After ~3.5 years in web3 security, I finally achieved 300 crit/h/m count!😂Here is my updated portfolio: ret2basic.me/audits.html Any firm looking for contract-based auditor with move/solana/cosmwasm/daml experience? Happy to chat😁
6
3
95
4,943
After two and half years in web3 security research field, I finally found the best firm that I want to work with. Happy to announce that I am joinning @electisec as resident of the smart contract team! I appreciate all the friends who supported me in my journey❤️
28
1
147
7,092
I am taking break from auditing code and doing a research week (May 18th - 24th). Will share my progress here. Main topics: - ZK: Groth16, Plonk, ZK rollup, zkEVM - Uniswap V3 - Fuzzing and Invariant Testing - Novel bug bounty report and hack incidents - Rust, Substrate, Solana
6
121
9,284
I am starting a 100 days challenge, building my web3 security portfolio in public until my dream company @CertiK hires me. 📅Day 001/100, I saw CertiK team doing suidex contest on hackenproof real-time leaderboard, so I am doing it as well. Let's hunt down some bugs!🫡
14
2
111
11,563
Success isn't linear. Read code, understand it, research the things that caught your eyes, question each assumption and protection mechanism, and repeat, without worrying how much money you make. Success will come to you when you are strong.
4
12
100
4,850
2025 goal: - 100k income from independent auditing work - Get into solana, cosmwasm and cairo (already know move and sway) - 0 hour spent on meaningless things (interview prep, bad ctf, random articles)
10
1
82
10,593
Spent some time going over @i2huer 's paper "Demystifying Exploitable Bugs in Smart Contracts" and wrote a non-academic "writeup" version of the paper. Enjoy. ctfnote.com/evm-auditing/res…
4
18
76
9,073
Todo: - Learn solana - Learn sui move - Learn cairo 🤪
5
4
68
8,326
Only 0.4 away from winning🤣 Achievement so far: - RACE #37 1st place - RACE #42 2nd place - RACE #20 2nd place - RACE #27 3rd place I am from @TaiChiWeb3Sec
7
3
70
2,840
Thanks @rektoff_xyz ! The acceptance rate is crazy 🥶
4
66
5,674
I am revisitng lattice-based cryptography today, sharing two great resources that I am using: - Lectures by Silverman: piped.video/playlist?list=PL… - Paper on cryptanalysis by @josep68_ and @shaananc: eprint.iacr.org/2023/032.pdf
2
10
62
7,940
"attacker exploited the precompile contract (0x4) to bypass the signature verification", which ctf player hacked this??🐱
ALERT! Our system detected a series of attacks targeting the @odosprotocol protocol on #ETH #Base, resulting in ~$50k in losses. The root cause is arbitrary call vulnerability caused by unverified user input. We notice that the attacker exploited the precompile contract (0x4) to bypass the signature verification. Protocols utilizing this method should exercise caution to mitigate similar risks. Attack TX: app.blocksec.com/explorer/tx… Subscribe to BlockSec Phalcon today to get alerted in realtime and take automatic actions to protect your assets. blocksec.com/phalcon
4
1
56
4,756
I received some DMs recently asking how to get started in zk, just to clarify, I don't work in zk anymore and my focus is in rust-based DeFi audits for 2025, especially sui move and solana. Happy to discuss anything related to my current focus.
2
59
2,636
📅Day 006/100 of hundred days to ???. Accepted offer from a chad firm just now, bye bye CertiK 😭
📅Day 005/100 of hundred days to CertiK. The resume generator I subscribed is broken, so I built my own tool using html+css+js. The generated pdf looks great, no subscription anymore. Also finished all rareskills uni v2 puzzles today github.com/RareSkills/uniswa…
22
58
7,068
If a CTF chall is solvable, I will solve it given sufficient time, that's my promise. Solved magic of solidity on dreamhack, thanks @lj1nu for making this hard chall 🥶 Probably spent 30 hours on this one. GG
6
56
3,546
Let’s see how many people in web3 recognize this: 1. rdi 2. rsi 3. rdx 4. rcx 5. r8 6. r9
25
3
53
12,883
I am writing a paper summary for a new type of AMM that uses releverage algorithm to eliminate impermanent loss. At the end of the writing, I suddenly felt the difficulty: I understand the algo but can’t explain it clearly.
