ByteFable
@ByteFable
Embedded Software Engineer | Smart Contract Auditor
คุณอาจชื่นชอบ
It was only a matter of time before the two education goats would clash about this. The fundamental question is “how much math should you need to know before you jump into a field that relies on math pretty heavily?” Justin would take the approach that “you need to have math…
Hi @asymmetric_re @claudijd I really admire the elite research work coming from Asymmetric. Been following since last year, learning a ton from every blog post on blog.asymmetric.re. It’s been a long-time goal of mine to work with your team. My journey so far: Helped…
- 0x0bserver - $599 - @ByteFable - $599 - @josh_my_man - $599 - @Ghostcybersec1 - $599
Everyone knows that the easiest way to become insanely skilled is to skill-stack. You know what skills pair really well with each other and basically everything else? Math and coding. If you’ve got serious math chops, coding chops, and deep domain expertise in another…
Maxxing out your math skills in your early 20’s will compound in ways you wouldn’t believe. Do yourself the favor.
1/6 🧵 Just secured a $25,000 bounty for finding a critical bug using formal verification! on a newly deployed contract Thanks to @gegul_'s BugChain.xyz The bug was so subtle that traditional testing has missed it completely. This is why @CertoraInc method is changer
It’s well known that most people who try to learn how to code fail, but what are the reasons for this beyond giving up too soon? Having sat down with people new to coding and trying to teach them, here’s my analysis: Programming is hard to learn because traditional education…
Great catch and writeup by @giovannidisiena 👏The overflow behaves unexpectedly with uint8. While the byte itself wraps around, the upper byte(s) on the stack aren't zeroed out as you'd expect. This leads to subtle inconsistencies, which become apparent upon inspecting the stack.
As a security-minded Solidity developer, this is your sign to be very careful when using unchecked blocks and inline assembly. As of 0.8.0 and later the compiler will automatically handle under/overflows. But what happens if a variable allowed to overflow is then used in yul?…
Great to see @HackenProof restructuring their reward system to mitigate Sybil attacks 👏 docs.hackenproof.com/crowdsourced-a… They’ve also got the most active contests running right now! dailywarden.com
How to drain an entire lending protocol when a new asset is accepted as collateral 🧵 And no, it’s not just another Compound fork.
How do you read code? I don't read it line by line, by flow by flow. Especially facing a complex codebase, I follow a certain flow, and ignore any other noise until I get that flow right, then I move to the parallel scenario and read the sections I skipped.
Shoutout to @DevDacian for 1 hour of PURE AUDITING ALPHA: - crystal clear vulnerability explanations - real world examples - personal auditing setup - auditing tips, how to correctly tag your code to make even the complex bugs more noticeable Lock in🫡 youtube.com/watch?v=AiNneU…
youtube.com
YouTube
Block 7 Guest speaker: DevDacian - Smart Contract Heuristics &...
Just stumbled across this, decided to spread it around. INSANE collection of ~180 Math resources: - Probability & Stats - Linear Algebra - Real Analysis - Calculus & Differential Equations and many more. github.com/valeman/Awesom…
This is the biggest ERC4626 checklist that I've ever seen. More than 350 direct vulnerabilities, many pitfalls, integration errors and more. Every security researcher should know these and it can easily be fed into AI. Great work @DevDacian 🫡 github.com/devdacian/ai-a…
Tests are nice, but what if you could prove your contract won’t break? We’re firing up Halmos wtih @zokyo_io and @shanzson and going all in writing specs, catching real bugs, and tearing through a vault backdoor. Just raw code, broken invariants, and receipts.…
You can measure how vulnerable the code is after a contest. This can help: - Projects and users to estimate hack risk - Bug hunters to scope targets - Ecosystem to track what works best - Platforms to manage reputation risk TL;DR: More solo findings -> more hidden bugs. This…
I’m doing philosophy again, but I’m 1000% sure this 1-2 min read will help you. This is something that works everywhere, in web3 security, in development, in sports, in life. Yesterday during the morning BJJ session, a white belt guy showed up. i remembered him from about 2…
This shouldn’t be a hot take, but I’ll say it anyway — the worse audit contests get, the more hacks we’ll see. 1. Fewer eyes are reviewing codes before they go live. 2. We’ve trained so many skilled hackers and failed to create enough legitimate opportunities for them. Guess…
If you want to understand how Uniswap V4 works open this:
I'm convinced this is an emerging industry with a massive TAM - we're talking tens of billions here. I've been thinking about this a lot lately because the amount of personal and work stuff I've automated over the past 6 months with Claude Code one-shotting stuff is…
We are opening up a new role at Quora: a single engineer who will use AI to automate manual work across the company and increase employee productivity. I will work closely with this person.
United States เทรนด์
- 1. Jokic 26.1K posts
- 2. Lakers 53K posts
- 3. Epstein 1.67M posts
- 4. #AEWDynamite 50.5K posts
- 5. #River 5,147 posts
- 6. Nemec 3,366 posts
- 7. Clippers 14.6K posts
- 8. #ReasonableDoubtHulu N/A
- 9. Shai 16.4K posts
- 10. Thunder 41.3K posts
- 11. #NJDevils 3,122 posts
- 12. #NIKKE3rdAnnivBattleReport 8,770 posts
- 13. Ty Lue 1,174 posts
- 14. Mikey 72.5K posts
- 15. Nemo 8,687 posts
- 16. Markstrom 1,268 posts
- 17. LAFFERTY N/A
- 18. Rory 8,169 posts
- 19. Joker 27K posts
- 20. Steph 30.4K posts
Something went wrong.
Something went wrong.