Fellows @mafellows Twitter profile

Last Seen Profiles

@le7hsa

@OhGeezSo

@bluegreensouls

@k_mejlstrup

@LevigrahamX

@itsragoode

@dxdchggxz

@khrim17545

@stwmaniax

@ONavrotzkaja

@dindhahahaa

@You171You

@youraaay

@make_me_sad__

@alymny31423

@sealwool

@youraaay

@ATCOBAR

@captain_tante

@palmspark_kopi

@CuseCoachJack

@MtrMaher

@pennyhawley

@Zehra_925

@bokeplokalmalam

@cnc

@chi_ba27

@natasharomanoff

@youraaay

@VikACG_ZH

@j3wls

@niqueecbfw

@AmmarAmor432862

@w_miminin

@nayer73

Fellows

@mafellows

1 year

I think I’m becoming a $link marine

60

11

399

Fellows

@mafellows

1 year

@CollinRugg @LayahHeilpern And for that reason… I’m out

2

0

49

Fellows

@mafellows

1 year

@VinIyengar I think you just made me like him more

0

36

Fellows

@mafellows

1 year

@JoeBiden I much prefer Bidenomics where my eggs are $12

18

0

36

Fellows

@mafellows

1 year

@rootslashbin Chainlink repos are the best. By far the highest standard in the industry. Amazing team @chainlink

0

2

24

Fellows

@mafellows

1 year

@uncledoomer fupa game on point

1

0

17

Fellows

@mafellows

1 year

@MPelletierCIO communism, eh?

3

0

17

Fellows

@mafellows

10 months

I've been using @gasbot_xyz for a minute, and am very thankful that @0xDjangoOnChain let me take a look at v2. Great, project and excellent codebase. Thank you for letting me do a security review.

1

2

18

Fellows

@mafellows

7 months

If you're In Web3 security and would like to write an article that gets sent out to 10K+ Web3 builders, send me a DM!

3

1

16

Fellows

@mafellows

1 year

@dvassallo If only they knew that most direct-to-consumer physical products operate at 80% gross margins 😂

0

14

Fellows

@mafellows

1 year

POV: It's day 12 of a 900 SLOC audit and you barely understand the code and can't find any bugs

1

0

14

Fellows

@mafellows

1 year

@TTLinkie3299 @anikilinky If you’re not a dev then don’t worry about it. Tl;dr: $link team good. (But you already knew that)

3

1

10

Fellows

@mafellows

1 year

Crypto is 90% people gambling to make money. 9% people trying to scam you to get that money. 1% people building real things.

1

0

10

Fellows

@mafellows

10 months

I’ve been playing around with some other smart contract languages for fun. It’s amazing how far we’ve come in solidity. Kudos to the foundry team and many others who have enabled these incredible tools to be built.

joseph.eth

@josephdelong

10 months

I absolutely love foundry, it has taken Solidity dev ex from a 2 to an 11

20

7

229

1

0

11

Fellows

@mafellows

1 year

@PopPunkOnChain Token_final_final.pdf

0

11

Fellows

@mafellows

1 year

According to job posts and Upwork data, there's about ~30X greater demand for smart contract *developers* than *auditors*. If you feel like there aren't enough opportunities in Web3 security for you, consider making the switch. Your experience will not be wasted.

1

9

Fellows

@mafellows

1 year

Easy tips to save gas: - avoid writing bools to storage - cache state variables, functions, and array length outside of for loops - group like types together in structs

0

11

Fellows

@mafellows

1 year

As the bull market approaches, remember... Instead of buying another token, invest in your knowledge of Solidity. It’s the best asset you’ll ever have.

1

9

11

Fellows

@mafellows

1 year

Multiple audits on the horizon. You’ll learn more going deep in one versus shallow in many.

0

4

10

Fellows

@mafellows

1 year

I know a lot of auditors follow me, but I need a Solidity developer for a project. Please DM!

5

2

9

Fellows

@mafellows

1 year

Step 1: Write extensive test coverage (90+%) Step 2: Catch as many issues as possible with automated tools. Step 3: Hire an independent security professional Step 4: Hire a security firm Step 5: Audit contest Step 6: Fix issues & repeat if >10HM issues OR go back to #5

0xasen.eth

@asen_sec

1 year

If you're a protocol and after an audit contest there are 10H and 5M issues found You've simply showed up unprepared. This should NOT happen if you've done: - proper testing - fuzzing/invariant tests - consultation with a security professional Security is an ongoing process.

5

3

24

2

9

Fellows

@mafellows

1 year

@WatcherGuru On what? Income? They don’t have any? Assets? Good luck..

