Olivia
Online
0xSlowbug 🥷
@0xSlowbug
Finding vulnerabilities before attackers do | Smart Contract Security Researcher | ex @QuillAudits_AI | Solidity | Go | Move
Atlanta, GA
Joined October 2024
128 Following
726 Followers
2K Posts
Pinned Tweet
End of a chapter.
My time at QuillAudits has come to an end.
Grateful for the experience. I learned a lot and worked with an amazing team.
During this time, I:
- Completed over 14+ audits, uncovering multiple H/M/L issues
- Contributed to Quillshield AI. My work was crucial for the modification of V2 and laid the foundation for V3
- Found key edge cases across several products released at the time eg. Wachai, TokenSense, Quillcheck etc
Been having a lot of questions about road map and how to learn web3 security.
On this thread I’ll be sharing every resource I have used. I’ll simplify it so you’d work with it in steps.
Follow the roadmap sequentially don’t skip any course!
#1
@ThePioneer2339 Great roadmap
The findings will flow sir🫡
@0x15_eth Seen some audit reports and it’s crazy
@Chimajax A lot of DLT contracts are written in go.
@AmanKakar12 Thank you
It's been a hell of a year.
Took sometime off hunting to learn various languages go, move and c++.
Studied DLT systems, crosschain bridges etc.
Restarting hunting with these arsenals.
Seen a lot of success stories... Its time to make mine
Will update here in 3 months
@lhoussainePh Had a bad time with rust when I started auditing newly
Will learn it on the job
@Testimony_kid Same here
@TheWeb3Mechanic I dey follow your footsteps
@beatsieboyz - Basically articles
- Docs of the protocol
- Analyzed the commit before audits
- Studied the reports
For those that have been hacked. Studied the hacks and reproduce locally
@0xpinkman Yeah
Will do
Need results from BB for this first then I begin
@asen_sec Very good run
Or that contests remain the most effective form of audit when it comes to finding more bugs faster per dollar than any other method.
@zellic_io should open source the @code4rena platform and operational manual so projects or foundations or VCs or @ethereum or @_SEAL_Org can run these as I always felt they were: public goods. cc @samczsun
Lots of bridge hacks happening.
If you own a bridge it’s time to re-audit those contracts properly again.
This is beyond asking audit firms to check if the bug in hacked contract A is in your own code.
@0xShaedyW Hmmm
Complained about AI slop and spam
To become a top spammer
Irony of life
@0xCharlesWang @sockdrawermoney @zellic_io @code4rena @ethereum @_SEAL_Org Love firms that do this
Run a contest on some of your audited contracts and be shocked on the number of issues that would be found.
Take into consideration that contest bug severity is way different from private audits
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers