Heyo,

Jules here, from Cyfrin.

3 months ago, we launched Cyfrin Updaft in closed beta because we wanted to give you an amazing experience.

Since then, we have received:

• 70,000+ applications

• 11,000+ early access students

• 2000+ feedback

Today, we’re happy to announce we’re opening Cyfrin Updraft, the ultimate web3 education platform, to everyone for free! 🚀

This week

✍🏼 What to do if you find a bug in a live code?

📆 Cyfrin ecosystem updates

📚 Auditor roadmap, web3 tools, and oracle manipulation attacks

What to do if you find a bug in live code?

You found a bug in a live smart contract. The clock is now ticking. What to do?

🙅🏻‍♀️ Firstly, do not exploit it. There could be legal ramifications. There are two exceptions to this rule:

• A malicious exploit that is already in the mempool.

• There is a safe harbor agreement.

🤷🏻‍♀️ So, what should you do?

1. Get in contact with the protocol, bug bounty platform, or whoever is responsible for owning the codebase.

2. Make sure you’re communicating on a secure line.

3. Prove the bug exists.

4. Come up with a fix.

5. Roll out a post-mortem.

— Read more about white hatting smart contracts here!

This week at Cyfrin

🎨 This week, we published the new Cyfrin website giving our brand a full revamp.

🏆 The Vyper contest is done! Congrats to Kuro from Binance Security Team for winning top place with a $50,000 reward.

🚀 Dolomite Margin is a composable margin trading and lending protocol running on Arbitrum. Here’s what we learned from auditing their protocol.

Related articles

✍🏼 Here are the top 5 web3 developer tools for 2024 to help you speed up your workflows and allow you to code.

⚡️ Here’s everything you need to know about one of the most common crypto attacks in recent years - oracle manipulation attacks .

👩🏻‍💻 Want to become a smart contract auditor? Here’s a full roadmap.

Let us know what you think about this newsletter here!

Sending lots of cyber love,
Jules 🤸🏻