In this episode security researcher HickupH shares multiple jaw-dropping stories from his stints in web3!
This podcast features an interview with 'Hickup,' an independent security researcher and a lead researcher at Spearbit with a background in applied mathematics. Hickup discusses his path into the crypto world, starting with an involvement with Ethereum during an early internship and eventually leading to full-time work in the industry.
He details his experience working with various projects and how he gradually shifted from a developer role to a security role, particularly highlighting the importance of team dynamics in conducting security reviews.
Hickup also provides advice for aspiring auditors, emphasizing the need to have a mental model of how a protocol is expected to function. He encourages auditors to leverage their mathematical background to understand the subtleties of DeFi projects, particularly in relation to topics like numerical analysis and calculus.
He shares his experiences with CodeArena and talks about the evolution of issues and how the number of wardens participating in CodeArena has affected the rewards from audits. Hickup discusses his experience working on a side project where he was mistaken as a hacker due to some coincidences and how he helped clarify the situation. The conversation also covers Hickup's fascinating experience with the DeFi Summit CTF where he worked with a beginner auditor.
In conclusion, Hickup emphasizes the importance of community and personal interaction among auditors and even hackers. He suggests learning from each other's tools, and techniques can bring progress in the field.