@maakayjunior @immunefi Hopefully not the last one😉. Great work by the way🙌
English
Diego
39 posts
English
Hey @Certora, there is a new #1 on Endless CTF leaderboard 👀
Smashed through the initial 347 target score, straight to 367 🔥
Higher 🚀
Certora@Certora
We're live with a new CTF! 🏁💰 Certora's DeFi security challenge is back. An ecosystem of interconnected protocols is open for you to attack. Full details and exploits by previous winners in the blog post. 👇
English
Move Vulnerability Database v3 is live 🚀
• 1,100+ Move vulnerabilities
• All severity categories included (low → critical)
📖 mdBook: movemaverick.github.io/move-vulnerabi…
💾 GitHub: github.com/MoveMaverick/m…
Comment & repost for more reach 🙌
#Move #Web3Security #Sui #Aptos
English
Diego retweetou
Awards have been announced for First Flight #53: RebateFi Hook 🤝
Top 5:
🥇ciphermalware - 344 XP
🥈wojack0x0 - 332.8 XP
🥉x0jgsleepy - 320 XP
🏅chain__warden - 302 XP
🏅brocrypt - 264 XP
A HUGE thank you to @0xlinguin for their contribution of this repo 🙏
(1/2)
English
My first ZK high impact bug. Honestly, this contest was insanely hard, and I am happy to have made it on the leaderboard. With that, I have now breached 50k in total earnings from public contests. Thanks @code4rena @SuccinctLabs for the opportunity
English
English
English
Things Everyone Gets Wrong About Move
Move’s safety ≠ immunity from logic bugs.
Move was built to stop structural failure.
Every resource is linear.
Every reference is tracked.
Every move must resolve by the end of a function.
That’s why you can’t double-spend, drop state, or reenter.
The VM enforces it before code ever runs.
But none of that says your logic is correct.
You can mint twice without breaking linearity.
You can bypass an access check without violating borrow rules.
You can drain a pool while staying perfectly type-safe.
The verifier’s job is to protect the machine, not the protocol.
It guarantees the bytecode won’t corrupt global state,
not that your math balances, or your supply stays constant.
Even formal verification doesn’t fix that automatically.
The Prover only checks what you write:
> ensures
> requires
> invariant
If you never describe system behavior in specs,
it never questions it.
Move gives you memory safety, type safety, and predictable state.
But correctness is still human.
The language keeps the chain safe.
It’s your job to keep the protocol safe.
English
English
This was the result of a team I participated in for the first flight contest on @CodeHawks
I only submitted a low bug and it was counted as valid.
Not a good evm audit guy, but willing to get more and hopefully bigger wins.
Even though it was not incentivised
English
@carlos__alegre @m4rio_eth Never thought of that, however I would not be surprised if they did
English
@m4rio_eth Do you think competitive platforms do this to one another to fuck competitors up??
English
If you aren't obsessed with what you're doing, you'll never be successful. 😉
4 years ago, still inexperienced I was at a tough web2 interview, but back then all I was doing was coding.
The next day, HR called me to tell me how impressed they were and the "spark" in my eyes, offering more than I asked.
Web3 security fuels that same fire in me now. 🔥
English
@junorouse @pashov I would not focus on the money, I would focus on the massive oportunity for growth and learning, which is definitely way more significant.
English