1
53
3,881
Received swag from @OpenZeppelin, thanks!
3
53
2,106
It is happening! I am leading this 8-week moonmath manual study group, see you all at ZK Hack discord.
🌑🌒🌓🌔🌕🌝 Many asked for it, So we're doing it. Join our Discord to know more about the upcoming cohort of our 𝐌𝐨𝐨𝐧𝐌𝐚𝐭𝐡 𝐌𝐚𝐧𝐮𝐚𝐥 𝐒𝐭𝐮𝐝𝐲 𝐆𝐫𝐨𝐮𝐩 (link in next tweet). Big thanks to @ret2basic & @LeastAuthority for their support. 🙏🙏🙏🙏🙏🙏
6
1
51
4,246
Update: Learned sui move and completed my first sui move private audit, feeling great😁
Todo: - Learn solana - Learn sui move - Learn cairo 🤪
3
51
3,554
I compiled some of my web3 security research notes here: ctfnote.com/web3-security-re…. The list is expanding, hopefully it is helpful.
3
16
42
4,834
These goals seem very conservative now and they don’t align with my values anymore. New goal: 1. Find all crits and highs, keep my clients away from showing up in defihacklabs repo 2. Be comfortable with any type of codebase: L1/L2, ZK, or any defi regardless of language used
2025 goal: - 100k income from independent auditing work - Get into solana, cosmwasm and cairo (already know move and sway) - 0 hour spent on meaningless things (interview prep, bad ctf, random articles)
2
1
48
3,816
Finished rareskills 60daysofsolana, I guess this is my first step into the solana world
2025 goal: - 100k income from independent auditing work - Get into solana, cosmwasm and cairo (already know move and sway) - 0 hour spent on meaningless things (interview prep, bad ctf, random articles)
4
43
2,981
I found an interesting question in Stanford CS251 2021 final exam: cs251.stanford.edu/hw/final2… Given the code below, 1) Suppose totalSupply() == 16370, what is the maximum number of NFTs that you can still mint? 2) Briefly write an attack contract 3) Mitigate by modifying one line
4
5
41
9,179
Elliptic curves reading list Part 1: For those who want a gentle introduction to the theory of elliptic curves, "Elliptic Tales" by Ash & Cross should be the very first step. This is an undergrad level text which is pretty self-contained and slow-paced. press.princeton.edu/books/ha…
5
4
46
3,202
I am at 15 🥹
🎉 Secureum RACE-30 Results 🎉 💨 Number of Runners: 140 ⚖️ Median Score: 3.5/8 🥇 Top Score: 8/8 🙏 Designer: @Montyly 🏆 Top-32 Leaderboard 🏆
7
41
2,826
Wrapped up 4-week fellowship at @electisec where we conducted audits for two famous protocols. Also managed to participate in Panoptic Hypovault contest during two weekends for about 10 hours in total. I am building a website for @TaiChiWeb3Sec , testing locally.
5
1
43
2,519
For those who are interested in Rust dev and MEV, check out the code of artemis framework or even build a clone version of it from scratch. github.com/paradigmxyz/artem…
1
2
40
2,617
Ok we will do it since many people show interest. I will send out discord invite link on April 1st and this study group officially starts on April 8th. Pls only join us if you can make it to the end. If you will quit in middle of the process it is better to quit now.
I am thinking starting a 8-week ZK study group that goes over MoonMath manual in April/May. Who is interested? leastauthority.com/community…
3
6
39
3,328
Elliptic Curves reading list Part 4: Another abstract algebra book: AATA. Three things in this book stand out: 1. Each concept comes with a bunch examples 2. Each chapter has Sage exercises 3. It is free to read in a nice in-browser reader abstract.ups.edu/aata/aata-t…
1
3
41
3,833
Wow!
