@immunefi Elite All Star | Security Researcher @_blockian | #21 all-time whitehat @immunefi | #8 all-time whitehat @hackenproof
Joined March 2023
- Tweets 728
- Following 248
- Followers 1,942
- Likes 3,040
50 Photos and videos
Pinned Tweet
17 Apr 2025
Another milestone on our @immunefi journey!
But I’m not settling — most whitehats at this level have already hit $1M.
We still have work to do to earn this spot truly, and we will get there.
Mark my words 🫡
17 Apr 2025
Just reached rank 30 on @immunefi all-time!
This also marks the halfway point on the road to $1 Million!
▓▓▓▓▓░░░░░ $527k / $1M
7
3
74
11,860
Feb 11
2026 really said “no chill” - one wild payout after another.
Security researcher ily2 has just earned a staggering $3,000,000 from submitting a critical smart contract bug via Immunefi.
That's the largest single payout in web3 security in recent memory.
In total, he's submitted 3 reports. All 3 were paid. 100% accuracy.
His leaderboard update is coming soon, but you can pledge IMU to him now and earn when he finds the next one:
immunefi.com/pledge/ily2
4
2
96
4,362
Feb 9
Oh wow! I’m truly honored to see that. Thank you so much for the support and belief!
The @_blockian team just received a 30,000 IMU pledge after winning a $40,000 bounty.
More wins, more IMU pledged, more security.
3
8
50
4,848
Feb 9
This is something nice to come back to after vacation.
The AI agent is performing more and more consistently, and I think that’s what really defines a strong security researcher. Not just luck (well, maybe a little), but consistent ability to find real bugs.
That’s why the AI is called kritt.ai - only Criticals. All AI. No luck (some luck)
The dynamic duo @_blockian is at it again.
They just found a blockchain/dlt crit, earning them $40,000.
Their AI tool clearly works.
2026 is going to be a race: who can build the best AI tool and prove it by posting wins on the Immunefi leaderboard?
In the meantime, you can earn IMU rewards whenever Blockian finds a bug by pledging IMU here:
immunefi.com/pledge/Blockian…
8
1
78
6,424
Feb 6
Nice job! I guess you guys currently have the second-best ranked AI agent out there 😉
(After @_blockian aka me, currently ranked #1 in the last 90 days - all thanks to AI)
We're thrilled to finally reveal: oct0pwn is Octane
10% of the year has passed and we're still at the top of the 2026 @immunefi leaderboard. And #4 in the last 90 days behind three truly elite auditors.
Is this the first time an AI has held top spot?
3
16
123
8,940
Feb 3
The “getting paid fairly” section hit way too close to home 🥲
Feb 3
I've created a site to share some ideas.
My first post is about being a professional whitehat, and how I evaluate potential rewards to decide where to hunt.
whitehatmage.github.io/posts…
19
2,296
Jan 31
Great time to pledge some IMU to @Ehsan1579 on @immunefi
Jan 30
Truly honored.
I see a huge future for zkSync and I’ll be collaborating even more to help keep the protocol as secure as possible.
Massive shoutout to the zkSync security team, incredibly fast at patching issues and always a pleasure to work with. A security standard the rest of Web3 should aspire to.
3
8
65
7,344
A Security Researcher recently got paid $250k for finding a Critical Severity vulnerability using his agentic AI system
The vulnerability could have enabled ~$500M in theft. What you are seeing is the Bleeding Edge of web3 security. GGWP @ControlZ_1337
11
10
177
9,309
Jan 26
I’ve been getting a lot of questions about how this bug was found, so here are the answers:
kritt.ai/technical-review
This is a technical review of how Claude Code was used to uncover this crazy bounty, and more broadly how AI can be leveraged to find Critical and High-severity issues.
Just a few days ago, the legends behind @_blockian found a max critical that earned them $250,000.
Merry Christmas!
26
51
457
57,702
Jan 21
Another paid High-severity issue found with AI.
(This one’s actually from last week - I just forgot to post it)
@HackenProof
13
5
233
7,607
Jan 21
Be like @0xriptide - don’t post nonsense just for marketing. Post real findings, backed by actual receipts.
