Being an auditor is not an easy job. There’s a lot of pressure on us to do our job perfectly. If we don’t, and we miss something, millions are on the line. It’s a bit different than standard web security, where there can be breaches and databases can be leaked. Don’t get me wrong, it’s still terrible, but it won’t sell on the dark web for nearly as much as someone can earn from DeFi exploit.
Last month alone, we witnessed ~$38M gone from various DeFi protocols and apps. I’m not counting private key theft, phishing campaigns, or exchange hacks. In June, there was ~$40M, and a month before that ~$173M. That’s a lot of money being stolen every month, and it’s not stopping.
Auditing many projects and having the above numbers in the back of your mind can make you stress a bit. It’s important always to improve and keep yourself as up-to-date as it is possible. But how do you do that? What are the excellent resources for being informed in Blockchain Security?
First, if you haven’t done that, subscribe to a weekly newsletter of BlockThreat. It covers various topics from the latest hacks, security research, conferences-related security videos, or the newest, exciting tools. I’m learning a lot from that, and it keeps me up to date with what’s happening in my space.
If the newsletter is not your thing, you could try to join some discord communities. I can recommend two.
The first one is a place for most of the security researchers to reside and discuss various topics. It may be the latest hack or just a discussion about a specific topic of EVM.
Secureum is a newly created discord, from what I can tell—created explicitly for incoming Secureum’s security Bootcamp. There are great folks there from various backgrounds discussing and sharing interesting links. For anybody just starting, that would be a great place to ask questions.
If you like reading about security in more "traditional" fashion, there's no better place than rekt.news. Just visit their website and behold of the glory of community journalist about DeFi Security.
Apart from Newsletter and Discord groups, I’m following few accounts on Twitter that post about blockchain security. I recommend you do follow them.
If I missed someone, forgive me 🙏
Thanks for reading, and if you like my writing, you can subscribe to my blog to receive the daily newsletter as I'm currently in the middle of 100 days of blogging challenge. Subscription box below 👇
If the newsletter is not your thing, check out my Twitter @adrianhetman, where I post and share exciting news from the Blockchain world and security.
See you tomorrow!