3 of the best web3 security AI Skills:
- FREE & Open Source
- single command (it just works)
- valuable results in minutes/hours, never days/weeks
Spare a like if you benefited from our Open Source work - this is our gift to the web3 community. URL: https://t.co/WmgRvxS2T1
🚨Solidity devs: single command in your AI prompt now gets you to ~80% stateful fuzz-testing coverage.
Introducing Fizz, fully open source. From repo to invariants, tests, runs and coverage report.
Help more people - like & retweet. Stay safe🫡
https://t.co/DFtNcwpAYo
Ex-Google engineer explained AI agent loops, harness, evals in 20 minutes - better than 500$ courses.
trace every run → judge it with an LLM → diagnose → fix → ship.
That loop is how agents self-improve over time.
Agent loops + memory + harness + evals - thats the stack.
Watch it, then save the framework below.
$1,646,858.
That’s what this hacker has made from web3 bug bounties.
Meet @WhiteHatMage
An Immunefi All Star and a bug bounty legend.
We asked him how he does it.
"What is one practical bug bounty strategy that has helped you find better bugs? "
I focus on Critical exploits only. They can be life-changing for me, the protocol, and its users. Hunters' time is very limited. I don't bother looking into paths that can't lead to catastrophic effects. I find lower severity issues as a side effect.
"What habit, routine, or mindset has made you more consistent as a researcher? "
Embrace the asymmetric nature of bounties. I prefer a few big wins instead of small consistent payouts, although that also means long, tough times with no feedback loop. The most difficult part for me is being consistently sharp. I've achieved my best performance during short bursts of a few days or weeks, breathing code 24/7, then taking long breaks of weeks or months.
"Can you share a memorable bug or win, and what helped you find it? "
My last payout on Immunefi was from a codebase I checked a long time ago. I revisited it after a year with more knowledge and found the exploit in a matter of minutes. I backtracked the issuance of funds by following complex graphs and always asking what I would need to break the core invariants. It protected over 50 million dollars in user TVL.
"What is one piece of advice you would give to a researcher trying to level up or land their first bounty? "
Try different things to see what works best for you. Don't blindly follow X trends, audit checklists, or popular posts. Hunters must be a step ahead of the rest of the space. Check niche posts, unpopular writeups, release notes, commit fixes, and anything else nobody is looking at. That's your starting point. Then go deeper.
It may be self-aggrandizing for me to say this...
but I think ZK may legitimately be the hardest applied subject in computer science.
As the post below notes, just to even start, you need a background in abstract algebra, cryptography, and theoretical CS. Most programmers don't even take courses in these subjects (and likely didn't master them even if they did).
Just to read ZK papers, you need a strong background in computational theory (which most CS majors don't).
And the annoying thing is that modern ZK relies on computational theory results that are newer than when a lot of the good textbooks were written (e.g. the textbook predates IP = PSPACE or Probabilistically Checkable Proofs, PCP).
Just understanding IP = PSPACE or PCP is genuinely hard, and those are just table stakes for some papers.
Another blocker: polynomials aren't bad, but in my experience, even programmers good at math have long forgotten that the degree of the product of two polynomials is the sum of their degrees. Forgetting "base level" knowledge like this makes navigation harder. And I don't blame programmers for not knowing this law, because you almost never use it in real life. There's also a bunch of random polynomial identities that most elementary courses omit.
Probability and combinatorics aren't heavily used, but they pop up enough times that you'll get jammed if you haven't formally studied them before.
Now let's get to understanding FRI (ZK-STARKS). Most engineers don't know the Fast Fourier Transform, and even if they do, they don't have a clear picture of why it works. Not hard to learn, but it's another obstacle.
Then we get to coding theory. Coding theory is easy to visualize, but the major open questions in the field were not resolved until recently, so many textbooks have generally not caught up. This is one area where I've found even frontier LLMs to not be helpful at explaining things because they have very little data to go off of. Topping it off, most devs don't even know what coding theory is to begin with.
Ooh, we ain't done yet.
No ser, that was just the warm-up round.
To genuinely understand the paper "Proximity Gaps for Reed–Solomon Codes" by @EliBenSasson et. al. you need to know some algebraic geometry, which relies on commutative algebra, which comes after having mastered elementary abstract algebra. So you're at least three levels deep into a subject that only math majors (maybe) touch.
Thankfully, simpler proofs for proximity gaps exist, but those proofs weren't discovered until at least 2022 or 2025, depending on what paper you consider qualifies.
I'm just including this to show that the math can get genuinely nasty. There isn't a "finish line" you can cross where things suddenly get easier -- especially since the finish line moves every year.
Furthermore, everything of consequence is written in Rust, which honestly isn't that bad, but it still takes a good 1-3 months of grinding to get fluent with Rust, as you can only internalize so much syntax at once.
