𝐀𝐛𝐛𝐚.𝐞𝐭𝐡

5 things the research phase actually means. After you understand every line, research starts. • List invariants the code MUST hold • List assumptions the dev made • Compare dev intent to actual behavior • Read how other protocols do the same thing • Read integration docs/code very deep Googling "common bugs" isn't research. That's low-hanging fruit hunting.

Q) How do you find bugs using AI both manually and automated? Prior to AI finding bugs was about asking the code a lot of "what if" questions then answering them yourself plus also knowing what to look for (code smells, important protocol properties, heuristics etc while having an attacker mindset). This is still the same with AI - AI just makes it faster and more efficient to answer many of these questions. So when using it manually, basically just ask it lots of questions, the more focused the better. Eg pick a part of the codebase and ask it lots of "what if" scenario questions like "what if this happens", "could this happen" etc. Focus on something important and try to think of all the ways it could break, then ask the AI a lot of specific questions about it, run through many different scenarios using the AI, explore the possibilities together. When it comes to building automated AI vulnerability finders that is a different ball-game; now you'll need to engineer efficient multi-stage workflows that should model a realistic audit process. You'll need to: 1⃣ teach AIs how to think, what to look for, the questions it should be asking. This is the most important thing as if you get this right it can find bugs in all future unseen codebases since it isn't pattern matching. You need to understand the mental processes an elite hacker would go through to find different types of bugs, then teach that to an AI. 2⃣ create an efficient workflow that models how an elite hacker would conduct a real audit while also leveraging the distributed power and scale of AI 3⃣ ensure the workload and required knowledge is efficiently distributed among a team of agents, such that each agent has a specific focus to avoid context bloat (remember point I made about how when using AI manually, it works much better if you ask specific questions regarding certain components - same principle applies here) 4⃣ implement various workflows to deduplicate, merge, validate the potential findings, as well as provide every agent with the context and input it needs to do its job while avoiding providing it with a bunch of unnecessary information that bloats its context 5⃣ have an efficient process for continual improvement such that the AI can continue to improve itself to find an ever-increasing diverse range of bugs, ideally with minimal human input

Product update: Account verification on Immunefi We've expanded how security researchers can verify their accounts on Immunefi, so the system works for everyone, not just those with NFC-enabled passports/IDs. Why this matters: Spam accounts and fake reports have become a real problem across the industry. They waste protocol resources, slow down triage, and ultimately hurt the legitimate security researchers doing serious work. To address this, we introduced a proof of humanity system with ZKPassport, a Sybil-resistant approach that keeps identity self-sovereign and privacy-preserving, without storing sensitive documents. But ZKPassport doesn't work for everyone. Not all researchers have passports or ID cards with NFC chips, and the app itself has had bugs. Some researchers were locked out as a result. That was our mistake, and we've been working to fix it. Three ways you can now verify: Security researchers now have three options: 1. ZKPassport: works for researchers with an NFC-enabled passport or ID card. 2. Human Passport (new, primary method): verification based on a Unique Humanity Score built from your web3 activity, social accounts, and identity-tied credentials. Hit the threshold, and you're verified. 3. Pay to verify (experimental): currently rolled out to ~10% of users. If the first two methods don't work, researchers can pay a fee to prove they're human. The goal is simple: every security researcher should have a fair shot at hunting bounties on Immunefi. If you were locked out before, give it another try, and let us know if you hit any issues. To learn more about Human Passport, check out the Help Center article: https://t.co/v9cl6qK2Mh

🚨Free for anyone who wants to get better at Web3 security!!! Most researchers struggle with: • Too much passive reading • Not enough real-world attacker pattern recognition That’s exactly what we’re fixing with the Valves Security Training Hub. 📚 Instead of just theory, you will train on how attackers actually think, so you can spot vulnerabilities faster and with confidence. If you’re serious about improving, this is for you. Start training 👇 https://t.co/dKrd5PMtFj