# @kankodu

### <picture><source srcset="https://67142634-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVDeQxk13w6LLaqk8VRNs%2Fuploads%2FoexTy0YLirZNUEtBi9hl%2Fimage.png?alt=media&#x26;token=37136669-4ffa-4e5c-8b1b-37ce3a42855c" media="(prefers-color-scheme: dark)"><img src="https://67142634-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVDeQxk13w6LLaqk8VRNs%2Fuploads%2F6UuX7506T6D6jWfc9mI0%2Fimage.png?alt=media&#x26;token=07518bf0-fb67-4824-afc5-d83972c322ac" alt="" data-size="line"></picture> [@kankodu](https://x.com/kankodu)

### Whitehat ranked #18 [@immunefi](https://x.com/immunefi) | SR [SpearbitDAO](https://x.com/SpearbitDAO)

<div align="left"><figure><img src="https://67142634-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVDeQxk13w6LLaqk8VRNs%2Fuploads%2FxBCNgtkTyim7214pt6py%2Fimage.png?alt=media&#x26;token=fab00112-a1bd-4a08-8b7d-a93b033a6c8e" alt="" width="100"><figcaption></figcaption></figure></div>

## Words of Wisdom

***

<table data-card-size="large" data-view="cards" data-full-width="false"><thead><tr><th align="center"></th><th></th><th data-hidden data-card-cover data-type="files"></th><th data-hidden data-card-target data-type="content-ref"></th></tr></thead><tbody><tr><td align="center"><h3>"The Programming Language is Not a Blocker<strong>"</strong></h3></td><td><p>Understanding the application logic and being able to read a bit of the specific programming language is sufficient for finding bugs; </p><p></p><p>Expertise in that language is not mandatory.</p><p></p><p>You don’t need to stick exclusively to Solidity to hunt for bugs. </p><p></p><p>Although I lack expertise outside of Solidity, I've successfully reported bugs in Vyper, Rust, Cairo, Move, and other languages.</p></td><td><a href="https://67142634-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVDeQxk13w6LLaqk8VRNs%2Fuploads%2FBBYe9agZ6JGsSwSH4nnc%2Fimage.png?alt=media&#x26;token=73104116-b3e2-4991-97e2-c4ad31c367e8">image.png</a></td><td></td></tr><tr><td align="center"><h3>"Consider the Dilution Effect When Describing Bug Impact<strong>"</strong></h3></td><td><p>When evaluating the impact of a bug, keep the <em>Dilution Effect</em> in mind. </p><p></p><p>Suppose you identify two possible impacts of an exploit: one with high impact and the other with low. </p><p></p><p>As a bounty hunter, you may feel inclined to mention both, but this can backfire. </p><p></p><p>The weaker impact can dilute the stronger one, as people tend to average the effects rather than summing them up. You're better off emphasizing the higher impact alone.<br><br>Source: <a href="https://t.co/jOaqaYrPR9">The Counterintuitive Way to Be More Persuasive by Niro Sivanathan (TED Talk)</a></p></td><td><a href="https://67142634-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FVDeQxk13w6LLaqk8VRNs%2Fuploads%2Ft6dCiKeQgNJLUil8gANs%2Fimage.png?alt=media&#x26;token=75248950-f93b-444b-9cac-96459703eec7">image.png</a></td><td></td></tr></tbody></table>