solana is living rent-exempt in your head

how can rust be considered a "safe" language when it has destroyed so many lives?

Can you guys please stop doing mindless airdrops for github repo contributors? At least proofread the contributors list and get a list of significant contributors not just typo-fixers We are getting a ton of new "private" accounts obviously airdrop farming via rotki typo fixes

We’re seeing confusion around @Firedancerio — to clarify: ❌This is not an official account. ✅Official Comms: Firedancer 🔥💃🏻 ✅Official Releases: github.com/firedancer-io/… Stay safe out there.

Adevar Labs is a new kind of audit firm: deeply focused, radically transparent, and built for high-stakes Solana projects. If you care about safety, trust, and getting it right before launch, keep reading 🧵

GitHub is my TikTok

I feel the opposite way for the most part. I really wish that Go actually was "boring" but instead there are a million hidden ways for your code panic at runtime

"gibberish"

Might be a hot take but “More audits, contests, or bigger bounties” is not always the best advice What protocols often need the most is internal security A 7-figure bounty w/o in-house expertise is inefficient. External help is great, but you can’t outsource all your security

👀

👀👀

👀👀👀 Alternate title: retroactively justifying all of my Informational findings

NEW: Building on Cosmos? We uncovered hidden bugs commonly overseen by developers, backed by real-world examples. Our latest blog explores these vulnerabilities and how you can address them. Read the breakdown 👇 osec.io/blog/2025-06-1…

Prior to coding agents, I used to think bike-shedding like this about code/file structure and naming was a massive waste of time But now, more than ever, it actually matters and pays to think about code organization so that LLMs and coding agents can be more productive

Ehsan I usually take the opposite approach. Whenever I audit a codebase I can give a 100% guarantee that I’ll miss at least one bug.

Bug bounty programs won't survive if they continue to be DDoS'd by LLM slop. It stops being worth the effort to triage. If you make money from bounties, or believe they're good for security, then you should refrain from and discourage slop submissions. daniel.haxx.se/blog/2025/07/1…

Friendly reminder to devs to create a SECURITY[.]md file