Hals @0xhals
Blockchain Developer | Smart Contract Security Researcher Open for collaboration ⛓💡 DM for audits 📩 Joined November 2022-
Tweets60
-
Followers222
-
Following457
-
Likes130
Cool new foundry testing pattern I discovered today: If a mainnet contract has no way of accessing important data for testing, you can use vm.eth_getLogs to parse out events data and assert. I ran into this with OZ AccessControl checking DEFAULT_ADMIN_ROLE for a deployment ACL…
I have updated my profile on @FindAudit!😀 excited to collaborate on securing web3 protocols! reach out to discuss how we can work together! #web3Security #solidity #cairo app.findaudit.xyz/p/hals
the current disappointing scene of contests on almost all platforms (biased/ low quality judging)!
the current disappointing scene of contests on almost all platforms (biased/ low quality judging)!
Secured the 5th place 5⃣,, the judging took so long that I completely forgot I even participated in this one 😅👀
Secured the 5th place 5⃣,, the judging took so long that I completely forgot I even participated in this one 😅👀
Secured the 3rd place in "MorpheusAI" contest @CodeHawks 🤺🥉🤺
Secured the 3rd place in "MorpheusAI" contest @CodeHawks 🤺🥉🤺
Secured the 2nd place in "Olympus On-Chain Governance" contest @sherlockdefi 🥈🤺
Secured the 2nd place in "Olympus On-Chain Governance" contest @sherlockdefi 🥈🤺
lately there's been a lot of chatter about open source licenses. do you know the major differences between all of these? - permissive: MIT, BSD, Apache - gpl: GPL, AGPL, LGPL - unrestricted: public domain, unlicense - source-available: BSL TLDR summary of each license 👇
14th out of 31 rewarded participants 👀
it's always important to check price deviation/validate the returned price of an oracle, no blind trust when integrating with a 3rd party!
it's always important to check price deviation/validate the returned price of an oracle, no blind trust when integrating with a 3rd party!
a thorough breakdown of the KyberSwap exploit mechanics! 👍
a thorough breakdown of the KyberSwap exploit mechanics! 👍
waiting for it! @CantinaBouncer 💪
waiting for it! @CantinaBouncer 💪
this tip is 👌💯🥇🤓: "get your hands on as many codebases as you can possibly imagine" !
this tip is 👌💯🥇🤓: "get your hands on as many codebases as you can possibly imagine" !
Dikshita Singh @DikshitaSi52448
9 Followers 272 FollowingTejas Pokale @TejasPokal3270
6 Followers 195 FollowingElastos Chimwanda @ElastosChim
88 Followers 811 Following Founder @ Cyber Defence Consultancy @cyberdefencecon || Advisor | Cyber Security | Cloud Security || CISSP | CCSP | CISA | CIA | ISO 27001 LA17r17fa4j8gbdj @cujv5r2q2ci
16 Followers 196 Following 【coinsrw . com 】User**me:Rom88 , P*****rd:R 66888 Bal:4,289,287,11 U.S.D.TM Sohaib Khalid @M_Sohaib_Khalid
68 Followers 815 Following Computer Engineer | Software Developer | Cricketer🏏 ||Studying Software Engineering at UCPMaddie Budworth @MaddieB22830
9 Followers 1K FollowingKassidy Specter @specter16613
101 Followers 5K FollowingRaoul @RaoulSaffron
656 Followers 888 Following Formal Verification @rv_inc Building Simbolik: The Solidity Debugger with built-in Symbolic Execution. EVM | Solidity | Debugging | Formal MethodsOmamiroro Emmanuel @omamiroro
3 Followers 141 FollowingAngelena Mundwiller @AngelenaMu97541
82 Followers 5K Followingziyad moneep @ZMoneep
1K Followers 4K Following #Python #Django #Developer #AI #GenerativeAI #Cloud #DevOps #Blockchain_developer #Web3 #Smart_contract_security_audit - #Blockchain .Hayley Cox @HayleyCRushy
2K Followers 3K FollowingŁukasz M @0xluk3
488 Followers 1K Following Smart contract auditor | Pentester | Hacking at @Monethic_ioc4lvin | ChainLight @SiwonHuh
615 Followers 1K Following Web3 Research Analyst @chainlight_io, @theori_io | c4lvin.ethTony @LonggP90471
7 Followers 56 FollowingHudaibia @Hudaibia99
171 Followers 966 Following "Web3 security enthusiast. Passionate about building secure and user-friendly experiences . Let's talk tech #web3security #SwiftLang #SketchIronside Security �.. @IronsideSec
