Super Useful content. And I request you to make a separate video on Roadmap to Web3/Smart Contract Security ( I know you did, but we need the updated one) , I just switched from web2 security to Smart Contract security recently
Yes please make an updated video on this, and include its pros & cons whether it is its job market, its longevity even with the emergence of insane auditing tools and the inevitable AI integration into the auditing processes.
Really loved the video. I have few questions. I am college dropout i was previously in web2 security did few training internship and I am very new to web3 Security but I still like the web2 aspects of social engineering how can I bring these 2 things together and get some leverage in web3 Security and also is getting a degree important for getting jobs or grow in web3.
SIR Do I need to learn Web3.js and Hardhat and libraries like this to become a Smart Contract Security Auditor or Just I need to learn Solidity ?. I knew solidity
I reckon the thing that helps with the amount of bugs in web3 vs web2 is that the code is always in staging, fresh and fertile grounds for bugs :) Can you still do SpearBit while working at Sigma?
@@thinkingonyx847 yep I believe so, Spearbit is equivalent to doing private audits, so there will be a conflict of interest. Bug bounties and audit contests are still ok to do though
Andy, hello, have a question. Can c4rena ban you for a bad report?I am just looking at the contests now and all three of them are private. I know that there are contests that limited to specific participants and have special requirements. But, anyway, I have this kind a paranoia
Not that i am aware of, if you are making an effort in your reports, even if they are judged as invalid you won't get banned. The private contests are for people who ranked high in previous contests.
![Quando Rondo - Grow Up [Official Music Video]](http://i.ytimg.com/vi/8zFnCg3BO4Q/mqdefault.jpg)
Andy's content is getting better and better, ⚡👏
🫡
i love your content
Awesome to hear :D
Super Useful content. And I request you to make a separate video on Roadmap to Web3/Smart Contract Security ( I know you did, but we need the updated one) , I just switched from web2 security to Smart Contract security recently
yeah I have been thinking of doing an updated roadmap
@@andyli Bro do this please, I need it badly. Now I'm in confused stage, just doing Ethernaut Challenges after finishing Solidity from Patrick
Yes please make an updated video on this, and include its pros & cons whether it is its job market, its longevity even with the emergence of insane auditing tools and the inevitable AI integration into the auditing processes.
Thanks for your efforts, Andy!
No worries!
Keep doing these, super useful!🔥
Thanks! Will do!
Nice dude! Thanks!
No problem!
Very relevant blockchain auditor content!
thanks!
Banger over banger !
When Cmichel sir ?
🤔
Really loved the video. I have few questions. I am college dropout i was previously in web2 security did few training internship and I am very new to web3 Security but I still like the web2 aspects of social engineering how can I bring these 2 things together and get some leverage in web3 Security and also is getting a degree important for getting jobs or grow in web3.
you could consider the infrastructure security side of web3 which is less developed compared to the app sec side
Love the content thanks guys
cheers
Nice content, as always! Do you have any resources to point out to get into zk auditing?
Jackson posts good zk content sjkelleyjr.medium.com/zk-snark-concepts-explained-like-youre-15-54755f87c6d1
Andy, are there any stories in your videos of how to apply to the Spearbit and what skills one needs to have to apply?
Apply on the Spearbit website. You will need to do a technical assessment and interview
SIR Do I need to learn Web3.js and Hardhat and libraries like this to become a Smart Contract Security Auditor or Just I need to learn Solidity ?. I knew solidity
Hope you understand what I am trying to ask
Learn Solidity first, then learn a framework like hardhat etc
Do you think AI will replace smart contract auditors' jobs? Can you make a video on this topic, please?
Not right now. In the future I don't know
another banger🐧🐧
🫡
Thanks!
No problem!
I reckon the thing that helps with the amount of bugs in web3 vs web2 is that the code is always in staging, fresh and fertile grounds for bugs :) Can you still do SpearBit while working at Sigma?
can't do spearbit
@@andyli Is that standard for audit companies?
@@thinkingonyx847 yep I believe so, Spearbit is equivalent to doing private audits, so there will be a conflict of interest. Bug bounties and audit contests are still ok to do though
Andy, hello, have a question. Can c4rena ban you for a bad report?I am just looking at the contests now and all three of them are private. I know that there are contests that limited to specific participants and have special requirements. But, anyway, I have this kind a paranoia
Not that i am aware of, if you are making an effort in your reports, even if they are judged as invalid you won't get banned. The private contests are for people who ranked high in previous contests.
@@andyli thank you for answer!:)
Idk, but i've seen him somewhere :D
maybe TrustX video?
probably C4 Showdown at Secureum TrustX 2022