Olivia
Online
Mark
@keterka
Security researcher web3
Top-60 Hacken Proof all time,
20+ (H/M)
DM for private audits👇
Joined July 2023
158 Following
99 Followers
105 Posts
Pinned Tweet
BOOM💥 The winners are here!
Massive congratulations to the top performers on the Reliq Finance audit contest leaderboard.
🏅@j4ycked
🏅count-sum
🏅@keterka
🏅@Rbd30
🏅@Alicrali333
Keep it up!
Another audit done for @robinmarketsxyz!
Sharp team, fast to ship fixes, and they take security seriously.
Results are in for @monetrix_xyz on @code4rena.
🥉 3rd place QA
5th place overall
The manual + max AI experiment paid off.
Huge thanks to the people behind the tools:
Plamen by @p_tsanev
solidity-auditor by @PashovAuditGrp
x-ray by @PashovAuditGrp + @0xFireFist
Also looks like this is my last win on @code4rena. Still hard to believe the platform is going away.
Mentorship with @bichistriver
@PashovAuditGrp
@anchabadze Good job, bro! Will try it out 🫡
I built an extension for smart contract audits to visualize function call flows.
https://t.co/rHl4Ys8wvV
I encourage you to check it out because I believe this extension can significantly help with smart contract auditing and save a huge amount of time.
If you have any comments, find any errors, or have ideas for improvements, feel free to reach out to me.
Check the video below to understand what this extension does.
I hope it helps you find vulnerabilities in smart contracts and makes DeFi and Web3 more secure.
I’d really appreciate your feedback and a retweet!
If you can stare at boring code for 8 hours and not find anything (because there are no bugs), and you do it tomorrow too (because there might be 1), then you are just for this role.
Valves 🤝 EZManager (@EZManagerCL )
EZManager tracks every position lifecycle. From opening and rebalancing to capital changes, compounding, and collections.
We are going to ensure their contracts meet the highest security standards 🫡
Very sad news.
The closure of @code4rena reflects the current state of the Web3 security industry: almost no public contests, an ongoing crisis, a bear market, widespread use of LLMs by blackhats and daily hacks.
Any industry needs new talent in order to grow and expand. Without public contests, it will become nearly impossible for newcomers to grow professionally and participate in protecting DeFi. This would lead to the degradation of the entire Web3 security industry - and DeFi as a whole - ultimately affecting the speed of adoption and trust in blockchain technology.
Everyone knows how much C4 meant to Web3 security and how many professional auditors grew through public contests. It’s hard to overestimate C4’s contribution to Web3 security.
Thank you for everything, @code4rena
First contest on @cantinaxyz, and I finished 4th in the @revertfinance competition.
Ended up with 1 Medium + 2 Info.
On to the next one. We keep hunting.
Mentorship with @bichistriver
@PashovAuditGrp
@ksaitor Give me, work! I will audit any evm protocol))
The Valves Security Training Hub is now listed on @Giveth
A free pattern recognition platform for smart contract auditors.
380+ challenges. 19 bug categories. 50K+ real audit findings.
Train pattern recognition on real exploits, not textbook examples.
Free forever. 100% goes to the project.
https://t.co/hQPvoMGsNV
Protocols, pay attention. 👀
If you need a private audit, these guys are one of the best teams in the space. ⚔️
They just took 1st place for a reason. 🏆
Wrapped up the @Panoptic_xyz contest on @code4rena 🏆
We secured 1st place🥇 with 5 valid findings (1 High / 4 Medium), including 1 solo submission.
Really interesting system. Excited to see where Panoptic goes from here. Bright future ahead 🚀
@builtwithcleo @MonetrixFinance @code4rena DM to me, I will show in yours project how skills and tools are actually affect to auditing
Security researchers: which AI tools impressed you the most lately? What should I test next?
I’m researching this seriously and planning to use as many AI tools as possible during this audit of @MonetrixFinance on @code4rena. 🤔
Day 1 update:
1. Manual
I downloaded and read the docs and README to build a clean high-level model of the project first.
Then I started the manual audit.
So far I’ve manually reviewed 310 lines out of 1,726 total lines of Solidity source.
2. Progress estimate
If I keep this pace and there are 7 days left, the manual analysis should take around 5 days total, but let’s see how it actually goes. ⚔️
3. AI
I ran the well-known x-ray skill by @PashovAuditGrp + @0xFireFist on GPT-5.4 and then found out there is already a V2 version, so tomorrow I want to test what actually changed.
4. Model comparison
I also ran solidity-auditor by @PashovAuditGrp on the contracts I already reviewed manually, using two different models:
Sonnet 4.6
GPT-5.4
5. Main goal
The goal is still to fully break down the project.
Even with strong skills, there are still false positives, so everything important still needs validation.
