🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Vyper's selector table is highly optimized, possibly some of the most optimized code in any web3 compiler. It can save dozens to hundreds of gas before even entering any user code! Interested in how? You can thank "Sparse, Constant Time Jump Tables", pioneered by Vyper lead

I finally bought my ticket to EthCC - Ethereum Community Conference, see you all there!

Might be a hot take but “More audits, contests, or bigger bounties” is not always the best advice What protocols often need the most is internal security A 7-figure bounty w/o in-house expertise is inefficient. External help is great, but you can’t outsource all your security

Custodial stablecoins are like banks where you can lose all your money if they get hacked. The only way to mitigate this risk is through issuer transparency and due diligence. 🧵

This blog is the blockchain team's biggest and most alpha-packed to date. It has tons of guidance for any blockchain org that has to deal with multi-sigs or operational security. I highly recommend reading it, especially if you plan on heavily using custodial stablecoins.

If you are building on top of Uniswap, join Areta's marketplace to find auditors and receive audit subsidies Excited to see this marketplace strengthening Uniswap’s ecosystem security

Physical and Operational security Workshop, by Security Alliance, theredguild and opsek during EthCC in Cannes, on June 30. There are very few spots, link in first comment to apply 👇

0. Last month we announced the Trillion Dollar Security (1TS) initiative: an ecosystem-wide effort to upgrade Ethereum’s security. Today we’re releasing the first 1TS report: an overview of the existing security challenges in the Ethereum ecosystem.

Debugging with AGI:

I just came across Anthropic’s report on malicious uses of Claude: anthropic.com/news/detecting… It is a great preview of what is coming. If you’re not already worried about large-scale social engineering attacks and sophisticated scams against your org, it's time to wake up

We released an updated version of Tay 💖's guide on what to do if you've been infected by malware, tailored specifically for crypto users. Take a look and save the link, it might come in useful one day securityalliance.org/go/malware

What are the most innovative projects you have seen that merge blockchain and Al? Would love to hear about them

Nice move for the industry

If you are curious about using LLMs to generate smart contract exploits, check out: github.com/gustavo-grieco… Gustavo is not on twitter, but he is one of the original minds behind Echidna and has been exploring ML-driven exploits for over a decade, so he knows his stuff

The web3 security community right now:

This is going to be a unique roundtable on physical & operational security Only 30 seats, so don't wait to register

As a general rule, comparing security reports by the number or severity of findings is about as meaningful as comparing them by page count Every team has its own categorization standards. I have seen “medium” issues flagged for things I would consider informational, or that I

If you’re at EthCC - Ethereum Community Conference and want to connect, my DMs are open Happy to chat about blockchain security, tooling, new projects, and building security teams Whether you are starting as a researcher or growing your team, don't hesitate to reach out

Join us at the defi summer day tomorrow: lu.ma/defisummer

So someone contacts you on LinkedIn with a promising job opportunity. Sounds nice, innit? They seem legit (after checking them for 1 min) and after some short convo they send you a GitHub repo with a simple Next.js "recruiting task". You clone it, run it… and 10 mins later, your