@code4rena: A humble suggestion to introspect on your internal data regarding bot races & decide whether to continue them in their present form or not.

A 🧵⬇️ into the potential harm these races might cause to budding auditors. 1/ What exactly are bot races?

They involve advanced auditors transforming their expertise into bots.

These bots identify generic vulnerabilities, competing for a slice of contest rewards. 🤖💰

@CyfrinAudits is participating in the Chainlink contest on @code4rena

Before diving into any audit, we like to huddle up, jot down notes & create mental maps

We've decided to share our notes with everyone! Goal is to help fellow auditors working on this incredible initiative Cross-chain messaging protocols have seen insane hacks. At Cyfrin, we firmly believe @chainlink is building a vital infrastructure for the future of Web3

Our primary focus: strengthening this protocol. Making these notes public is part of that commitment

First, purpose of CCIP

Time for a deep dive into my audit process.

IMO, audit process is a deliberate plan to tackle every step in an audit, right from choosing one to reviewing final findings. Today I’ll discuss the first leg of this process.

Lets roll.. Let’s start with the Why. Why do I need a process.

As James Clear in his book `Atomic Habits` says, “you do not rise to the level of your goals, you fall to the level of your systems”

My 3 reasons:

1. Maximise efficiency
2. Maximise learnings
3. Minimise burn-out

Hi guys! Sorry for a delay on my promise to share a roadmap for improving audit skills.

While creating this roadmap & timelines, I've assumed a person is relatively new to smart contracts & would be able to invest 3-4 hours a day...

So here we go... I recommend these 7 steps in that order with expected timelines. I estimate that a person needs ~26 weeks of preparation to start cracking those C4/Sherlock audits