8 Followers 348 Following Audit portfolio : https://t.co/CvgnjsWvwT smart contract Audits watson @sherlockdefiDaniel Armstrong @daniel_arms90
55 Followers 196 Following An independent blockchain security researcher currently active in audit contests on platforms such as Code4rena, Sherlock, and Immunefi.Vedant Mistari @28vedoxic
7 Followers 146 FollowingSubhradeep Samantray .. @s_subhradeep
351 Followers 924 Following Grad @IITKanpur | Bullish on Web3 | 🦅 at @CodeHawks | Smart Contracts, Crypto & Blockchain | 💙 https://t.co/srVPGMn9Rf Armyitspragadeesh.eth @Pragadeesh_19
81 Followers 2K Following Smart contract Developer || Web3 enthusiast|| Learning Web3 at @AlchemyLearnnmirchev8 @nmirchev8
564 Followers 197 Following Security to the world! Smart Contract Security Researcher Part of @EgisSec손용기 @YongGi8932
5 Followers 89 Followingำยถยกบไ.. @ykbiihw62767
16 Followers 375 FollowingKavita B @0xscaudits
209 Followers 2K Following Exploring the intersections of Web3 and security, safeguarding decentralized ecosystems one line of code at a time | #Web3SecurityResearcher4B @Q_a_A_e
142 Followers 2K Following i am just curious about smart contracts for now. 🔗 - GitHub https://t.co/kIxfjjugHuCrypto @Crypto46937971
71 Followers 116 FollowingKarthik Menon @karmenooo
17 Followers 639 Followingannumeena @annumeena19
62 Followers 4K FollowingPolaris_tow @Polaris_tow
62 Followers 626 Following Building @MoveBit_ @scalebit_-Smart Contract Audit | Web3 Security Researcher!Tigran Piliposyan @tpiliposian
2K Followers 615 Following Security Researcher @hexensio | Core Contributor @ https://t.co/mtkNnlOFId | PhD in maths | Ex-Central Banker | 10+ Years in Financial Sector | Martial Arts EnthusiastRaoul @RaoulSaffron
656 Followers 888 Following Formal Verification @rv_inc Building Simbolik: The Solidity Debugger with built-in Symbolic Execution. EVM | Solidity | Debugging | Formal Methodsziyad moneep @ZMoneep
1K Followers 4K Following #Python #Django #Developer #AI #GenerativeAI #Cloud #DevOps #Blockchain_developer #Web3 #Smart_contract_security_audit - #Blockchain .Bixos Incorporation @Bixosinc
42K Followers 667 Following 🏘 Real Estate $UBXS Real Estate Marketplace 💳🏠 https://t.co/fak4smBZSO #RWA https://t.co/aM5jK1j7RdŁukasz M @0xluk3
488 Followers 1K Following Smart contract auditor | Pentester | Hacking at @Monethic_ioc4lvin | ChainLight @SiwonHuh
615 Followers 1K Following Web3 Research Analyst @chainlight_io, @theori_io | c4lvin.ethZaevlad | Pre-audit r.. @RightNowIn
2K Followers 166 Following Security researcher, Foundry and tests expert. Warden at @code4rena, @cantinaxyzSubhradeep Samantray .. @s_subhradeep
351 Followers 924 Following Grad @IITKanpur | Bullish on Web3 | 🦅 at @CodeHawks | Smart Contracts, Crypto & Blockchain | 💙 https://t.co/srVPGMn9Rf ArmyDaniel Armstrong @daniel_arms90
55 Followers 196 Following An independent blockchain security researcher currently active in audit contests on platforms such as Code4rena, Sherlock, and Immunefi.Juan @0xjuaan
806 Followers 202 Following smart contract security researcher • cs+maths undergrad security audit portfolio: https://t.co/SIJaMnkqabnmirchev8 @nmirchev8
564 Followers 197 Following Security to the world! Smart Contract Security Researcher Part of @EgisSecShieldify Security @ShieldifySec
2K Followers 127 Following A unique Subscription-Based Model that entitles the customer to unlimited audits & top-notch service quality thanks to a disruptive 6-layered security approach.FindAudit @FindAudit
891 Followers 1 Following We help you connect to hundreds of auditors/audit firms for free.hexens @hexensio
6K Followers 4 Following New approach to cybersecurity solutions. Indisputable skills and a unique super-focused perspective on every single case are the value we create.Anibe Samuel @anibesam
