Aamir

@jeffsecurity Looks fine to me

@code4rena is where everything started for me. My first step into this space, first earnings, first real confidence. Grateful for it all. You will be deeply missed.

@shafu0x 😂😂

yo tech bros if she is a chinese 10 she is a spy

@immunefi @infosec_us_team 👏

The talented @infosec_us_team just scored a maximum bounty reward of $200,000 for their critical bug report. The protocol was ready to pay in full, but @infosec_us_team decided to donate $100,000 back to their treasury, so that the protocol can keep rewarding future whitehats. This elite security researcher team absolutely didn't have to do this. They chose to. A truly remarkable day of generosity. P.S. This bounty just earned @infosec_us_team a huge amount of Hunt Points for the IMU airdrop. P.P.S. In the future, anyone will be able to back security researchers like these and share in their IMU rewards.

@farman1094_ @0xSimao Yeah my bad! 😂, how many tokens did you get though 😜

@0xSimao @ua1552 😂😂

Update: my friend managed to sell his Monad bags quickly, but is now super sad the price went up a lot already

@cvetanovv0 Please check dm

🫡

The people in the top don't have an unfair advantage. We all try to compare ourselves to the greats in the industry. You might have the temptation to think that they had some sort of unfair advantage that you don't, and that becomes the justification for your failure. Worse, now you feel bad for yourself. "Poor disadvantaged soul, if I had what they had, if I had started as early as they did, if I did not have all these things going on in my life..." This mentality will trick you. Instead of continuing to work hard and grind, you now have an excuse, you now know that it was never a fair race really, so of course it led to failure. You will assure your mind "might as well rest, it's just not in the hand I got dealt with". Let me give you a piece of advice, not as someone in the pinnacle of wisdom, but as a fellow peer who's been in the trenches for a bit more time. It might be harsh, but it's truthful. That mindset is that of a child. It's the mindset of the weak and of the ones who will soon be forgotten. Just a background actor in life, feeling sorry for themselves because others have it better. Where do you think the top players were a few years ago? Were they born on top of the mountain? Not at all. I recall @0xFlint_ sharing the nickels he was receiving in his quest to top the wage of a McDonald's worker. Ask @pashov how his first audit competitions went. Maybe not terrible, but would you have guessed his success just by looking at those results? I recall @bytes032 posting spot the bug challenges, sharing knowledge, and grinding more in a week than everybody else. You think @officer_secret was an opsec guru since day one? Failing is not the problem. Everyone will face it, it's not just you. But some will stop there, while others will overcome it by hard work and consistency. Will you be joining the people at the top? It depends solely on you, for you don't have any unfair disadvantage.

zk proofs are powerful but proving = expensive & slow. RISC Zero’s bonsai-sdk lets you outsource heavy proving jobs to the Bonsai service, while keeping cryptographic trust. Let’s see how it works under the hood 🧵👇

@PrevrandaoH @virtuals_io @PatrickAlphaC @CyfrinUpdraft @philbugcatcher @zerocipher002 @krikoeth @Al_Qa_qa Congrats ser 🎉

@muellerberndt @cantinaxyz Great job Ser! Congrats 🎉

First time competing on @cantinaxyz. The result is ok given that I learned Chialisp from scratch & only audited during the cutscenes while playing Doom TDA. But I'll try to do better next time

gazans are dying from hunger .. DYING FROM HUNGER ..... DYIIIINNGGG FFRRRROOOOOM HUUUUUUUUNNNNNNNNGNER WHAT A FUCKING WORLD WE LIVE IN idk what to say , idk what to do , every bite I take feels like a betrayal 💔

Alright, Part 2 is here now 📢 Solidity ABI Encoding gets trickier with complex data types. That's exactly what I cover in Part-2 We’re talking Structs, Dynamic Structs, and Recursive Patterns. Must-Read for Smart Contract Devs 🧵 Quick thread & link below:

