Art Of Auditing
  • 👋Preface
  • 🧙Sages
    • @lonelysloth_sec
    • @bobface16
    • @zigtur
    • @J4X_Security
    • @0xEV_om
    • @cergyk
    • @akshaysrivastv
    • @kankodu
    • @gjaldon
    • @riproprip
    • @pkqs90
    • @DadeKuma
    • @EgisSec
    • @BowTiedDravee
    • @Draiakoo
    • @windhustler
    • @santipu_
    • @winnie
    • @Guhu95
    • @_blockian
    • @neumoXX
    • @Alex the Entreprenerd
    • @bahurum
    • @__nnez
    • @0xadrii
    • @deliriusz_eth
    • @el_hajin
    • @rootedrescue
    • @merkle_bonsai
    • @n4nika_
    • @Trungore
    • @m4rio_eth
    • @iamdirky
    • @Czar102
    • @csanuragjain
    • @0xFrankCastle
    • @Al_Qa_qa
    • @Haxatron1
    • @0xMinhT
    • @0xT1MOH
    • @Said
    • @0xSorryNotSorry
    • @NonseOdion
    • @0xArzzz
    • @abarbatei
    • @tpiliposian
    • @0xjuaan
    • @MrPotatoMagic
    • @krikoeth
    • @zzykxx
    • @bauchibred
    • @00xSEV
    • @0xCiphky
    • @peak_bolt
    • @pks_
    • @Stalin_eth
    • @0xb0g0
  • 🧱THE WALL
    • 📖WALL OF WISDOM
Powered by GitBook
  1. Sages

@windhustler

Previous@DraiakooNext@santipu_

Last updated 4 months ago

Ex-Petroleum Engineer & Smart Contract Developer | SR @Spearbit | SR @Sherlock

Words of Wisdom

🧙
@windhustler
Page cover image
Cover

"Breaking Versus Understanding"

Focus on breaking the codebase rather than understanding it. Many bugs are slight logical inconsistencies that don’t even require understanding the whole picture.

Many times focusing too much on the bigger picture will yield some high-level, economical attacks but might miss out on function-specific edge cases.

Cover

"Don't Run in Circles"

It’s very common for auditors to keep on checking the same scenarios.

If you're doing this, just remind yourself that this is a form of procrastination, and the only added value is in checking those 1% complex scenarios that are hard to grasp.

Cover

"Inspire Yourself"

Go over all the bugs that are found in similar protocols on Solodit to direct your thinking and get ideas flowing.

It is the hardest to find any bugs when you don't know what you're looking for.

Cover

"Use AI"

Use AI tools to speed up the understanding of the codebase and to generate ideas.

If you don’t have a co-auditor on a project AI can be extremely useful. Just don’t expect it to give you accurate answers every time, it’s only a tool and it’s up to you to make sense of its suggestions.