7
1
40
3,871
Elliptic curves reading list Part 2: If you want to brush up some unfamiliar topics in abstract algebra, I recommend reading "A Book of Abstract Algebra" by Pinter. Personally I think it is the best choice for your first book in abstract algebra. goodreads.com/en/book/show/8…
1
1
41
2,331
Announcing my new blog at ret2basic.me! The first article is about ECDH small subgroup attack and invalid curve attack. There are many details involved so I am sure there are mistakes, free feel to DM me if you find any😁
4
38
3,802
Research week day 4 done. Today I started with ZK MOOC lecture 1, 2, and 12: Lecture 1: piped.video/playlist?list=PL… Lecture 2: piped.video/playlist?list=PL… Lecture 12: piped.video/playlist?list=PL… Lecture 1 and 2 were a review for me, lecture 12 is brand new knowledge.
Research week day 3 done. I recall Tim Becker gave this advice for learning zk: nitter.app/tjbecker_x/status/1777… I still don't know a few topics from this list, so I did some research.
2
38
3,699
I wrote a series of detailed notes explaining how Plonk works. The main resource I used was the videos and articles from @cryptodavidw, also combined with lots of my own thoughts. Making it public now, enjoy😀 ret2basic.me/2024/08/21/plon…
2
8
40
2,745
Wrote an article explaining basic gnark concepts to those who already know Circom and how snark proof system works. ret2basic.me/2024/08/10/gnar… Tell me if it is helpful :) Planning to write more such articles and make it a series.
3
38
1,998
Update: I am collaborating with @__zkhack__ community for this study group so it will happen in ZK Hack discord. More details coming in the next few days. Will make official anoncement on this once everything settles down.
I am thinking starting a 8-week ZK study group that goes over MoonMath manual in April/May. Who is interested? leastauthority.com/community…
3
3
37
2,814
Replying to @ruanyf
🤣我建议只保留黑色 删除其他所有颜色
1
33
I found the only High severity bug in this codebase with one dup, not a bad result for about 10 hours of work.
The results of the $23,000 Cabal competitive audit are here! Congratulations to everyone who submitted valid findings and a special shoutout to @Schnilch for securing their first contest win! We commend @CabalVIP for their dedication to security! List of winners in below👇
3
1
36
2,412
Building my new blog😎 The first article will be two related attacks on elliptic curve, stay tunned
8
34
1,643
Right now we have 3 members from @DeFiHackLabs CTF team solved all challs on @onlypwner: @YQ996CO28254695 , @LHuangkun and myself😀 If you are a top player at onlyPwner and you want to play CTF with a team, please DM me! We are always looking for talented new members.
3
3
33
8,531
Ranked 10th in @TheSecureum RACE 28. Not bad, but I just want to win a RACE😂So hard to win
1
31
1,356
Best lectures from DeFi MOOC 2022: - Lecture 2: What is Blockchain? by Dan Boneh piped.video/playlist?list=PL… - Lecture 10: Privacy on the Blockchain by Dan Boneh piped.video/playlist?list=PL… - Lecture 12: Practical Smart Contract Security by samczsun piped.video/playlist?list=PL…
2
2
33
2,074
Reposting this again, want to add some comments. I already know uniswap v3, but the animation in the second half of this article still blows my mind! This is definitely not "yet another uniswap v3 tutorial", it actually contains some unique insights.
For over 6 months, we've been writing a large body of work that explains the Uniswap V3 codebase. As you can imagine, this is no small piece of literature! Instead of waiting until everything is done before publishing, we decided to start releasing the portions that are finished now, rather than keep the useful alpha in the dark We will compile all the blogs into a single resource, but right now this collection of articles has no name (Uniswap V3 Book is already taken — do you have suggestions?). The first article we are publishing today is “How Concentrated Liquidity Works in Uniswap V3." This article is rich in animations and even includes an interactive widget. Of course, the bulk of the investment went into making sure we explained everything as clearly as possible. We'd like to thank @andrewcmonte and @deadrosesxyz for their helpful reviews that contributed to this. More will be published in the following weeks. This is one of our biggest content investments to date. Making such an intimidating codebase digestible is a huge task, and we're excited to be at the stage where we can release some highly polished articles about it.