That’s what I want to test in public:
how far manual analysis + a full AI stack can actually go on one real audit target. 🚀
Mentorship with @bichistriver
@PashovAuditGrp
Imagine you had unlimited AI tokens.
What actually happens when you combine deep manual Solidity analysis with every AI tool you can possibly use on one real audit target? 🤔
I want to find out on @MonetrixFinance on @code4rena.
For the next 8 days, I’m going all-in on this one project:
20 Solidity files
2,566 lines of source code
No shallow pass. No half-measures. ⚔️
I’m going to manually break down the entire protocol, trace assumptions, challenge accounting, and then stack that with every AI workflow and every audit tool I can use.
I want to test whether manual analysis + maximum AI actually finds bugs a normal review misses. 🤖
This is also my first time posting in this format, so I hope I can clearly communicate what I’m trying to do and make this experiment interesting to follow.
Let’s see what this experiment uncovers. 🚀
Do you think this combination finds something real?
Mentorship with @bichistriver
@PashovAuditGrp
Final update: (over 20 findings (but all in QA))
I’m still researching this seriously and trying to push as many useful AI tools as possible through one real audit of @MonetrixFinance on @code4rena. 🤔
1. Token usage
I spent more than 170 million tokens on Plamen, using Opus and GPT-5.5.
2. Manual analysis
I also completed the full manual analysis of the protocol.
3. Findings and QA
Because I could only submit 2 vulnerabilities, I decided to move most of the additional issues I found during the audit into a QA report.
The good news is that the QA report received Grade A, so there is still a real chance it can place in the top 3.
https://t.co/vPG8JhcAmC
4. Posting delay
I wasn’t able to post earlier because I was also handling 2 parallel audits on Cantina.
I’ll share those results in a separate post.
5. Final takeaway
AI-assisted auditing is already a reality.
If you want to move faster in bug hunting, these tools matter.
During this experiment I managed to use three of the most popular tools: Plamen, solidity-auditor, and x-ray.
I’m sure there are still many useful tools I haven’t tested yet.
But the most important result for me is that I clarified a few key ideas for the AI auditing tool I’ve been building for a long time.
Thanks.
I hope there will be more contests soon so I can test it again.
Mentorship with @bichistriver
@PashovAuditGrp
Day 3 update:
I’m still researching this seriously and trying to push as many useful AI tools as possible through one real audit of @MonetrixFinance on @code4rena. 🤔
1. Token usage
I’ve already spent around 3 million tokens just on Plamen.
For now, I stopped at phase 4 of Plamen by @p_tsanev.
I’m also using Opus 4.7, and I’m really curious to see how the final results compare.
2. Manual analysis
Today’s focus was still manual analysis.
I also spent time drawing diagrams to better understand the protocol structure and key flows.
3. Main goal
Right now, I’m still more interested in building a real understanding of the project than in comparing tool outputs too early.
The comparison can come later.
Mentorship with @bichistriver
@PashovAuditGrp
@builtwithcleo @MonetrixFinance @code4rena Have you tried opus 4.7? The whole tools, like solidity auditor, plamen auditor and etc
Day 3 update:
I’m still researching this seriously and trying to push as many useful AI tools as possible through one real audit of @MonetrixFinance on @code4rena. 🤔
1. Token usage
I’ve already spent around 3 million tokens just on Plamen.
For now, I stopped at phase 4 of Plamen by @p_tsanev.
I’m also using Opus 4.7, and I’m really curious to see how the final results compare.
2. Manual analysis
Today’s focus was still manual analysis.
I also spent time drawing diagrams to better understand the protocol structure and key flows.
3. Main goal
Right now, I’m still more interested in building a real understanding of the project than in comparing tool outputs too early.
The comparison can come later.
Mentorship with @bichistriver
@PashovAuditGrp
Day 2 update:
I’m still researching this seriously and trying to push as many useful AI tools as possible through one real audit of @MonetrixFinance on @code4rena. 🤔
1. Manual
Today I manually reviewed another 400 lines of code.
2. Tooling plan
I also put together a clearer plan for which tools and workflows I want to use during this audit.
3. Research
I spent time researching newer tools and newer approaches for AI-assisted auditing, and that research is still ongoing.
4. AI runs
Today I also finished running solidity-auditor on GPT-5.5 and Opus 4.7.
I haven’t compared the findings yet, and I probably won’t do that until the end.
For now, I want to stay manually focused on understanding the core of the project first.
5. Main observation
There are a lot of tools on the market now.
I’d like to test as many of them as possible and see which ones are actually useful in practice, not just interesting on paper.
At the end, I also want to total up how many tokens this entire experiment consumed. 🚀
Mentorship with @bichistriver
@PashovAuditGrp
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers