🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

real question: what happens if a black hat exploits a protocol and deposits stolen funds in a permissionless pool to earn yield on it? what happens next? he gets rich? how does that affect other users depositing assets in the pool? are borrowers borrowing stolen funds?

wow who would have thought I would make money for something I posted on GitHub. should talk more about AI and Web3Sec, seems that people are really interested in this topic!

created a production ready app for $1.80 and 30mins which would have taken me at least 2 days of full time work. hiring someone on fiverr may have taken the same amount of time and cost between $500 and $2,500 excluding any potential communication issues about the product.

can't believe i was building agents in 2022 for my tech lab. LLMs were SO bad compared to now, we have come such a long way in 3 years!

who here remembers the TURN token. 2022 market dynamics were wild

"believe nothing you hear, and only one half that you see" - Edgar Allan Poe, 1845

vibe hacking is coming soon, and you will see that your contracts are not as secure as you think. AI for Vulnerability Research and Exploit Development is pretty bad now but since commercial models and agentic workflows keep improving, expect everyone trying to hack everything.

Should we make AI users first-class citizens on Cantina? So it's clear to everyone that the findings are AI-generated.

the unfortunate reality is that everyone is a code reviewer / security researcher. the industry LACKS actual security professionals. if you want to become a security professional and have a career in web3sec for many years to come (as code review will go down thanks to AI

now we only need real time generative rendering so the AI waifu can not only tell you but also show you how to cook meth. add to that a camera for I/O processing so she can also correct you in real time if you mix the wrong chemicals

decentralized peer to peer communication over bluetooth by Jack Dorsey. did anyone build / try this already? looks interesting, maybe can repurpose into a bluetooth RADAR to find my drunk friends who NEVER PICK UP THE PHONE during a festival github.com/permissionless…

top 10 smart contract vulnerabilities in 2025 by OWASP 10

an "audit" and a "review" ARE NOT THE SAME.

a defi protocol should have policies for everything. policy means "rules". CODE is LAW, but PROCESSES should also be LAW! for example: 1. what is your onboarding / off-boarding policy? 2. what is your smart contract review policy? 3. what is your treasury management policy? 4.

there are big 2 things going on here: 1. A Framework to assess the security posture of a protocol at a point in time. 2. A Standard (ISO like) with controls that DeFi protocols should be compliant with. public Request For Comments version coming soon!

where are the crypto focused cybercrime forums share link pls 👀

security researcher reviews repo going to be like: - src/agents/gas-and-informational .md - src/agents/low-hanging-fruits .md - src/agents/basic-vulnerability-checklist .md - src/agents/run-slither-and-verify .md - src/agents/test-coverage-and-fuzzing .md - src/agents/write-POC