1
4
32
2,505
We got 9th this time🥹Congrats to the winners
Ethernaut CTF 2024 has wrapped up! 🥇 @ambergroup_io 🥈 @DecurityHQ 🥉 @statemindio Stay tuned for rewards and POAPs via email this week👀 Until next time! Check out challenges & solutions here: github.com/OpenZeppelin/ctf-…
3
31
2,760
I finally figured out a technical detail regarding polynomials... Recall that in Groth16 we make the proof succinct by evaluating polynomials (generated by Lagrange Interpolation) at a random point. This technique is supported by Schwartz-Zippel Lemma.
4
1
31
2,948
I been participating in @TheSecureum RACEs for about a year, here is what I achieved: - 6 times top 32 - 4 times top 10 - 3 times top 5 - Highest ranking was 2nd place Goal: win 1st place in the next couple of months.
2
28
1,621
Research week day 2 done. Today is another zk day, need to catch up uniswap v3 tomorrow lol. First thing I did today is reading this: nmohnblatt.github.io/zk-jarg… It explains some commonly-used zk terms in "succinct" way, which I find very helpful.
Research week day 1 done. Here is a summary of what I have learned today. The main topic for today was "polynomial". I know a few big theorems about polynomials but don't know how to prove them, so I did some research.
2
2
31
4,408
Top 10 again😎
🎉 Secureum RACE-28 Results 🎉 💨 Number of Runners: 135 ⚖️ Median Score: 3.5/8 🥇 Top Score: 7/8 🙏 Designer: @palinatolmach 🏆 Top 32 Leaderboard 🏆
7
30
2,299
Research week day 1 done. Here is a summary of what I have learned today. The main topic for today was "polynomial". I know a few big theorems about polynomials but don't know how to prove them, so I did some research.
I am taking break from auditing code and doing a research week (May 18th - 24th). Will share my progress here. Main topics: - ZK: Groth16, Plonk, ZK rollup, zkEVM - Uniswap V3 - Fuzzing and Invariant Testing - Novel bug bounty report and hack incidents - Rust, Substrate, Solana
1
1
28
5,774
When reading this article on create2 by @ProgrammerSmart : solidity-by-example.org/app/…, I found a subtle detail that I did not realize: if the constructor contains input parameters, you should take that into account when computing the address:
1
3
26
3,188
Today is the last of this research week series. Over the past two weeks, I implemented Groth16 from scratch, played with basic Circom a bit, learned more math background for zk by leading moonmath study group at ZK Hack. Will get back to auditing starting tomorrow🫡
Research week day 10 done. Got my Groth16 code working until alpha and beta. Just need to blend in gamma and delta tomorrow and I am done. Spent many hours debugging subtle math details today...It was kind of a frustrating experience but I am happy to see the code working now.
4
27
1,952
I had misunderstanding that move prevents all overflow by default… This is a sneaky edge case
Seems everything related to the Cetus @CetusProtocol hack on @SuiNetwork is on the very first few pages of Move Language book. 😲 I'm always a big fan of the default safety check, and thank you for the little, optimized, self-developed integer library...
1
26
2,301
@TaiChiWeb3Sec now has an official website! taichiaudit.com/ We offer Solidity, Move and Solana security reviews. Always top quality audits with affordable pricing. If your codebase needs to be secured, submit a form through the site and let's talk.
2
6
26
2,354
Work hard, play hard -> play Turing Complete after work😂store.steampowered.com/app/1…
3
24
2,520
Replying to @Jeyffre
😅I saw junk projects getting grants but you don’t…such a pity for the zk space
23
1,481
Let’s connect if you were selected for this block too😁
Fellows, check your inbox! Now that we have your attention... 🫡 We've been busy setting our upcoming Smart Contract fellowship for success, and the response to our fellowship call has been amazing! Thank you all for applying! We're happy to see so many ready to make it...
