I received my first payout today on @code4rena
First award, first 4 digits, 1 confirmed Medium ๐ฅณ
I am just in shock that this is happening to me. It's the most incredible emotions. ๐ฅน
1. Practice (โณ~27h):
All this week I have been auditing the centrifuge on @code4rena. The understanding of the protocol was getting better and better by the hour. I liked the codebase and the graphical explanation of the contracts. 1H 2M 1L (I hope they will be accepted๐)
๐๐
1/ Finished the Centrifuge audit on C4. I find a few problems. I will share the results later.
Took ~22h to understand the code base and find bugs.
I liked the code base, it was easy to understand and there weren't many dependencies.
Here are some helpful tips that have made:
2. Learning/theory (โณ~11h):
๐ก๏ธSecureum:
- Solidity 201.
๐ก๏ธCommon Web3 Security Issues (by @yAcademyDAO)
๐ก๏ธWeird ERC20 Tokens (gh: d-xo)
๐ก๏ธAnd a little bit about the differences of L2
4/ In this contest I tried the approach that is so often written about - it is to understand the protocol and only then go to the code base. This advice had only a positive impact. I recommend it.
What advice has had a positive impact on you? What is one that I should heed?
3/ I noticed that I started to understand the code base only after a couple of hours. In the last contest, I was pointlessly running through the code trying to find vulnerabilities. As a result, I didn't understand anything and I didn't like the work.