Jan 21
another humble finding at @therealgregoAI
no AI hype
just receipts
2
41
3,125
Jan 19
Choosing a 3-week timeframe and claiming “we’re number one” is… an interesting strategy
Jan 19
In just 4 weeks, Cantina hit #1 on @Hacker0x01's collectives leaderboard, ahead of industry leaders like @xbow, @wiz_io, and @flysec_corp.
Our AI Code Analyzer was how we got there. It's consistently producing confirmed critical and high-severity findings on code in production.
Waitlist access below.
1
83
8,277
Jan 16
At this point it feels like @hrkrshnn and @cantinaxyz are just copying me 🤣 First the High Cosmos bug, now showing up on the @HackenProof weekly leaderboard.
I’ll be very upset if your AI will beat my AI recent $250K bounty (before I'll beat it again).
x.com/HackenProof/status/197…
Jan 16
TOP 3 researchers of this week:
🥇@cantinaxyz
🥈count-sum
🥉@keterka
Want your handle here? Join active programs:
hackenproof.com/programs
2
44
5,767
Jan 16
Nice way to end the week and kick off my snowboarding vacation 🏂
The next step is teaching the AI to write its own PoC's and submit reports end-to-end. At that point, the infinite money glitch officially unlocks.
@immunefi
11
3
150
12,723
Jan 8
The AI security tool that I’m building also found a high-severity vulnerability in Cosmos! But with all the Critical bugs it uncovered as well, I never got around to writing a post about it 😉
Jan 8
The AI security tool we’re building surfaced a high-severity vulnerability in Cosmos’ bug bounty, confirmed on HackerOne. We’re designing it for signal > noise so organizations can prioritize real risk.
The waitlist is now open.
9
6
223
17,860
31 Dec 2025
This is crazy!! 🤯🤯🤯🤯
31 Dec 2025
Seems like board got shuffled on a last day 👀
Someone named jinxorder got a 1mil bounty as a Happy New Year Present
Thanks for playing
1
31
3,188
30 Dec 2025
I think this might be the largest bounty so far for an AI-assisted finding.
And yes, confession time: I used the AI tools I’ve been working on over the past few months to help find this bug. I’d love to say it was all me, but that wouldn’t be honest. The world is changing, and AI is clearly becoming a big part of it.
Just a few days ago, the legends behind @_blockian found a max critical that earned them $250,000.
Merry Christmas!
30
14
315
37,024
27 Dec 2025
There’s been a clear trend in recent years of bounty payouts shrinking, yet @WhiteHatMage still managed to break the $1M mark this year. The ONLY researcher on Immunefi to do so in 2025 - that’s crazy.
26 Dec 2025
Officially at the top of @immunefi 2025 Leaderboard 🧙♂️
The biggest web3 bug bounty platform in the world.
This will be a very special year for me. Thanks to everyone that followed along this story.
It's now the time for a new whitehat to shine. Wish you good luck, hunter.
2
1
55
3,800
25 Dec 2025
How did I do on my 2025 New Year’s resolutions?
❌ $1M in revenue -> Failed
Total revenue this year across all platforms audits: $907K
❌ $1M in a single bounty -> Failed
Biggest single bounty: $250K on Immunefi
✅ Top #30 on @immunefi -> Success
Reached rank #22 just yesterday
✅ Full planche -> Success
Can hold a full planche for ~4 seconds
Some accomplishments that weren’t on my original list:
✅ Top #10 on @HackenProof
At the start of the year I’d never even tried HackenProof, but after @WhiteHatMage went on a journey to other realms, I decided to give it a shot. Had a lot of fun and reached #7 all-time.
✅ Snowboarded for 4 months
Took a much-needed break at the start of 2025 to snowboard. Best trip of my life.
✅ Had fun
Beat Silksong, E33, and generally learned to slow down a bit. This year taught me that taking breaks and enjoying life actually matters.
So while I technically failed most of my 2025 resolutions, it was still a great year overall. Here’s hoping 2026 will be just as good -
and that I’ll do a better job sticking to my resolutions this time 😄
9
6
152
8,337