916 Followers 3K Following Solo Maker. Exploring Blockchain, Hyperledger, and Web3 Security. Building https://t.co/do1pq81Pnw 🎉ret2basic.eth @ret2basic
1K Followers 3K Following Web3 security researcher | Leading moonmath study group @__zkhack__ | @RareSkills_io ZK bootcamp | 🚩 CTFer at DeFiHackLabs | Ex @sigp_io intern | 🦀 Rust + ZKAudinarey @Audinarey
253 Followers 348 Following Smart Contract Security Researcher. Reach out for a smart contract security reviewSilent Walker @0xSilentWalker
665 Followers 518 Following Security Researcher | White Hat - Hunting Bugs in the Dark Forest.btk @0xbtk
387 Followers 232 Following Security researcher | DM to secure your code: https://t.co/Xvv3OACG0aETHGlobal @ETHGlobal
79K Followers 1K Following We help builders bring the vision of Ethereum to life. ⏭️ Next up: ETHGlobal Sydney! 🇦🇺 Join us there: https://t.co/486uz8LI9mAndré @iamandreiski
299 Followers 337 Following Independent Smart Contract Security Researcher | Ex - https://t.co/B89mvkdniS | You can reach out @ https://t.co/k23TmIlM1nAndrey Babushkin @CyberBabushkin
200 Followers 680 Following Web3 Security Researcher @AckeeBlockchain | #Ethereum & #DeFi | Aspiring Educator & Tech Writer | Boxing & AI Enthusiast | https://t.co/HaXBhNbsmRMilan Mitic @milanmitic24
120 Followers 412 Following core engineer at @nima_global - 🏗️ building @dragonswap_dex | prev engineer @ AvalaunchChainSecurity @chain_security
6K Followers 260 Following ChainSecurity provides security audits and develops tools to protect web3 projects - come join us at [email protected]!CodeJam @CodeJamOfficial
92 Followers 9 Following Onboarding the next 1 million Web3 Devs. Let's learn blockchain together! https://t.co/pr1rXq82Ch https://t.co/nRpQbgpE23Nadir Ali @0xnadirali
148 Followers 620 Following Future is Multichain Head of Biz Dev @Block_Apex | Mason @code4rena | Web 3 Security & Tokenomics Researcher | Web 3 Venture BuilderOffside Labs @Offside_Labs
1K Followers 22 Following 🚀 Web3 Security pioneers | Expert security auditors & consultants | Guarded $300M+ in digital assets | @Paradigm CTF 2023 Champion 🥇 | https://t.co/wH0uG4O3MkFaith @farazsth98
3K Followers 307 Following Security Engineer @zellic_io, Independent Vulnerability Researcher, CTF pwn+blockchain @SuperGuesser, Prev: Android Vulnerability Research @dfsec_comNethermind @NethermindEth
26K Followers 881 Following Engineering and research solutions, empowering developers & enterprises to build upon the decentralized web. Ethereum @NethermindEth Starknet @NethermindStarkWeb3 Risk & Insurance @inDemniFi
50 Followers 85 Following Crypto Insurance and Risk Management || website + wallet: inDemniFi.Crypto || code: https://t.co/MwT3JgQYda || https://t.co/7xZy6g6p3Vustas.eth @ustas_eth
627 Followers 413 Following It's /ʲustɑs/ • rollups • zk-proofs • security research • 🌿ustas.lens • 🦇🔊 • ~novlen-natsylBr0niclΞ (buidling) @luksgrin
999 Followers 714 Following Science & Math. Opinions are my own. Expect shitposting. Junior Security Researcher at @SpearbitDAO . Always NGMI. https://t.co/xlkQBxHwnpBountyHunt3r @Bount3yHunt3r
1K Followers 443 Following Web3 Security Researcher. 60+ Security Engagements Completed! Experienced in Solana, EVM and CosmwasmValory is hiring @valoryag
2K Followers 5 Following ❖ Architecting autonomy ❖ Premier creator of open-source frameworks for #coownedAI, inc. decentralized autonomous agents, since 2021Lefteris Karapetsas |.. @LefterisJP
56K Followers 773 Following Founder of @rotkiapp🐦, the portfolio tracker that protects your privacy. #Berlin. University of Tokyo graduate. Marathon runner. #ethereum developer. #birdingHiring @XHiring
34K Followers 9 Following Try job search at https://t.co/7dVBTNIpt5 (available on web and iOS).ChainLight ➡️ SEA.. @ChainLight_io
3K Followers 209 Following Established in 2016, ChainLight's award-winning experts provide tailored security solutions to fortify smart contracts and help you thrive on the blockchain.To you collection of cool Foundry tips!
