How to become the #1 Auditor in Web3
Вставка
- Опубліковано 3 чер 2024
- We catch up with Or aka "Trust" and learn his process for finding bugs with Immunefi, Code4rena, and his approach to security in Web3.
🔐 Trust Twitter: / trust__90
🔑 Trust Website: www.trustindistrust.com/
✍️ Blog: / how-to-become-the-numb...
📽️ Full Interview: • Code4rena Trust Full I...
⏰ Timestamps
0:00 | Introduction
0:43 | 1. Understand the EVM
1:42 | 2. Understand the protocol
4:53 | 3. Compare your understanding of the code
5:39 | What tools do you use?
7:07 | Where can you follow Or?
7:28 | Summary
Check out these articles to learn about some of these tools and start your journey as a smart contract engineer!
👇👇👇👇👇👇👇👇👇👇👇👇👇👇👇👇👇👇👇
📕How to Become a Blockchain Engineer: betterprogramming.pub/how-to-...
✍️Top 10 Resources, Tutorials, and Follows: dev.to/patrickalphac/top-10-s...
👆👆👆👆👆👆👆👆👆👆👆👆👆👆👆👆👆👆👆
✅✅ Donate ✅✅
I use donated funds to spend money on making fun & informational videos.
ETH/Polygon/Avalanche/EVM Chains Wallet address:
0x9680201d9c93d65a3603d2088d125e955c73BD65
Or, optionally:
- patrickalphac.eth (ETH Only)
😸😸Follow Patrick!😸😸
Twitter: / patrickalphac
Medium: / patrickalphac
TikTok: / patrickalphac
Twitch Stream Uploads & Shorts: / @patrickalphac-alt
All thoughts and opinions are my own. - Наука та технологія
This is Patrick Collins. Aka the reason why we keep youtube notification off our permaban for sending notifications. A legendary person that is the first one to actually pass the 10 hour marked video by Michael Knight. Patrick offered thousands of developers and interested persons in tech such valuable insight that I as representative of the human race am truly grateful for his work and how much he means for the future. Patrick is a living legend and shines a light on fellow living legends.
Wtf lol
Damn. I'm crazy honored by this comment M Knight.
Thanks, Patrick. Now I am already on my way to becoming a bugfinder degen 🤣
Man, becoming an auditor sounds absolutely daunting. But it feels like you should aim to be able to audit others' code if you're a Web3 developer anyway as everyone benefits; you for gaining more experience in securing your own project and helping to protect others' projects. Thank you for the video, I'll be sure to have try my hand in Code4rena in the future.
So interesting contents, thanks Trust and Patrick👌
Finally new videos I was waiting for ages
Been on a slight hiatus I know!
Thanks for the efforts on this, really opens up a new arena on opportunities in Web3 along with practicality.
very good topic to pick, thanks
Glad you liked it!
Great interview
Patrick, you are the MAN. Trust is next level. Thanks for the constant flow of game-changing info.
Absolutely ser 🫡🫡🫡 I’m very happy trust is in the web3 community!
Why my six sences are saying that you are recording a course on Auditing? 😀 BTW Thanks to you both for the information.
hehehehe
Good morning sir I am from India
Morning over there. I am from Africa, the swahili at the swahili coast
gm fren
super cool
thanks . from algeria
سلام خو معليش تعطيلنا الفيس ولا الديسكورد نتواصلو
GM @patrick I need yo help, can you suggest me some platform for where I can do auditinh
Code4rena my fren
does his work only contain finding the vulnerability or solving those bugs also?
both
Hi Patrick ,
I have been learning Blockchain from your free code camp 32 hour video , it’s really great resource,
And Thank you for putting out a great content , really appreciate.
But bit doubtful if there is job opportunity in blockchain space with solidity .
Because lately getting to see a lot of negativity and some of the guys being jobless as a blockchain developer.
So PLEASE let me know your insights about job opportunities and also future of being a blockchain developer.🙂
We are currently in a bear market, but I also ask this question:
"Given two systems, one where you can verify everything yourself, and one where you can only trust someone behind closed doors is being honest, everything else the same, which would you pick?"
