ONLY HIM
17.1K posts
ONLY HIM
@u_godfvr
Blockchain Dev | math lover | 1% better everyday
I’m sexting with this girl and on my life she’s using ChatGPT
1 YEAR! 🎯 Day 365 of my #RoadToWeb3SecurityJobChallenge 🕰️ Hours worked: 5 hours 30 min 🔎 Focus: Auditing 🛠️ Practical work: - Started auditing @MonetrixFinance on @code4rena - Read and studied several reports from past audit contest - Studied different vulnerabilities using Anki cards
Coming back to the “What’s the biggest thing bug bounties gave you?” Question, Money aside, BB taught me the art of not giving up and the art of not giving a fuck. Hunting for bugs has been a spiritual journey more than anything else... If you are in the beginning of your journey, you probably see other people making it big. Making big dollars like @Ehsan1579. You sit there and ask yourself just “How”. What do they have that I don’t? As rejections roll out and your reports get closed one after the other one, all you ever feel like is giving up. You might feel defeated, unsatisfied, all the small chatter in your head is telling you to give up… But your EGO won’t let you. EGO isn’t all bad, as society likes to condemn it. I’d go as far as to say that ego is the key ingredient in an industry as cut-throat as BB. In moments like these, your family, your friends and whoever you consider close will try to tell you that maybe it’s just not for you. Solution? -> cut everyone. Don’t let anyone get to you and put your head down, analyze what is going wrong, how to get better and try new strategies. That’s the only difference between the ones who make it and the ones who don’t. Do not take “no” for an answer. If a project closes your report but you know you are right, make sure you are right and then ask for mediation with all the facts you have. You’d be surprised how many projects close valid in-scope issues. Same thing applies if they try to reduce the severity or pay you “peanuts” for what it’s worth. I’ve been working in DEFI for years now, learning the ropes, building projects. All of them were a fluke until I tried Immunefi. I worked every waking minute for 8 months straight without any payout. Then… in September I got my first bug confirmed. A “Low” for $2000. I was ecstatic, I was excited. For literally 3 days, I was listening to music just staring and the “Confirmed” ticket. You see bug bounty is a bit like the casino, the difference is instead of betting money, you bet time (sometimes it does cost money too) and the payouts hit like a truck and you never quite expect it fully. It’s like a drug. And like a drug, you want more of it and you soon become accustomed to a certain level (“the tolerance”). They say you always chase the first high and it’s very true for bug bounty as well. The months following I was finally averaging at least 1 paid report per month. That was until January. I’ll never forget it, I had 9 confirmed reports in a row. The “High” hit soooo strongly. But with every high comes a low. Doubts cripple in, you start rationalizing it. You tell yourself that “I just got lucky”. The bug Immunefi posted on their page was from January. This cycle repeats endlessly. Turns out that February was an even better month for me. The thrill of the unknown and the unexpected is what makes it fun. I do not think I would be doing this if you took that out of the picture. It was a journey, a very difficult one I’d might add. But in the end, it was worth it. It built me into a stronger more resilient person. It thought me patience. Reports being closed hurt. Probably one of the worst types of rejection out there. But at some point in time you get used to it and have to learn how to detach yourself from the emotions and trust the process. It’s a numbers game after all. I am waiting for the leaderboard to update now (long due)! I’m curious to see if I finally made it into the top 100 of whitehats of all times. (Currently sitting at $175k in earnings from 22 reports) It’s all just a matter of time after all (;
