@Guhu95

Words of Wisdom

"Go slow"

Slower than you feel you need. Slower is better, better is faster.

In auditing, slower also means you'll have observations, questions, and ideas that others reviewers didn't let themselves the time to have - and find missed bugs.

"Clusters of understanding first"

Understanding the code thoroughly is 90% of the work and the results.

The other 90% (the creative work) depends on the first part fully. Yes, 90-90 applies to auditing as well.

Clusters: try to find the natural division into logical components, or "clusters" of understanding.

"Go deep"

The better bugs are in the end of the review (or after), if limited in time, focus on fewer areas, but ensure depth.

"Most deals are bad deals"

Learn to say no to FOMO! Most bounties are marketing scams, most contests aren't worth the time and effort. Crypto has plenty of bad, greedy, scammy actors, and crypto-security is not an exception to this.

Expect and adapt!

"Motivation is hard, learn yourself"

Expect the first few days on a new codebase to be confused and struggle. Choose easier tasks to break the motivation barrier. Escalations and bounty negotiations are distracting and soul-draining, aim to have fewer by choosing better bounties, platforms, and projects.

Previous@winnie Next@_blockian

Last updated 6 months ago