3
23
2,453
Chialisp devs must have IQ > 180 (I am doing circuit-puzzle on cantina)😂
1
22
1,521
📅Day 002/100 of hundred days to CertiK. I submitted 13 reports to suidex contest. Spend about 2.5 days. Will start a new contest tomorrow.
I am starting a 100 days challenge, building my web3 security portfolio in public until my dream company @CertiK hires me. 📅Day 001/100, I saw CertiK team doing suidex contest on hackenproof real-time leaderboard, so I am doing it as well. Let's hunt down some bugs!🫡
4
23
3,362
Replying to @0xKaden
Who is this guy? I never saw this id anywhere besides twitter😅
1
23
1,395
I just completed @Pentesterlab's HTTP Badge!!!
2
2
23
Replying to @Jeyffre
0xFF, a constant that prevents collisions with CREATE
22
901
CertiK strong🤯
2
28
6,718
Congrats to @TheSecureum RACE 20 winners 🥳 @QiuhaoLi too OP need nerf
3
20
1,768
Today an interviewer from another firm interviewed me with certik background (trolling me), I guess I am certik twitter ambassador now🤣
19
1,348
Yesterday I saw a question asked in @opensensepw discord server. The Yul code basically just stores some string in memory. The question is why is it 3-part: 0x20 + length + ASCII. In particular, what does the 0x20 do.
3
3
21
2,545
Replying to @Jeyffre
I used to be ashamed by treating things like blackbox back in school, but now I realize it is a wisdom: you can progress faster and come back to things you don’t fully understand later.
2
20
1,157
btw this is finished, will be published on @electisec blog probably. Stay tunned.
I am writing a paper summary for a new type of AMM that uses releverage algorithm to eliminate impermanent loss. At the end of the writing, I suddenly felt the difficulty: I understand the algo but can’t explain it clearly.
1
20
1,497
github.com/ret2basic/ret2war… I am about to start a weekly practice audit wargame in this repo. I will pick small codebases (<500 LOC) from either Code4rena or Sherlock. Participants should audit the code without looking at the report, and compare their findings with the report once finished. Theoretically, this will be a better learning experience than simply reading tons of reports without knowing the context. For the first practice audit, we will be doing Sherlock USSD contest. The report is not public yet but you can check out @RealJohnnyTime's video: piped.video/RRZt1j0rRnA. Again, don't peek at the solution before finishing the practice audit.
1
3
19
3,948
Research week day 7 done. Today I am invited to an auditing gig, so I only spent 2-3 hours researching. The topic for today is "transient storage".
Research week day 6 done. Yesterday I had an auditing gig so skipped one day. Today I am back. Today I researched (fundamental) complexity theory for the entire day. I have learned it in college but still having some knowledge gaps, so I dived deeper.
2
19
2,435
Yesterday's complete hack of Wise Lending was far more complex than reported. Very worth examining. The protocol had added explicit defenses against this style of attack, which the attack then either bypassed or used against the protocol. 🧵 1/21
1
1
20
2,092
Just a suggestion, if you want to hire people who own this cert, you should make it free, difficult and realistic
‼ Looking to get a web3 security job or grow your auditing career? Today we are launching something massive. The first certifications for web3 security researchers published by a leading firm. 🔔Link in thread. Get certified now, prove your skills, and get to the top of Hashlock's and other firms hiring lists. We are launching with certifications in both Solidity and Rust. Get certified officially by Hashlock today. And for the first 30 days only, we are offering 20% off with the code: launchhype1 ✅ Solidity Auditor Certification ✅ Rust Web3 Security Certification 🎯 Backed by billions secured on-chain. 💼 Want to get hired by Hashlock (or our competitors)? Get certified. Prove your skills. Get noticed.
2
1
20
2,230
第二天的题目非常坐牢 快出writeup😭
🔥 Ranked 4th in #BlazCTF! 💪 Big thanks to all the teammates for the hard work. Let's keep growing together! #CTF #Blockchain #CyberSecurity #Ethereum #web3 #DeFiHackLabs
19
1,019
If you know linear algebra, it is possible to bring your lattice knowledge to a decent level within just a week. The beauty of lattice is that it solves problems that seem to be irrelevant. A famous example is you can break RSA with lattice, although RSA does not use lattice.
