-
Main Channel t.me/blockchain_lobsters
https://vxtwitter.com/reserveprotocol/status/1894428711157731510
Читать полностью…
Historical cases are not good for benchmarking LLMs, because it could use knowledge instead of reasoning, what is not good for new cases.
>And do you really need to pay 1$ / line if your tools needs to rerun 3-4 times to find all vulnerabilities?
because we do multiple runs per line of code.
That was my main concern and you confirmed it.
Skipping through all the test cases, those are pretty basic.
I would propose to expand the test cases with some major real-world exploits from code perspective ans business logic faults (those will be very hard to spot for an LLM, here a truly good auditor shines)
And do you really need to pay 1$ / line if your tools needs to rerun 3-4 times to find all vulnerabilities?
This should be something that is automatically done
-> run a - > find errors / vulns -> rerun in the background and check whether new vulns pop-up in the proposed / fixed new version of the code
Best-in-class human auditors are still the best.
Savant shows the results of a middle-level human auditor.
https[:]//github[.]com/auditdbio/ctfbench
Savant is not just one more LLM audit (it is visible on the bench). It consumes really huge amount of inference. So, that's why the price.
We recently released http://Savant.chat, AI tool for audits, that achieves near-perfect vulnerability detection—outperforming other AI auditors and o3-level LLMs with 87% accuracy.
We created a benchmark for most AI auditors at ctfbench.com,
classifying thousands of issues in the process.
The result turned out to be much better than anything else on the market.
We added the ability to upload projects and top up your balance.
Projects are now only visible in your personal account, not to everyone.
Currently, 16 H100 GPUs are running, waiting for smart contracts.
You can audit up to 250 lines for free using cloc (150 welcome bonus + 100 promo for ethdenver2025).
Bybit CEO Ben Zhou launches LazarusBounty at http://lazarusbounty.com, the industry's first bounty site offering full transparency on sanctioned Lazarus money laundering activities, enabling bounty hunters to connect wallets, trace funds, earn instant rewards when freezes occur (with freezers receiving 5%), and access live rankings to expose bad actors. - 𝕏/@benbybit
Читать полностью…
Just saw your profile and see that you track the hackers and negotiate the release of exploited money. Quite interesting stuff. Do you think Bybit can get some of the money back considering it's Lazarus group ?
Читать полностью…
It worked, simultaniously showing me error with 3$ gas fee on scroll and wasting couple hours of my life
Scroll is a worst among big l2s and team is incometent theifs
Gas is always incorrect at scroll, before i was able to put what ever manually, but now that doesnt help
Got like 20 transactions failed
Seems to work fine for me, maybe do the usual troubleshootings (restart the browser/wallet, etc....)
Читать полностью…
not devs. I was told the best marketing people are here
Читать полностью…
I don't think I was being salty. I just said that it's obvious why you would say that your solution is the best in DeFi and it's not really contributing anything to the discussion because you're so obviously massively biased as the CEO. Of course I'm also biased in bringing up OEV, but the difference is that I didn't say it's the only option and I said it is very effective in the _vast majority_ of cases, not that every protocol leaks a shit ton of OEV - although yours will too, despite your health scores, if you ever reach a massive enough scale. What you're doing is trying to minimize the liq fees leaving the protocol, but whatever is leaving is still going to the validators. Our solutions are not mutually exclusive.
Читать полностью…
Considering recent bybit hack it is better to use proper channel to hire people for your projects. A thorough inspection of background is also recommended to avoid North Korean devs.
Читать полностью…
Japanese companies usually do this for retired ceos
Читать полностью…
and human audits may be become better and more expensive with savant.chat
Читать полностью…
It is not working so good if you make multiple vulnerabilities in the same place (for 4 vulnerabilities per the same function it founds 1-3 per one run). But you can fix vulnerabilities and run Savant again.
Читать полностью…
How does it compare with best in class human auditors?
1$ / line of code for an LLM based audit is a bit steep.
and somehow the audited test smart contracts are missing here:
https[:]//ctfbench[.]com
For full transparancy one should be able to replicate the results.
And I may question as well the approach with testing only with the one vulnerability per smart contract approach.
It would be very valuable how those tools handle nested vulnerabilities. The results might be completly different.
If your project needs a pentest, I can recommend hexens.io (dm @Noyer_1k) 👀
Читать полностью…
Depends which kind. DM me and I can send you the direction you should go in depending on what you're trying to pentest.
Читать полностью…
MM was problem, too, when apparently i made permissions for to many dapps for to many account its become unusable
But as i removed this permissions and restart it is work fine again
Hey lobs,
At Ambire we doing deep live user interviews on our wallet and we are looking for experienced testers who like to fuck around and find stuff.
It takes ~ 30 mins - you do regular stuff using Ambire, you tell us your honest opinon and we send you some USDC to thank you.
If you are interested, head to this Typeform and submit it. We will get in touch with testers soon. Please do not send it to anyone outside the Kingdom 🙏 https://survey.typeform.com/to/yv7clRue
Trying to made 1 transaction on scroll for the second day and it did work, all the time errors
Did it work for you guys!
I don’t see in an issue in open and respectful debate about protocol design - especially between passionate builders.
That’s actually one of the elements I love most about this industry - even if not everything is agreeable.
Curve mechanism is awesome to be honest. Fluid is a nice system too.
Читать полностью…