That makes smart contracts (and therefore solidity) inevitable.
@@PatrickAlphaC Thank you for replying Patrick,
As you said Smart Contracts are Inevitable,
And also you mean to say that If we are in Bull market then there would be better job opportunities . Ohkay will stay around the block until it's back flying high .
But this question came to my mind because of some guys posts in LinkedIn who were in bad shape and jobless due FTX scam .
Anyway Thank you for insightful Videos . 😊
Trust came from NSO group - cyber intelligence firm, no doubt this is easy for him.
They really breed them different over there.
nice
🔥
Should you learn JS before solidity?
If you'd like! But you 100% can just jump into solidity
Quick question, can ChatGPT become #1 Autitor tool in the future?
I think you are referring to AI or machine learning in general, chatGPT is just a chat bot. But yes, there already exist many projects for finding bugs in code in an automated way using machine learning to find the best pathways of execution to follow, rather than brute force. There are some products out there that can automatically generate working exploit code, and of course, automatically generate the fix and tell the developers how to fix the issue.
Great question! So chatGPT big submissions have proved to be… bad.
Maybe in the coming years, but right now it’s not good.
I wanna be #1
I don’t understand the existing financial infrastructure well enough. Where can I read up on it? Like collateral, staking and other existing financial concepts
There are a number of great places to learn about DeFi, here is one: thedefiant.io/tag/defi-101
Thanks so much for sharing the link@@PatrickAlphaC
Selam from Türkiye Patrick. Don't forget the channel XD
🔥
I believe the most important thing that was said...READ DOCUMENTATION..
Please how can we make a token that can automatically keep minting a new token every second till 20 billion tokens are minted? I would really appreciate any open source for this.. And investors can purchase these tokens but will be unable to sell it till after 2 years?..
Really specific request, but basically you'd just have a "view" function of total supply which increments every block and then you'd disallow transfers.
@@PatrickAlphaC Okay thanks broski.. I wish I could see some codes in action that explains this, I'm kinda still a beginner!
@Patrick Collins Also do I need to use a vesting contract for the Time lock where these users can't withdraw or have access untill after two years? And then a different contract for this token minting?
@@PatrickAlphaC
Actually this is what it's about
A time Lock token to release a token every day (no longer seconds) till it gets to 20 billion..
there will be pre issued tokens too for investors & developers but locked for 2 years (they wont be able to sale it for two years but it can be optional incase they need Money)
For those unaware, unless you're literally the #1 auditor, the likelihood that you'll end up penniless and on the streets is very high
Not true. The reality is the top 1% make a ton of money, the top 10% make good money, and everyone else makes a lot less.
If you're only in here for making money, that's the situation. If you're here to make web3 more secure, these skills are helpful a million other places. Being a security focused smart contract developer actually makes you way more enticing to hire as an engineer.
@@PatrickAlphaC Yes but firms only want to hire either senior smart contract developers with years of tangible experience, or those who were lucky enough to be successful on ImmuneFi/C4 2 years ago.
There's like 8 reputable smart contract security firms in the world, and none of them care anymore if you know the EVM inside out and have a respectable C4/ImmuneFi ranking
smart contract Auditor is veryyyyyyyyyyyyyyyyyyyyyy difficult job and hard job in the world
Hard for you!
Do you really think that he will tell you steps to take in order to become as good as him?
Lol, people are really naive!
bro ...
I can see where you skeptisim is coming from, but I made a 32-hour-long tutorial to get people up to speed with me and this channel is dedicated to getting you better at being a web3 dev.
Yes, I make sure when I work with someone they are being authentic. I also do security audits and his advice was 100% on the money.
And in the grand scheme of things, it actually is in his best interest to teach people to get good enough to get into web3. The more people in web3, the more potential clients he has.
Chris, Did you listen to the video? He absolutely revealed how he does audits, and the tools he uses.
The best auditor ever can tell you his exact step by step process. It doesn't mean you will be as good as him, not even close. To be a good auditor you need to put in the work.
Be careful - you attract what you are!
Patrick why that white hair while podcasting 🥹🥹😭😭😭😭🤣🤣
That's part of the santa hat ahah