0xBugFounder

Hook Bazaar connects hook developers with protocols, providing a marketplace for publishing, monetizing, and distributing hooks. The platform uses the Diamond pattern for safe multi-hook composition and 0xSplits v2 for revenue distribution. Juan serrano + @viktor8156222 + Tommy Hook page: atriumacademy.notion.site/Hook-Bazaar-Ma…

I am super excited for this academy. I'll share my journey and also my impressions. Wishing good luck to all the participants!

Currently reading The Infinite Machine to better understand Ethereum’s roots, and exploring Bankless for DeFi insights. What other resources (books, podcasts, courses) helped you level up in DeFi?

I have always mostly learned by doing tests in school here is the same if you find quiz take it. Easy or not! "I just took the "Run a node" quiz on ethereum.org and scored 6 out of 6! Try it yourself at ethereum.org/en/run-a-node/… #ethereumquiz #ethereum #quiz "

Most protocols skip NatSpec. Don’t be one of them. Good practices take you further!

The future belongs to Web3 auditors and devs. Remember this tweet.🚀

@andrelqco @pumpdotfun @taposcat @usualmoney VIRAL

I studied 10 viral crypto projects of 2025 that raised $billions using the same 4 patterns. Like @pumpdotfun , @taposcat , @usualmoney , etc. Like + Comment "VIRAL" and I'll DM you. (must be following) Simple 4 steps anyone can steal and apply immediately.

Smart contracts are not just about writing code – they’re about architecture and security. Anyone can learn Solidity syntax. What truly matters is how you design, test, and secure your contracts. That’s where the real value lies. - Writing Solidity code isn’t hard. - Writing secure, well-tested, and upgrade-safe contracts is. - Building a dApp isn’t hard. - Making solid architecture decisions, creating meaningful diagrams, and maintaining proper documentation is. - Security-first mindset is non-negotiable. If you’re not thinking like an attacker, you’re already behind. Bonus tip: Never skip NatSpec comments in your smart contracts. They’re not just for auditors – they’ll save you time when you revisit your code months later.

How can I save you time in web3?🤔 I made a mistake for which I’m paying everyday. Now I will show you how to avoid my mistake. Upgradeability — especially UUPS — is something every advanced developer and auditor should understand. Why our focus is on UUPS, just because most of the protocols are using it. The following resources will save you days of deep research Firstly you can start with Owen- youtu.be/e5lWvt1rIm0?si… This will give you a solid overall understanding of how upgradeability works Then you MUST READ none other than @RareSkills_io and to be more precise - rareskills.io/post/uups-proxy This will gain you all of the needed knowledge. Finally if you have enough time it will be good to check these tweets from @threesigmaxyz they are showing key aspects of upgradeability and also vulnerabilities. x.com/threesigmaxyz/…

💡Smart contracts are not just about writing code – they’re about architecture and security. 🧠 Anyone can learn Solidity syntax. What truly matters is how you design, test, and secure your contracts. That’s where the real value lies. ❌- Writing Solidity code isn’t hard. ✅- Writing secure, well-tested, and upgrade-safe contracts is. ❌- Building a dApp isn’t hard. ✅- Making solid architecture decisions, creating meaningful diagrams, and maintaining proper documentation is. 💻 - Security-first mindset is non-negotiable. If you’re not thinking like an attacker, you’re already behind. ➕Bonus tip: Never skip NatSpec comments in your smart contracts. They’re not just for auditors – they’ll save you time when you revisit your code months later.

If you want to increase your chances of finding bugs in smart contracts, just look for recurring patterns generated by AI, like unnamed imports – and boom, you’ve got yourself a find. Protocols that have been made with AI are much weaker so far than human made protocols. It might not be a big payout, but you’ll gain confidence and move forward more easily. I’ll show you soon 😉🤌

In web3 security 10 hours of debugging can save you 10 minutes of reading documentation, so be sure that next time you will take a right choice. Follow me for more tips and tricks. to the moon 🚀

Once you try being a blockchain auditor, your teammates will start writing code at least 30% faster. Why? Because you’ll be the one constantly thinking about how every single line of code could be exploited. Do you agree?

Why should you work in Web3 before trying to go independent with security contests or solo audits? 🧵 1/ One of the most valuable life skills is surrounding yourself with the right people. If you’re stuck in your current job while trying to learn Web3 security, it’s much harder to stay disciplined and motivated. Most of us need proof that what we’re doing is meaningful to stay consistent. 2/ Starting as a developer in a Web3 company is an amazing move. You’ll immerse yourself in an environment full of people with similar interests, constantly learning not just about Web3 security but about the entire space. And you’ll absorb best practices from those ahead of you. 3/ Once you’re part of a Web3 team, something shifts. You gain new motivation and discipline because you see the bigger picture. You’re no longer in the dark—you’ve found a path, and the “light at the end of the tunnel” becomes real. That’s a game-changer. 4/ Of course, this approach isn’t for everyone. Some people are so self-disciplined they can thrive without external support. But for the majority of us, it’s important to engineer our environment to help us succeed. In Web3, your network and the knowledge you gain are priceless. 💡 5/ So, before diving headfirst into contests, consider this: Start with a Web3 company, build connections, grow your skills, and gain that real-world experience. Once you’re ready, you’ll have the foundation to confidently go independent. What do you think? Would this approach work for you?

@dobrygeorgiev @CyfrinUpdraft @PatrickAlphaC @tinchoabbate @0xOwenThurm @pashov @RealJohnnyTime congrats! May we can make team audit?

I'm excited to announce I've just completed the Updraft Smart Contract Security course 🎉 A 24hrs course With 6 hands-on auditing sessions! Thank you @CyfrinUpdraft, @PatrickAlphaC, @tinchoabbate, @0xOwenThurm, @pashov, @RealJohnnyTime

ETH SOFIA - the best place but why? - Because you can gain a lot of network and also knowledge and we all know that for every newbie this is crucial. If you are here do not hesitate to DM me. #blockchain #blockchainsecurity #ethsofia @ETHSofiaBG

I don’t get why 80% of tweets say: “It’s not too late for Web3 security.” 👉 Today is always later than yesterday. 👉 Tomorrow will always be later than today. Yesterday might’ve been easier, but tomorrow will be harder. The best time to act is always now—not just for Web3 security, but for everything. 💥 #Web3 #BlockchainSecurity

@stanchev_33 Rly good! Wish you luck.

Hardships are familiar to every auditor. 😓 Maybe you scroll through X, see a lot of good results, lots of good payouts. You think to yourself, why hadn't I got my first 3,4,5 digit payout, am I not build for this space? Step back, relax 🌴 Here is a something I've written in my notes: -do 30 contests ⭐️ Look at this, if you've done it, and there isn't any improvement yet. Give up. If you hadn't. Keep pushing you are not ready yet. I personally had done around 10 contests and I've improved quite a lot. I feel that at 30 my brain will work on different level. Will try to do 20 more till the end of the year. Wish me luck. ✌️