0

6

Fellows

@mafellows

11 months

@solidityauditor Also should add: “Can you test this dapp for me” Which is a wallet drainer.

1

0

9

Fellows

@mafellows

1 year

@viibeeng

0

1

7

Fellows

@mafellows

1 year

@traversymedia Very rarely

0

Fellows

@mafellows

1 year

If you’re writing smart contracts, you MUST understand the checks-effects-interactions Here’s a simple explanation👇

2

0

7

Fellows

@mafellows

1 year

@WatcherGuru Amazing I’m sure she will make a big impact

0

3

Fellows

@mafellows

1 year

@nisedo_ @sockdrawermoney @EthCCweek @code4rena Great episode - C4 is easily the most successful DAO that isn't a protocol where the founders & investors are actually the ones that control the governance. Bravo for incredible execution @sockdrawermoney

1

0

8

Fellows

@mafellows

1 year

@stinkumm

1

0

8

Fellows

@mafellows

8 months

There's an AI smart contract security company trading at $34 million market cap. And I bet not one legitimate smart contract auditor knows what it is.

4

0

8

Fellows

@mafellows

1 year

BREAKING Starting with Solidity 0.8.22.. Redundant overflow checks will be a thing of the past. Farewell my old friend.. unchecked { i++; } We realize this eliminates the core value proposition of @AuditBase_ and will be ceasing operations. Effective immediately

0

7

Fellows

@mafellows

11 months

A friend texts you and has a new product available. Immediately buy. Support the homies. Some folks don't have any...

1

8

Fellows

@mafellows

7 months

Most don’t know this about ERC20… `decimals` is not part of the ERC20 standard. `name` is not part of the ERC20 standard. `symbol` is not part of the ERC20 standard. Don’t make assumptions when calling these on an ERC20 contract

0

8

Fellows

@mafellows

10 months

Do any of my followers run a small smart contract audit firm? I'm looking to invest in one and have a few interesting partnership ideas around automation and lead gen...

1

0

8

Fellows

@mafellows

1 year

@Cernovich Idk maybe the computers just crash and then they fix it? Happens to southwest almost every year 😂

0

4

Fellows

@mafellows

1 year

@bytes032 Harder than they expected. Most people come in thinking they can make that sweet web3 cash. But it's highly competitive

1

0

8

Fellows

@mafellows

1 year

@lyvoo

0

8

Fellows

@mafellows

1 year

@TheStalwart @lokoyacap API access is pretty great too. Lots of wrappers driving traffic

1

0

8

Fellows

@mafellows

11 months

Seen this as well! Be safe 👇

33Audits

@solidityauditor

11 months

WARNING TO ALL AUDITORS. There's a group of bad actors currently targeting auditors. They've reached out to me from three different accounts telling me they want to hire me and asking to me install some software to get an idea of the "job" Clearly this is a scam. But don't

14

34

153

0

6

Fellows

@mafellows

7 months

- 250 SLOC - Defi Lending Protocol - Pre-TGE - 14 day turnaround What are you charging for this audit?

Less than $5,000

97

$5,000 - $10,000

55

$10,000 - $20,000

15

$20,000+

15

1

0

6

Fellows

@mafellows

1 year

Real World Assets = Real Token Value #Chainlink

0

1

7

Fellows

@mafellows

1 year

@VittoStack If your devs aren't slonking raw milk, doing olympic lifts, and training MMA, then you're honestly not fundable anymore.

0

2

Fellows

@mafellows

8 months

@friedoystercult “Escape the 9-5 life and come join the 9-9 life”

0

5

Fellows

@mafellows

1 year

Zk audit is pushing the bot to the limits 😅

1

0

5

Fellows

@mafellows

10 months

Thank you for the shout out! Anyone looking for a free bot report and test drive of our new AI audit software?

0xDjango

@0xDjangoOnChain

10 months

GasbotV2's round of audits are complete. Here's the list of all security steps that were taken 👇 1) We received extensive help building out the @gasbot_xyz test suite, reaching 100% code coverage. We brought on @testereum and would highly recommend. Not only is the test suite

7

59

0

5

Fellows

@mafellows

7 months

Web3 Security improves every day. AI will only get better. Code Scanners will only get better. (Good) Auditors will only get better.