Cool new foundry testing pattern I discovered today: If a mainnet contract has no way of accessing important data for testing, you can use vm.eth_getLogs to parse out events data and assert. I ran into this with OZ AccessControl checking DEFAULT_ADMIN_ROLE for a deployment ACL…
📢📢📢 I am thrilled to announce that I’ve joined @GuardianAudits as a full-time security researcher. I learned a lot from their YT channel, and now I have the chance to work with them. Thanks to @dannygfromnyc and @0xOwenThurm for this amazing opportunity.
The advice I got when I went into solo security research is that only the top 1-5% of researchers make enough money. Looking at it now this is true but a very shortsighted way of looking at things. If you’re building in public, working on your brand, and competing in the public…
Stats for recent win: -> Third consecutive 4-Fig win! -> Secured #8 position ->Thank you @cantinaxyz @3dns_inc
The downsides of the contest model no-one tells you about is: * countless hours of back-and-forth arguing with strangers over the Internet trying defend the uniqueness and validity of your findings, while also attacking the uniqueness and validity of others' findings since…
Over the past week, @sherlockdefi and the @Optimism team made what I believe is an erroneous re-scoping of the security contest rules. The direct consequence is invalidation of ~90% of the unique bugs submitted and re-shaping the payout. Long-term, this threatens to be a…
Audit the code not with the mindset of ensuring everything is written correctly, but rather with the mindset that there are numerous bugs in every function. Challenge every line of code and every parameter, aiming to uncover that bugs.
Back in December, I conducted a private audit for LayerZero V2. The report is available at: github.com/LayerZero-Labs… Seeing my name among legends like @cmichelio, and top-tier security companies such as @0xPaladinSec, @chain_security, @zellic_io, and @osec_io makes me PROUD!
1 Hour with @PatrickAlphaC where I cover: 1⃣ how I break down stateful fuzz testing by invariant types and contract lifecycle 2⃣ my favorite general heuristics which I use to find all sorts of bugs in many different codebases 3⃣ mindset and ultimate recipe for success Link👇
Got 20 minutes? I recommend watching this video featuring our own @KirsteinUri from @CertoraInc 👇 Even if you're not into fuzzing/FV, building a mental model is crucial for understanding the expected behaviors of protocols, so as to better break them youtu.be/dQLZCArP53I?si…
I have progressed tremendously over the past 6 months. Last week I was offered a leading position in one of the competitive audit platforms. What seemed unreachable a while ago, not is reality. For anyone starting with their web3 security journey. Don’t focus on tutorials and…
I'm thrilled to announce that I recently had the chance to contribute to strengthening the solid code base of @amet_finance. 🙏 I wish them a lot of success with the project. 💯 You can check my report here: 👇 github.com/NicolaMirchev/…
I now get to learn from some of the most based hackers since 2019. junior huntooooooor @HalbornSecurity 💫💫💫
Pattern recognition in audits: Especially during competitive audits, you'll need to recognize where the hot spots are so you get the most value in the least amount of time. How can pattern recognition help? 1/5🧵
𝐇𝐨𝐰 𝐝𝐢𝐝 𝐈 𝐟𝐢𝐧𝐝 𝐚 𝐰𝐚𝐲 𝐭𝐨 𝐛𝐥𝐨𝐜𝐤 𝐭𝐡𝐞 𝐋𝐚𝐲𝐞𝐫𝐙𝐞𝐫𝐨 𝐩𝐚𝐭𝐡𝐰𝐚𝐲? It’s February 2023 and I’m building the first omnichain index product on top of @LayerZero_Labs V1 with @phuture_finance. I’m tasked with exploring the ins and outs of LayerZero. I’m…
Wormhole Signers Change Your cross-chain contracts might have a serious vulnerability Wormhole Guardians are off-chain components that observe the Wormhole core contract for anyone invoking the `submitMessage` function. After the invocation, the guardians sign the payload and…
Handling whitelists for refunds seem to be one of the most common ways people are wasting tens of thousands of dollars every day... Here's another example... $10,448.84 spent by the deployer setting up their whitelist. Gaslite Merkle Airdrop is coming this week. Gas bad.