If you are intermediate tier or above on @immunefi I have a question and need your help on whether or not I should bother to submit a finding I have. There is a dangerous invariant that can be violated, and it's likely an intentional bypass of the revert safety measure but would leave the vault in a vulnerable state that could see the rest of available funds drained, that said I did figure out a way to allow the admin functions that could cause this state to succeed while still maintaining safety.
The protocol is a paid submission only protocol so I don't want to waste money submitting something likely to be rejected. If you need more details comment or DM me!
@omarvvvr This is the gun argument and it's retarded. Cursor doesn't write code without people. Cursor doesn't network, Cursor doesn't get funding, Cursor just sits there without me it's as useless as internet explorer
God is at the center of it all, we are called to love him and love others, and told that we are to abhor evil. That's why we work hard to make better lives for the next generation, work hard to secure the future. Everything stems from there
https://t.co/WdqwxN6DEV no doubt about it. 1m lines audited 17 criticals, hundreds of high, medium and low findings, PoC unit tests if build environment is provided, forked PoC tests if build environment is provided, reads documentation + comments + natspec for free and considers them, dozens of agents orchestrated in a workflow that is exactly like that of a senior researcher, some run in parallel, some wait until they have data from others. It loops recursively when needed, creates and tests composite attack vectors based of findings, and produces .0025 false positives per effective line of code. It also does full ZK auditing and Full blockchain/DLT scopes are coming soon.
If you don't believe me about this, sign up and just on log in you get $1k credits to audit with, that covers about 4.5k effective LoC
@theBliz_@banteg I'm old enough to remember printing out Yahoo maps and reading the directions from the backseat to my ADHD mother who always managed to still miss an exit by 5 miles and get lost.
The best part of my life is not the business successes that are happening right now, it's getting to look out my window and seeing my sons joyfully playing together, taking breaks to go be with them and jump on the trampoline, laying down and praying over them at night as they fall asleep.
All the other blessings are minor in comparison
@vidrepar Yo, can we get our submission rate limits ticked back up if we submit and it's closed as Duplicate? it helps now having the studio tool, but I think the rate limit is intended to stop spam, but duplicates are generally valid but already fixed or reported, so it's not spam lol.
Adding full blockchain/dlt auditing capability to Audit Aid, this is a WORK to get right.
The most fun part is right now, the initial v1 design is done, I've run a couple of tests and things are working 'Kind of' but getting the agents to obey, ensuring they have the tools available in their image, making it possible for them to cover 700,000+ lines of code, and getting them to do both novel attack vector thinking while limiting hallucinations is the fun challenge.
I did it with smart contract and ZK auditing, I can do it as well with this, the weird part is just how much fun I have doing this shit. Building agentic pipelines that do something real, not just a slack messenger which tells you there's a business call at 3pm.
@owenthcarey Nawww not to me man, I just cannot do them, I need something I can dream about, obsess over, that I want to go through with every second, I just can't do that for someone else's goal.