3

1

5

Fellows

@mafellows

1 year

@ChainLinkGod All of these are huge but we’ve just scratched the surface on function capabilities

0

5

Fellows

@mafellows

1 year

@Oliver_Secure don't think it's a flex as much as self-motivation to do better in the future

0

6

Fellows

@mafellows

1 year

@Duderichy Tech sales

0

4

Fellows

@mafellows

1 year

@d7Mtg @TheStalwart @lokoyacap GPT-4 and GPT-3.5 turbo made the product actually commercially viable for third parties

1

0

5

Fellows

@mafellows

7 months

Working on a new Solidity project? The trick to instantly tell your Solidity dev has no idea what they’re doing. Using Solidity version >= 0.8.0 and put this in their code: `using SafeMath for uint256`

0

1

5

Fellows

@mafellows

1 year

@MarioNawfal any good studies on myocarditis risk from covid vs vaccine?

1

0

3

Fellows

@mafellows

1 year

@ChainLinkGod Much appreciated - been following you for a minute 😅

0

4

Fellows

@mafellows

1 year

@0xKaden @gogotheauditor Yep if you’re a protocol who wants this service for free, shoot me a DM

0

1

5

Fellows

@mafellows

7 months

Trick to stay on top of new and interesting findings: 1) Visit 2) Filter by source: “Code4rena”, “Spearbit”, “CodeHawks” 3) Severity: “High”, “Medium” 4) Set Findings: “At most = 1” 5) Reported after: “December 1st, 2023” Study these

0

1

4

Fellows

@mafellows

1 year

Someone just came to me asking if I could help withdraw ETH stuck in a contract. If your contract can accept ETH, you should have a mechanism to withdraw the funds. This is another example of an issue easily caught by automated tools.

4

1

2

Fellows

@mafellows

1 year

I fear not the man who has audited 10,000 protocols once, but I fear the man who has audited one protocol 10,000 times.

0

5

Fellows

@mafellows

1 year

👀👀

Mislav • Klaster

@ox_shaman

1 year

Multichain Pools powered by @chainlink #CCIP are fully functional. We got frontend running today! 😍 @duimane See how "tokens received" changes when we change which chain we're using liquidity on. This allows you to choose the most liquid pool on any chain to swap your tokens!

11

38

216

0

3

Fellows

@mafellows

1 year

Those people building now will be rewarded when the market comes around

0

1

5

Fellows

@mafellows

7 months

@FunTime87682 @mitchellcmorris @BarkNyrk Yea idk what is up with this “I don��t want to make $500k cope”

1

0

4

Fellows

@mafellows

1 year

@pashovkrum would add.. get an automated audit from one of the top bots. Will catch ~90% of the issues according to data from recent c4 contests.

2

0

5

Fellows

@mafellows

1 year

Early in the morning or late at night is when the best work gets done

0

5

Fellows

@mafellows

1 year

12 mistakes a Solidity developer should never... EVER make.. 1. Improper Access Control - Always make sure only authorized users can perform the desired action.

1

3

Fellows

@mafellows

1 year

@jaredpalmer @vercel @shadcn Very cool 😎

0

Fellows

@mafellows

9 months

Unpopular opinion. ~90% of the issues in an audit contest can be found by automated issues (bots + GPTs) and it's a feature, not a bug. Two years ago, I dealt with dozens of audit firms + private auditors. Automated tools are lightyears better than these firms were during a

0xVlad

@shtankova

9 months

A lot of audit competitions today see a large inflow of low-quality, ChatGPT generated issues This puts a lot of pressure on judges and lead auditors, requiring them to go through a lot of garbage But this shouldn't be a hard problem to solve 1) Consider it as a DDOS attack

0

11

1

3

5

Fellows

@mafellows

1 year

@itsmebutterz Step 1: become link marine Step 2:

0

1

4

Fellows

@mafellows

7 months

A North Korean cartoon just stole $62M dollars on the hottest L2 in crypto. How does a werewolf JPEG get to the point of threatening the aura of decentralization? Let’s break it down.. First, you have to get the job. To do this, you’ll masquerade as a resident of another

3

0

5

Fellows

@mafellows

1 year

Need a that cares somewhat about security so your keys don't get rugged by T-Mobile

undefined

Join the club on friendtech

www.friend.tech

0

3

Fellows

@mafellows

1 year

@Smaknificent I can’t show you one because it simply does not exist, ser

0

1

4

Fellows

@mafellows

1 year

@reactive_dude How’s Xcode these days? That’s was the straw that broke the camel’s back for me on mobile dev

1

0

Fellows

@mafellows

7 months

There’s currently 6 active contests on Code4rena. How many of them are utilizing bot races? Zero. Here’s why I think they are being “unofficially” phased out by c4 (and what protocols can do instead)... 1. Judging the bot races is hard. There’s a quick 24 hour turnaround.

0

4

Fellows

@mafellows

1 year

@aionescu LGTM

0

Fellows

@mafellows

1 year

@iSamyadeep @codyschneiderxx @PaulwRice Bro of course they exist. That’s the point. If you’re going into a market that has zero competition, you’re probably wasting your time. Pick a niche, tweak it a bit to add your own flare, and market the shit out of it.