I am revisitng lattice-based cryptography today, sharing two great resources that I am using: - Lectures by Silverman: piped.video/playlist?list=PL… - Paper on cryptanalysis by @josep68_ and @shaananc: eprint.iacr.org/2023/032.pdf
2
18
1,853
Replying to @Jeyffre
I chose web3 sec because of the amount of opportunities to prove yourself without a fulltime job. You can do contest, bounty, contractor work, ctf, private audits, endless interesting things to work on. I was in the red teaming field, imagine how difficult to get real experience
21
892
Elliptic Curves reading list Part 3: Another beginner-friendly read on ECC is "Modern Cryptography and Elliptic Curves" by Shemanske. This is a short book that gives you solid foundation for mathematical cryptography. bookstore.ams.org/stml-83
1
2
18
1,329
🧵Understanding Voting Escrows Voting Escrows are probably one of my favourite contracts and oddly enough there's almost always multiple issues within them. What exactly are they? To put it simply - users lock some of their funds for a period of time. They in return receive a balance proportional to both the deposited amount and the lock's duration. In fact, a user's balance at any time can be derived from the following formula: (amountLocked / MAX_TIME ) * (lockEndTime - block.timestamp) it's that simple. However, in order to fully understand the codebase, we need to understand every single bit of it.
1
3
18
3,375
GG! It was so dramatic near the end, my teammate just needed 2 more minutes to solve restricted proxy, we could rank 4th😂
3
17
1,585
📅Day 004/100 of hundred days to CertiK. Met my buddy @Polaris_tow in chengdu today, we stared at two codebases for the whole afternoon and found nothing!🤣 Finished rektoff solana sec bootcamp week 2 homework at night. Continue bug hunting tomorrow
📅Day 003/100 of hundred days to CertiK. Made a new friend @sahuang97 today, joined @ProjectSEKAIctf discord. Will be playing web2 ctf (blockchain challs) with project sekai team. Started Folks contest on Immunefi, understanding code, and verifying a few initial attack ideas.
17
3,410
Can I finish reading uniswapv3book.com/index.html within 7 days??? Let's see🤣
2
17
1,566
I just completed @Pentesterlab's Blue Badge!!!
1
1
16
😈Did you realize building logical gates is similar to writing circom? They both require very little technical background but you need to be smart to come up with a solution.
Work hard, play hard -> play Turing Complete after work😂store.steampowered.com/app/1…
1
17
1,207
Research week day 5 done. Today I learned some zk and did research on uniswap v3.
Research week day 4 done. Today I started with ZK MOOC lecture 1, 2, and 12: Lecture 1: piped.video/playlist?list=PL… Lecture 2: piped.video/playlist?list=PL… Lecture 12: piped.video/playlist?list=PL… Lecture 1 and 2 were a review for me, lecture 12 is brand new knowledge.
1
16
1,819
I just completed @Pentesterlab's Recon Badge!!!
2
1
15
Replying to @andyfeili
It might sound funny but one of the reasons I got into web3 (other than money) is I thought looking for logic bugs in code can increase one’s intelligence. I don’t know if that is true though😅
3
15
2,197
Thank you @_RastaMouse for the excellent course and exam! Look forward to taking CRTO II with you when it comes out.
2
2
15
And success isn’t measured by money😜
Success isn't linear. Read code, understand it, research the things that caught your eyes, question each assumption and protection mechanism, and repeat, without worrying how much money you make. Success will come to you when you are strong.
1
15
1,263
Congrats! Pukar is a beast auditor, still new in the security field but holds a lot of potential. Also a good friend of mine❤️
I’m incredibly thrilled to share that I’ve joined @electisec as a Resident Auditor. Looking forward to learning and growing alongside the brilliant minds on the team. 🙌🏻 Pumped to be joining alongside @ret2basic - here’s to more growth ahead. 🤝
15
1,353
I just completed @Pentesterlab's PCAP badge!!!
1
13