Yahia sherif

16 posts

Yahia sherif banner
Yahia sherif

Yahia sherif

@yahiasherif0

Smart Contract Auditor || Bug Bounty Hunter || Solidity || Rust

Katılım Şubat 2024
402 Takip Edilen17 Takipçiler
Bloqarl | Zealynx
Bloqarl | Zealynx@TheBlockChainer·
Watching someone teach is the weakest way to learn security. You nod along, feel like you got it, and forget 80% by tomorrow. Everyone knows the feeling. So for Zealynx Insiders we didn't just book a video call. We built our own live classroom into the Academy. Here's how a session actually works: → We walk through a real protocol together (first up: building Uniswap V2 from scratch). → But you don't just watch. Every step, you answer or write the code yourself, on your own machine, against a timer, while a live leaderboard tracks the room. → You get instant feedback, and every correct answer completes that section of your actual Academy coursework. Real progress, not throwaway trivia. Why this works when videos don't: you can't passively coast. Doing beats watching, a little competition keeps you locked in for 90 minutes, and immediate feedback means you fix a wrong mental model on the spot instead of carrying it for weeks. Build it. Break it. Compete. Remember it. Whether you're chasing your first paid audit, shipping a protocol you need to survive one, or founding something you can't afford to get hacked, you learn it the way that actually sticks.
Bloqarl | Zealynx tweet media
English
3
4
12
1.2K
Bloqarl | Zealynx
Bloqarl | Zealynx@TheBlockChainer·
@yahiasherif0 hey @yahiasherif0! I think I found a way. Can you please dm on telegram: vendrell46 If you're really interested, let's get you set up to pay monthly with crypto.
English
1
0
0
28
ACai
ACai@ACai_sec·
Having reviewed BattleChain‘s code, I can deduce that this project was most likely designed and generated by AI. I previously audited a contract project that was 100% designed and developed by AI, and they shared the following characteristics: 1. Redundant code, with repetitive checks implemented differently but with the same meaning. 2. A large number of global variables implemented, with each function involving numerous modifications to these global variables. 3. Excessive function splitting and function implementation methods that defy human thought. 4. A very uncomfortable read. (🤪a very subjective reason
Cyfrin CodeHawks@CodeHawks

Gm, Web3. Did you miss us? To mark the launch of BattleChain Mainnet, CodeHawks is hosting its first audit in over a year! New competition announced: BattleChain Confidence Pools nSLOC: 589 Start date: July 9th, 2026 Noon UTC Duration: 1 Week Total rewards: 7.25 ETH 💰 Check it out! 👇

English
5
1
59
6.5K
Yahia sherif
Yahia sherif@yahiasherif0·
@TheBlockChainer Please we need a way to subscribe the monthly plan by crypto. I need to subscribe but my country won't work with the payment options provided
English
2
0
0
19
PseudoArtist
PseudoArtist@0xWeb3boy·
The project had no BB program and I found a critical Chain halt issue. They agreed to reward me with their token. Small win for me as it was my first valid report in a Blockchain/DLT project 💁🏻
PseudoArtist tweet media
English
10
0
95
3.4K
Yahia sherif
Yahia sherif@yahiasherif0·
@pent0ss اول واحد طويل و هيقعد معاك التاني محتاج تقرأه ونت بتطبق فخليه بعد الجيش
العربية
0
0
0
335
أسامة 🇵🇸
أسامة 🇵🇸@pent0ss·
لو هاخد كتاب معايا فالجيش ايه احسن كتاب ممكن اخده Wep application hackers handbook OR Bug bounty bootcamp ولا فيه أحسن؟
15
1
45
10.3K
Yahia sherif
Yahia sherif@yahiasherif0·
@panditdhamdhere @ayuxhtwt That's because it's from chainlink + it's scope is very small, however I've already reported something on this contest I hope it's valid
English
0
0
1
26
Pandit | Ξ🦇🔊
Pandit | Ξ🦇🔊@panditdhamdhere·
Some smart contracts teams are really good. Gone through the entire contracts codebase and found nothing ☹️ Y'all already ai taken it, could you please spare something for security researchers.
English
5
0
39
1.8K
Yahia sherif retweetledi
Stani
Stani@StaniKulechov·
Earlier today, a user attempted to buy AAVE using $50M USDT through the Aave interface. Given the unusually large size of the single order, the Aave interface, like most trading interfaces, warned the user about extraordinary slippage and required confirmation via a checkbox. The user confirmed the warning on their mobile device and proceeded with the swap, accepting the high slippage, which ultimately resulted in receiving only 324 AAVE in return. The transaction could not be moved forward without the user explicitly accepting the risk through the confirmation checkbox. The CoW Swap routers functioned as intended, and the integration followed standard industry practices. However, while the user was able to proceed with the swap, the final outcome was clearly far from optimal. Events like this do occur in DeFi, but the scale of this transaction was significantly larger than what is typically seen in the space. We sympathize with the user and will try to make a contact with the user and we will return $600K in fees collected from the transaction. The key takeaway is that while DeFi should remain open and permissionless, allowing users to perform transactions freely, there are additional guardrails the industry can build to better protect users. Our team will be investigating ways to improve these safeguards going forward.
English
2.8K
1.3K
11.2K
6.6M
Yahia sherif retweetledi
chrisdior
chrisdior@chrisdior777·
JUST IN 🚨: @ploutos_money exploited for (~$388K) due to a price oracle misconfiguration. The protocol used the BTC/USD Chainlink feed to price USDC, massively inflating its value. The attacker deposited 8 USDC as collateral & borrowed ~187 ETH. Website/socials deleted. Rug?
chrisdior tweet mediachrisdior tweet media
English
12
7
50
9.1K
Yahia sherif retweetledi
M4lcode
M4lcode@M4lcode·
Low Confidence Infrastructure – APT43 (Kimsuky) 222[.]73[.]105[.]195 --> 0/94 This IP refers to 2 malicious files imperosnate Yunda Express 91[.]210[.]106[.]42 --> 0/94 146[.]70[.]81[.]61 --> 0/94 resolves --> health15hde[.]xyz 124[.]40[.]247[.]67 --> 0/94
English
0
2
7
2K