@cergyk

LSW at Sherlock | Top 5 on Cantina | Top 100 Immunefi | Creator of https://upgradehub.xyz

Words of Wisdom

"The end is only the beginning"

Keep pushing after thinking you have found everything.

After some time, you get a good gut feeling for when to stop. This is a reminder to keep pushing even after that feeling still, once in a while

"See the code through many lens"

Get as many views of the code as possible- (history, coverage, run tests), a contract is never unidimensional The goal of a security review is to get insights overlooked by the developer. Reading the code directly is the most obvious way to do it but is also the way the developer thinks about the code.

"The power of comparison"

Use the power of comparison, whether inside of a contract, or comparing a protocol design to a similar one.

Even without understanding the purpose of a piece of code, if we know that two different implementations are supposed to do the same thing, we can check for inconsistencies. Also as SRs we see a lot of different implementations for a similar projects so that is an advantage

Previous@0xEV_om Next@akshaysrivastv

Last updated 6 months ago