@huntoor @InfraredFinance Congrats brother 🫡

Alhamdulillah, i have won the @InfraredFinance contest. Its been a while since my last posted win😅. 2nd consecutive contest and win, is it the rise? Some stats: - Time spent: 7 days - was the only one to find all high severity issues - Found the only solo in the code The main thing iam happy with in this contest is the amount of learning i got: - read a lot of EIPs (some were unrelated to the code but was intuitive to read more through) - read some geth code, and got a grasp of how consensus/execution layers work on the code level - read one GEAS - run my first local node to build a POC Downside for the above learnings is the % of coverage of those beautiful medium severity edge cases by those beautiful auditors This code has one of the longest call flow i have ever seen. I Love staking More than DEXs Auditing, Had much fun auditing this one Also i may decrease my contests participation alot(in general and not related to specific platform) Plans? - Leverage more time on niches i believe in and love - Join firmsss - Only participate in contests that add to my knowledge and have proper incentives - Become a judge (judging protocols that i love auditing), meh least likely because of the big amount of spams currently in the space and how judging may make me a hated person from newbies.

Tips, Tricks and Ideas 2.5$M @eigencloud contest. I've spent quite some time on this exact code-base at @certora last month, so let me give you a list of tricks and ideas to help you 🫵 become a Millionaire. - Documentation The EG documentation is extremely extensive and @cantinaxyz has done an excellent job of providing a list on the contest page. Take a look at SharesAccountingEdgeCases.md to avoid finding known issues. Do not get lost in the docs, the code is what matters! - Scope All contracts are in scope, which is a massive amount of code for 3 weeks. If you want to focus on the changes, go to EL github: feat/slashing-diff and the Rewards release. - Tests The amount of tests and fuzz tests is just stupendous and can demotivate any auditor. Yet it could be interesting to focus on the use of mocks and mock functions. If the mock imitates but does not perfectly copy contract functionality, what actually was tested? - Formal Verification Every rule that is proven is a mathematical certainty, use it to quickly assess the validity of an attack vector. Keep in mind that the Prover is limited by the imagination of the engineer. Any situation that was not conceptualized might prove valid. - Magnitude Magnitude is the core ruler that governs allocations. Map out all possible actors and actions that might change this variable. Have they truly all been accounted for? - Shares OperatorShares, DepositShares, WithdrawalShares, ScaledShares, Slashed Shares, etc.. They are added, subtracted, multiplied, divided, cooked, braised, fried and minced. Is there really no loss of precision? Do magnitude and shares always remain in perfect lockstep? - Strategy != BeaconStrategy The beaconETHStrategy is fundamentally different from all the others, yet they are supposed to work in a quasi-identical manner in allocation and delegation manager. Was there something overlooked? - Containerization An AVS should only be able to affect operators in his Operator Set. An Operator should only be able to affect his own stakers. Are all variables perfectly separated and/or reset when actors move places? - Access Control Many functions are limited by _checkCanCall(AVS or Operator). Which are the actors and delegated actors. Is it possible there is a gap somewhere? - Slashing slashOperator and modifyAllocations are the critical functions around which this entire update revolves. If there is a Crit to be found, it will likely be there. - The BeaconChain The beaconChain already slashes operators through a completely different system. Now this complex system is perfectly merged with another completely different complex system? Complexity gives birth to bugs. Examine the connection between the two! - Fix Reviews The fix for a bug can sometimes introduce such complexity that somewhere else a closed door opens for a fraction and a bug comes rolling in. Review the fixes in extreme detail! That's all I got folks. Good Luck to you all, I hope you will find the bugs but I also hope there are ZERO to be found. 👊

It's time to lock In! #cantinaeigenlayer

@Al_Qa_qa @farcaster_xyz @cantinaxyz Congrats bro 🫡🎉

Alhamdullah, I managed to secure 6th place in @farcaster_xyz completion on @cantinaxyz I was busy most of the contest period and had Private work to do. But I managed to spare 1 week to participate. the result is not the best, I will do better next time ISA 🫡

@ret2basic @code4rena Thanks!

@AamirUsmani1552 @code4rena congrats!

@faridweb3 @code4rena Thanks brother!

@AamirUsmani1552 @code4rena Congratulations Aamir

@seancryptiq @code4rena Thanks!

@AamirUsmani1552 @code4rena Congrats