BlockGard

Wondering how I got 3rd place on Mento's contest? What vulnerability did I find that paid me $10k? Everything is documented here --> @0xSimao" target="_blank" rel="nofollow noopener">youtube.com/@0xSimao

Best GitHub Repos to learn Web3 Security From Scratch in 2026: 1. Awesome Solana Security GitHub: github.com/0xMacro/awesom… 2. Web3 Bounties & Exploits GitHub: github.com/ArsenSecurity/… 3. Awesome Move Security GitHub: github.com/Monethic/aweso… 4. DefiHack Labs GitHub: github.com/DeFiHackLabs 5. Awesome Smart Contracts GitHub: github.com/shafu0x/awesom… 6. Blockchain Attack Vectors GitHub: github.com/ImmuneBytes-Se… 7. Smart Contract Vulnerabilities GitHub: github.com/kadenzipfel/sm…

For all my fellow researchers and frens, I've created a basic prompt that you can use when you can't understand a function/block of code. Hope it helps🫡 --- Explain this function from a protocol-level perspective, not in isolation. Structure the explanation as follows: 1. One-sentence purpose: - “This function exists to …” (why the protocol needs it) 2. Protocol lifecycle placement: - When is this function expected to be called? - In which phase of the protocol does it belong (initialization / active operation / settlement / cleanup)? - Who typically calls it and under what conditions? 3. Big-picture connection: - How this function fits into the overall protocol flow - What role it plays relative to other high-level components 4. Concrete mental model: - Walk through one realistic example scenario - Describe what changes in the protocol because this function ran 5. Internal mechanics (last): - Explain how the function works internally, step by step, but only to the extent needed to support the mental model above ---

@aashatwt Would love

starting a web3 dev learning-in-public series. things i am learning this week: > basics of solidity > how to vibecode onchain > how to build verifiable apps on eigencompute anyone who wants to learn along drop your tg handle :)

Web3 learning resources: → Educational > cyfrin > LearnWeb3 .io > CryptoZombies → Documentation > Ethereum. org > Solidity Docs > foundry docs → Communities > LearnWeb3 community > Ethereum Stack Exchange > Reddit (r/web3, r/ethereum, r/ethdev) → News Sites > Bankless > CoinDesk > watcher guru → YouTube Channels > EatTheBlocks > Bankless Podcast > Whiteboard Crypto → Hackathons > ETHGlobal Save this :)

Learn Huff by solving a CTF challenge: themj0ln1r.github.io/writings/learn… This post walks through a MasterChef Huff-based CTF challenge in depth by tracing the stack after every opcode and reconstructing each function in Solidity, to help you build a stronger intuition for EVM internals. I’d recommend EVM devs to checkout @huff_language to understand EVM better.

Learn how to write great Smart Contracts - security first - revert early - beautiful over ugly - use libraries - multi inheritance bad - get audited early - immutability is the goal - wasting gas is bad - no unbounded loops - simple better than complex - use custom errors - flat better than nested - emit events - no assembly - use shafu formatting - write complex tests - symmetry is beautiful - pin compiler version - readability counts

Learn how to test Smart Contracts - Unit tests - Fuzz tests - Fork tests - Invariant tests - Regression tests - Integration tests - Mutation testing - Static analysis - Formal verification

how to master defi - study ethereum deeply - map narratives and capital rotation - learn smart contract risks - study the pillars of defi - master liquidity - study ponzinomics - study defi terms deeply - study tokenomics and emissions - learn mev - understand bridges - learn onchain analysis - master proper dyor - study aave and curve - read vitalik's blog - read cobie's blog - read hack post mortems - understand oracles - use defi with real capital - master defi tools - learn how to read code - contribute - know how to network - tweet - ask smart people hard questions

Top-3 security write up you must read 🏴 YearnFi exploit disclosure 🔗 github.com/yearn/yearn-se… 🏴 Critical delegation bug 🔗#delegation-added-in-period-5" target="_blank" rel="nofollow noopener">reports.immunefi.com/vechain-hayabu… 🏴 Balancer exploit 🔗 t.me/defendor_eng/8… Don't read articles blindly Reason what way of thoughts lead attacker to exploit

🚨This is the holy grail of TOP-TIER smart contracts. If you write Solidity, you HAVE to study this repo. Not skim it. Study it. The patterns, edge-case handling, and architecture here separate real engineers from hobbyists. MANDATORY reading: github.com/shafu0x/awesom…

Study one every week if you want to master Smart Contracts Morpho Sablier Solmate Solady Ajna Uniswap Seaport Curve Art Gobblers Maple Merit Aave

Web3 security pros use the best tools. Stop hunting bugs with basic kit. This curated list of fuzzers, verification, and monitoring techniques is the alpha you need. 👇 github.com/shanzson/Smart…

Must read for any Solidity developer!

To become the best whitehat you need constant challenges and ways to sharpen your critical thinking. Here is your next advanced step - The Auditor's Guide to Math. Great work by @muellerberndt🤝 muellerberndt.medium.com/the-security-r…

Free Post Recon Course and Methodology For Bug Bounty Hunters 👉🏼 youtu.be/RYdTp4a9S34 Doing a little experiment here. Should I do a full recon video next?

Top 3 things to solve in x402 - reputation - indexing - privacy

The most interesting write-up you will read this year, if you wanna take your skills to the next level as web3 security researcher read that 👇

@NahamSec thanks

🚨 Doing a giveaway for my Blind XSS Masterclass Most people think they know XSS, until they meet blind XSS, the kind that fires where you’ll never see it. Same methods that helped me earn $250K+ from real reports. hhub.io/nahamsecbxss 🎁 Retweet and reply to enter.