1

0

4

Fellows

@mafellows

7 months

@bytes032 What’s hilarious is I don’t even think this would be a valid finding in a c4 bot race 😂😂

0

5

Fellows

@mafellows

1 year

@BradMichelson @BTC_JackSparrow What is exactly wrong about this statement?

0

4

Fellows

@mafellows

11 months

While I agree that this is a good system for taking profit, there’s one thing I would clarify… Yes, take profits and reinvest. But get your profits out of the digital casino. Invest in stocks, RE, a business, etc. If you keep investing in crypto, you’re still susceptible

juanito

@juanito_NFT

11 months

Alex Becker just posted a video telling everyone to SELL all their crypto I summarized all 45 minutes into a 3 min thread Keep reading if you want to learn how and WHEN to sell your crypto👇

133

171

1K

3

0

3

Fellows

@mafellows

1 year

@PGATUOR My third wife is fine with me playing all the time

1

0

4

Fellows

@mafellows

1 year

@Strandjunker Four words: start a tech company

0

2

Fellows

@mafellows

1 year

@GrindingPoet Chicks dig status. There’s a line of people trying to talk to that guy at public events

0

3

Fellows

@mafellows

1 year

@cadenjara Rolling up to the coffee shop at 8:45 with the post workout sweat will always be the ultimate flex

0

4

Fellows

@mafellows

1 year

@mbertulli Yea they’re jacked up. Spent our budget in an hour for a new campaign. Ads were stuck in approval queue for over a week. Others experiencing similar behavior

0

4

Fellows

@mafellows

1 year

@SynapseProtocol Flood had enough I guess 😞

0

3

Fellows

@mafellows

11 months

Do not use ANY dApps. An open-sourced Ledger library was compromised. Stay safe 🙏

0

4

Fellows

@mafellows

9 months

@BowTiedOx

1

0

4

Fellows

@mafellows

1 year

@dennishegstad depends on the lifestyle, not the numbers 🤷‍♂️

1

0

4

Fellows

@mafellows

1 year

99% worried about tokenomics and "coin go up" 1% worried about product-market fit. Guess who wins?

0

3

Fellows

@mafellows

7 months

🚨🚨🚨 Prisma Finance was hacked! Here’s what we know: - Total loss is about $11.9M - Hacker funded the wallet via FixedFloat - Attacker contract: - Where the hacker transferred the funds:

Fake_Phishing327653 | Address 0x7E39E3B3ff7ADef2613d5Cc49558EAB74B9a4202 | Etherscan

The Address 0x7E39E3B3ff7ADef2613d5Cc49558EAB74B9a4202 page allows users to view transactions, balances, token holdings and transfers of ERC-20, ERC-721 and ERC-1155 (NFT) tokens, and analytics.

etherscan.io

2

1

3

Fellows

@mafellows

1 year

@markallanbovair Or 3 make more money

0

4

Fellows

@mafellows

1 year

@spreekaway Create the problem. Sell the solution. Oldest trick in the book 😂

0

2

Fellows

@mafellows

1 year

@zjbrenner Check out RWAs and CCIP

0

3

Fellows

@mafellows

1 year

$20k bot pool 👀

0xhuy0512

@0xhuy0512

1 year

The distribution of the @zksync contest pool on @code4rena is finally being revealed 😍😍😍 Are you ready, wardens? ⚔️⚔️⚔️

0

15

0

2

Fellows

@mafellows

1 year

We're moving from an era where SaaS products are tools to help you achieve an outcome... To one where the tool delivers the outcome.

1

7

3

Fellows

@mafellows

1 year

@pashovkrum Strong praise, ser. We’re hard at work 🙌

0

3

Fellows

@mafellows

1 year

@code4rena The best innovation in the space yet 🙏

0

3

Fellows

@mafellows

1 year

@imgyf "I'm cutting off my camera to save bandwidth" AKA not pay attention

1

0

3

Fellows

@mafellows

1 year

@matthew2point0 this is literally my coffee budget. Can't imagine

1

0

3

Fellows

@mafellows

1 year

@Pentosh1 The same

3

0

1

Fellows

@mafellows

8 months

The cost of doing bare minimum security checks is near zero. Step 1: and get a high quality code scan. Your first one is free. Step 2: Run the code through a GPT to catch BS like this. Step 3: GET AN AUDIT!

ChatGPT - AuditBase Smart Contract Auditor

A smart contract auditor identifying issues with detailed, report-style responses.

chatgpt.com