Then, to do ZKVMs, you need to be comfortable with computer architectures and low-level programming. Again, those aren't that bad, but it's something most programmers aren't already fluent in because it's not "necessary" for a lot of jobs.
In comparison, machine learning more-or-less stops being difficult if you have your linear algebra, statistics, and calculus down. Then it mostly turns into engineering/experimental problems. I'm speaking from experience with this. I rarely found ML to be hard, and most of the time I found it geometrically intuitive.
ZK is hard because it goes wide and goes deep. It draws on many subjects and relies on frontier results from several of them.
Now, to keep some perspective, every subject is easy in retrospect -- once you do it enough times to gain unconscious competence.
But when your efforts are spread across so many disparate subjects, and you have to go deep into many of them.
Therefore, your reps get spread across more areas, and there isn't much data on these topics to feed the LLMs.
You can grind Zero Knowledge Proofs for years and not feel like you've really mastered it.
ZK 100% not a shortcut to making a good salary.
But if you are inspired by a challenge, energized by a battle of wits, and can take 11 KO punches and get back on your feet for round 12...
ZK might be for you.
This is the fastest way you can fuzz a solidity smart contract today.
The Recon Extension is close to crossing 2k downloads.
Chimera is already the most popular way to fuzz contracts, and this year me and Antonio already taught 25 Engineers to use the framework.
We’ve just cut a new release, and tomorrow I’ll give you a full tour!
📖 [New Guest Article on HackenProof Blog]
Bug bounty hunting may be one of this decade’s biggest opportunities - especially in the AI era.
Drawing from his own journey into security research over the past three years, @vinibarbosabr shares why AI is creating new opportunities for bug bounty hunters.
I've yet to see a learning technique as powerful as explaining things in your own words.
The numerous benefits include:
1. Catching your own knowledge gaps is easier, as they stand out like a sore thumb. You quickly realize you don't know as much as you thought you did.
2. You are far more likely to remember what you learn, as good explanations create compact mental models. It really sucks to spend 10 hours studying something and not remembering it 3 weeks later.
3. It forces spaced repetition as it is very unlikely you will be able to explain things on the first try. The very fact that it requires multiple attempts forces you to space things out.
4. While you can do it alone, it's more effective with another human. This creates natural accountability.
5. You don't fool yourself into thinking you understand something when you really don't. I've seen this play out over and over. Someone "thinks" they understand, say, Uniswap for example, then they fall flat on their face trying to explain it. This has a name by the way -- "Illusion of Explanatory Depth"
6. You get free interview practice. Interviews are about explaining something you know, and that in and of itself is a skill.
7. You keep your communication skills and technical skills in balance. You don't become that tech chad who can't progress in their career because they can't convey their ideas to other people.
8. You build your AI skills. If you can't explain to an AI what you want, you won't get it.
I used to spend my time lecturing. Now I just ask people to explain things in their own words (and ask probing questions to make sure I'm not getting a memorized recitation).
Explanation-focused learning isn't a silver bullet. You still need to drill and get your hands dirty with low-level details. But those should be seen as a step towards being able to explain the subject yourself.
Codex can 1 shot invariant tests for a 6k SLOC codebase in 8h with a /goal that references open source material from @getreconxyz and @trailofbits
I’ll share a skill soon
When I started doing audits and was trying to become more than I was at the time, I had a small list of affirmations I read every day before starting work.
It took only a few seconds, but it put my head in the right place: (BOOKMARK THIS⚠️)
1. I will become a highly skilled security auditor.
2. I study every day, but I focus only on what moves me closer to the level I want to reach.
3. I am not a procrastinator. I am disciplined, consistent, and serious about my future.
4. There are bugs hiding in every codebase. My job is to build the skill to find them.
5. I can become a highly valuable person in this space if I keep improving every day.
6. I do not need to be perfect today. I just need to be sharper than I was yesterday.
7. Every hour I spend learning security compounds into freedom, reputation, and opportunity.
A completely new security format is emerging.
One of the biggest protocols in Web3 is working with Sherlock to put it to the test.
June 15 to July 6.
More revealed tomorrow.
Yall still don't get the power Skills can have. Skills = packaged expertise, and when it's open source it's like you get free expert consulting.
We are releasing solidity-auditor v3 soon - it's going to be the best open source audit Skill you've seen. Better be grateful. Coming.
If you learn by reading or watching videos, the total time spent studying will be higher than if an intelligent tutor constantly asks you questions that push your knowledge forward (while also reviewing where necessary and correcting misunderstandings).
I did a rough calculation – it would take between 10,000 and 20,000 questions to get someone with a reasonable background in math and coding to understand modern ZK (knows recent algorithms, production optimizations, etc).
Most of these questions take only a few minutes to answer, though some may take a couple of hours to solve.
However, the mean is around 5 minutes per question.
20,000 questions x 5 minutes = 100,000 minutes or 1,667 hours or 4.6 hours/day for a year.
And the AI technology to accomplish this already exists.
More news coming soon.