Bonus points if you complete a fuzzing suite for them. 7️⃣ Go To The Market You've got a handful of contests under your belt. You've worked with several auditors & learned from their approach. You've completed a thorough engagement for a well-known team. And now you're ready to go to the market! Now it's time to see the fruits of your labors. 🏆 Use your network to get your initial reviews or shadow audits with a firm. The most important part here is doing your absolute best. Opportunities multiply when you deliver exceptional work. And that is exactly how you can join the Web3 Security industry! Best of luck, we need you in here. 🤝

Security Researchers... be aware of this scam(@crankibugatti). This guy will approach you to ask for a private audit but in the end, he wants you to download a keylogger/trojan. I noticed several folks are already following him like @xb0g0 @Seecoalba @CrystAlline_K42.